Cisco PIX 525
The Cisco PIX 525 Firewall is an enterprise firewall. It provides perimeter security for large
enterprise networks. The PIX 525 is rack-mountable in a 2U (3.5-inch) configuration. It has
a 600-MHz processor, up to 256 MB of RAM, and 16 MB of Flash memory. It has two fixed
10/100 Ethernet interfaces. The two fixed interfaces are Ethernet 0, which is the outside
interface by default, and Ethernet 1, which is the inside interface by default.
The PIX 525 also includes three PCI slots for the installation of up to six additional Ethernet
interfaces. It has a 9600-baud console port that is used for local device management. The PIX
525 can be configured for failover using a failover cable connected to the 115-kbps serial
connection or can be configured for LAN-based failover. The PIX 525 also can be configured
with a VAC. The VAC handles much of the processing of VPN traffic (encryption and
decryption), thus improving the firewall’s performance. The VAC is recommended for
firewalls that will connect multiple high-traffic VPNs.
Connection capabilities for the PIX 525 are as follows:
■ Maximum clear-text throughput—330 Mbps
■ Maximum throughput (3DES)—72 Mbps with VAC
■ Maximum throughput (3DES)—155 Mbps with VAC+
■ Maximum throughput (AES-128)—165 Mbps with VAC+
■ Maximum throughput (AES-256)—170 Mbps with VAC+
■ Maximum concurrent connections—280,000
■ Maximum concurrent VPN peers—2000
As shown in Figure 3-10, the PIX 525 has two LEDs on the front. These LEDs indicate that
the firewall has power and that the system is active (the OS is loaded and the system is
operational). The active light indicates which firewall is active in a failover pair.