Overview of the Cisco Security Appliance
As discussed in Chapter 2, the design of the Cisco PIX Firewall and ASA Security Appliance
provides some significant advantages over application-based firewalls. The Cisco Security
Appliances are designed to be “performance built, best of breed, all-in-one security
appliances.” The PIX Firewall appliance provides state-of-the-art stateful firewalling,
protocol and application inspection, virtual private networking, inline intrusion prevention,
and outstanding multimedia and voice security. Having a single operating environment
allows the device to operate more efficiently. Also, because it was designed with security in
mind, it is not vulnerable to any known exploits.
Two key components that facilitate the outstanding performance of the PIX Firewall are the
Adaptive Security Algorithm (ASA) and cut-through proxy. Both are discussed in detail in
the following sections.