Product Description:
General Manufactures Description Page
Description
|
The Cisco® PIX® 515E
Security Appliance delivers a wealth of advanced security and
networking services for small-to-medium business and enterprise
networks, in a modular, purpose-built appliance. Its versatile one-rack
unit (1RU) design supports up to six 10/100 Fast Ethernet interfaces,
making it an excellent choice for businesses requiring a
cost-effective, resilient security solution with DMZ support.
Part of the market-leading Cisco PIX Security Appliance Series, the
Cisco PIX 515E Security Appliance provides robust user and application
policy enforcement, multi-vector attack protection, and secure
connectivity services through a wide range of rich security and
networking services |
Manufacturers Part Number
|
| PIX-515E-R-DMZ-BUN |
| Features |
- Advanced Application-Aware Firewall
Services
- Market-Leading Voice-Over-IP and
Multimedia Security
- Robust Site-to-Site and Remote Access
IPSec VPN Connectivity
- Award-Winning Resiliency
- Intelligent Networking Services
- Flexible Management Solutions
|
| Firewall Services |
Robust
Stateful Inspection and Application Layer Security
Cisco PIX Security Appliances integrate a broad range of advanced
firewall services to protect businesses from the constant barrage of
threats on the Internet and in many business network environments. As a
secure foundation, Cisco PIX Security Appliances provide rich stateful
inspection firewall services, tracking the state of all network
communications and preventing unauthorized network access. Building
upon those services, Cisco PIX Security Appliances deliver strong
application layer security through 30 intelligent, application-aware
inspection engines that examine network flows at Layers 4-7. To defend
networks from application layer attacks and to give businesses more
control over applications and protocols used in their environment,
these inspection engines incorporate extensive application and protocol
knowledge and employ security enforcement technologies that include
protocol anomaly detection, application and protocol state tracking,
Network Address Translation (NAT) services, and attack detection and
mitigation techniques such as application/protocol command filtering,
content verification, and URL deobfuscation. These inspection engines
also give businesses control over instant messaging, peer-to-peer file
sharing, and tunneling applications, enabling businesses to enforce
usage policies and protect network bandwidth for legitimate business
applications.
Multi-Vector Attack Protection
Cisco PIX Security Appliances incorporate multi-vector attack
protection services to further defend businesses from many popular
forms of attacks, including denial-of-service (DoS) attacks, fragmented
attacks, replay attacks, and malformed packet attacks. Using a wealth
of advanced attack protection features, including TCP stream
reassembly, traffic normalization, DNSGuard, FloodGuard, FragGuard,
MailGuard, IPVerify, and TCP intercept, Cisco PIX Security Appliances
identify and stop a wide range of attacks, and can provide real-time
alerts to administrators.
Flexible Access Control and
Powerful Flow-Based Policies
Administrators can also easily create custom security policies using
the flexible access control technologies provided by Cisco PIX Security
Appliances, including network and service object groups, user and
group-based policies, and more than 100 predefined applications and
protocols. Using the powerful Modular Policy Framework introduced in
Cisco PIX Security Appliance Software v7.0, administrators can define
granular flow-based and class map-based policies, which apply a set of
customizable security services, such as inspection engine policies,
Quality of Service (QoS) policies, connection timers, and more, to each
administrator-specified traffic flow/class. By combining these flexible
access control and per-flow/class security services, the powerful
stateful inspection and application-aware firewall services, and the
multi-vector attack protection services that Cisco PIX Security
Appliances deliver, businesses can enforce comprehensive security
policies to protect themselves from attack.
Market-Leading VoIP Security
Services Protect Next-Generation Converged Networks
Cisco PIX Security Appliances provide market-leading protection for a
wide range of voice-over-IP (VoIP) other multimedia standards. This
allows businesses to securely take advantage of the many benefits that
converged data, voice, and video networks provide, including improved
productivity, lower operational costs, and increased competitive
advantage. By combining VPN and Quality of Service (QoS) with the
advanced protocol inspection services that Cisco PIX Security
Appliances provide for these converged networking standards, businesses
can securely extend voice and multimedia services and the benefits they
deliver to remote offices, home offices, and mobile users.
Robust IPSEC VPN Services Cost
Effectively Connect Networks and Mobile Users
Using the new full-featured VPN capabilities of the Cisco PIX 515E
Security Appliance, businesses can securely connect networks and mobile
users worldwide across low-cost Internet connections. Solutions
supported range from standards-based site-to-site VPN using the
Internet Key Exchange (IKE) and IP Security (IPSec) VPN standards, to
the innovative Cisco Easy VPN remote access capabilities found in Cisco
PIX Security Appliances and other Cisco Systems security solutions-such
as Cisco IOS® routers and Cisco VPN 3000 Series Concentrators.
Cisco Easy VPN delivers a uniquely scalable, cost-effective, and
easy-to-manage remote-access VPN architecture that eliminates the
operational costs associated with maintaining the remote-device
configurations that are typically required by traditional VPN
solutions. Cisco Easy VPN provides feature-rich remote access VPN
services, including enforcing VPN client security posture requirements
and performing automated software updates of Cisco VPN Clients, to
deliver secure, easy-to-manage remote access to corporate networks.
Cisco PIX Security Appliances encrypt data using 56-bit Data Encryption
Standard (DES), 168-bit Triple DES (3DES), or up to 256-bit Advanced
Encryption Standard (AES) encryption. Certain Cisco PIX 515E Security
Appliance models have integrated hardware VPN acceleration, delivering
highly scalable, high-performance VPN services.
Award-Winning Resilient
Architecture Provides Maximum Business Uptime
Select models of Cisco PIX 515E Security Appliances
provide award-winning stateful failover services that ensure resilient
network protection for enterprise network environments. Businesses can
deploy Cisco PIX Security Appliances using either an Active/Standby
failover design or a more advanced Active/Active failover design, which
supports complex network environments that require asymmetric routing
support. Failover pairs continuously synchronize their connection state
and device configuration data, thus providing an easy-to-manage high
availability solution. Synchronization can optionally take place over a
high-speed LAN connection, providing another layer of protection by
enabling businesses to geographically separate the failover pair. In
the event of a system or network failure, network sessions are
automatically transitioned between appliances, with complete
transparency to users.
Intelligent Networking Services
Enable Simplified Deployment and Seamless Network Integration
Cisco PIX Security Appliances leverage over 20 years of
Cisco Systems networking leadership and innovation to deliver a
wide-range of intelligent networking services for seamless integration
into today's diverse network environments. Administrators can easily
integrate Cisco PIX Security Appliances into switched network
environments by taking advantage of native 802.1q-based VLAN support.
Cisco IP phone deployments can benefit from the "zero-touch
provisioning" services provided by Cisco PIX Security Appliances, which
help the phones automatically register with the appropriate Cisco
CallManager and download any additional configuration information and
software images. Businesses can improve their overall network
resiliency by taking advantage of the robust Open Shortest Path First
(OSPF) dynamic routing services provided by Cisco PIX Security
Appliances, which can detect network outages within seconds and route
around them. Mission-critical real-time enterprise applications,
collaborative computing applications, and streaming multimedia services
can be securely delivered using the comprehensive PIM-Sparse Mode v2
and Bidirectional-PIM routing support provided by Cisco PIX Security
Appliances. Businesses can secure deployments of next-generation IPv6
networks using the advanced IPv6 security services provided by Cisco
PIX Security Appliances, while simultaneously securing existing IPv4
environments with the same appliance during the transition period
towards an IPv6 infrastructure.
Flexible Management Solutions
Lower Operational Costs
The Cisco PIX 515E Security Appliance delivers a wealth of
configuration, monitoring, and troubleshooting methods, giving
businesses flexibility to use the methods that best meet their needs.
Management solutions range from centralized, policy-based management
tools to integrated, Web-based management, to support for
remote-monitoring protocols such as Simple Network Management Protocol
(SNMP) and syslog. Cisco PIX Security Appliances additionally provide
up to 16 levels of customizable administrative roles, so that
businesses can grant administrators and operations personnel the
appropriate level of access to each appliance, for example: monitoring
only access, read-only access to the configuration, network
configuration only, firewall configuration only, and so on.
Next-Generation Centralized
Management Solutions
Administrators can easily manage large numbers of Cisco PIX Security
Appliances using CiscoWorks VPN/Security Management Solution (VMS).
This suite consists of several integrated software modules including
Management Center for Firewalls, Auto Update Server Software, and
Security Monitor. This powerful combination provides a highly scalable,
next-generation, three-tier management solution that includes the
following features:
• Comprehensive configuration and software image management
• Device hierarchy with "Smart Rules"-based configuration inheritance
• Customizable administrative roles and access privileges
• Comprehensive enterprise change management and auditing
• Intelligent discovery and optimization of security policies and
object groups
• "Touchless" software image management for remote Cisco PIX Security
Appliances
• Support for dynamically addressed appliances
Attack Mitigation and Event
Monitoring Solutions
Network-based attacks can be easily and accurately identified, managed,
and eliminated within commercial or enterprise environments using the
Cisco Security Monitoring, Analysis, and Response System (CS-MARS)
product family. CS-MARS appliances analyze and correlate security
events, syslog, and NetFlow data from numerous desktop, server, and
network security solutions to determine actual attack paths and provide
mitigation options, simplifying security incident management for
environments where dedicated security analysts may not be available.
Additionally, Cisco offers the CiscoWorks Security Information
Management Solution (CWSIMS), which is well suited for large
enterprises and managed security services providers with dedicated
security analysts who require in-depth data collection, forensic
analysis, audit and compliance, and reporting for complex, multi-vendor
networks.
World-Class Device Management
Solutions
The integrated Cisco Adaptive Security Device Manager (ASDM) provides a
world-class Web-based management interface that greatly simplifies the
deployment, on-going configuration, and monitoring of a single Cisco
PIX Security Appliance-without requiring any software (other than a
standard Web browser and Java Plug-In) to be installed on an
administrator's computer. Intelligent setup and VPN wizards provide
easy integration into any network environment, while informative
monitoring features, including a dashboard and real-time syslog viewer,
provide vital device/network health status and event monitoring at a
glance.
Alternatively, administrators can remotely configure, monitor, and
troubleshoot their Cisco PIX Security Appliances using a command-line
interface (CLI). Secure CLI access is available using several methods,
including Secure Shell (SSHv2) Protocol, Telnet over IPSec, and out of
band through a console port. |
| Specifications |
|
| Manufacturer |
Cisco Systems |
| Manufacturer Part Number |
PIX-515E-R-DMZ-BUN |
| Manufacturer Website
Address |
www.cisco.com |
| Product Line |
PIX |
| Product Name |
PIX 515E-DMZ Bundle Firewall |
| Marketing Information |
The
Cisco PIX 515E Security Appliance delivers enterprise-class security
for small-to- medium business and enterprise networks, in a modular,
purpose-built appliance. Its versatile one-rack unit design supports up
to three 10/100 Fast Ethernet interfaces, making it an excellent choice
for businesses requiring a cost-effective, resilient security solution
with DMZ support. Part of the world-leading Cisco PIX Security
Appliance Series, the Cisco PIX 515E Security Appliance provides a wide
range of rich integrated security services, hardware VPN acceleration
capabilities, and powerful remote management capabilities in an
easy-to-deploy, high-performance solution. |
| Product Type |
Firewall |
|
| Interfaces/Ports |
3 x RJ-45 10/100Base-TX Auto-negotiating LAN
1 x RJ-45 Console Management
1 x DB-15 Failover Port
|
|
| Data Transfer Rate |
10Mbps Ethernet
100Mbps Fast Ethernet Half/Full-duplex
9600bps Console
115Kbps Failover
|
| Data Throughput |
Up to 188 Mbps Unencrypted
Up to 63 Mbps 168-bit 3DES IPsec VPN Throughput
Up to 140 Mbps 168-bit 3DES IPsec VPN Throughput
Up to 135 Mbps 128-bit AES IPsec VPN Throughput
Up to 140 Mbps 256-bit AES IPsec VPN Throughput
|
| Performance |
User Connections
Simultaneous VPN Tunnels
|
| Stateful Packet Filtering |
Adaptive Security Algorithm (ASA) |
| Firewall Protections |
Denial of Service (DoS)
Malformed Packet Attacks
DNSGuard
FloodGuard
FragGuard
MailGuard
IPVerify
TCP Intercept
|
| VPN Support |
Easy VPN Server
Site-to-site VPN
- Supports IKE and IPsec VPN standards
- Ensures data privacy/integrity and strong authentication to remote
networks and remote users over the Internet
|
| Licenses |
Restricted Feature License
56-bit DES VPN Feature License
|
|
| Expansion Slots |
2 x PCI |
|
| Protocols |
SNMP
SIP
H.323 v4
SCCP
RTSP
NAT
PAT
IMAP
OSPF
SCEP
|
| Management |
Rich Management Capabilities: CiscoWorks
VPN/Security Management Solution (CiscoWorks VMS)
PIX Device Manager (PDM)
Auto Update
Cisco PIX CLI
Command-level authorization
SNMP and syslog support
|
|
| Processor |
1 x Intel Celeron 433MHz |
|
| Memory |
16MB Flash Memory
32MB SDRAM
64MB RAM Maximum
128KB Cache
|
|
| Input Voltage |
100 V AC to 240 V AC |
| Input Current |
1.5 A |
| Frequency |
50 Hz to 60 Hz |
| Power Consumption |
50 Wto 65 W |
|
| Temperature |
-25 °F (-31.67 °C) to 131 °F (55
°C) Operating
-13 °F (-25 °C) to 158 °F (70 °C)
Storage
|
| Humidity |
5 to 95% Non-condensing Relative Humidity |
| Altitude |
0 ft to 9843 ft Operating
0 ft to 15000 ft Storage
|
| Thermal Dissipation |
410 BTU/h @ 65W |
|
| Form Factor |
1U 19" Rack-mountable |
| Dimensions |
1.72" Height x 16.82" Width x 11.8" Depth |
| Shipping Dimensions |
11.5" Height x 19.75" Width x 23.00" Depth |
| Weight |
11 lb |
| Shipping Weight |
19.00 lb |
|
| Package Contents |
PIX v6.3 Software for the PIX 515E Chassis
(SF-PIX-515-6.3)
PIX 515E Restricted (R) feature license (PIX-515R-SW)
Blank to fill unused interface slots on PIX Firewall
(PIX-BLANK-SLOT)
PIX 10/100 Fast Ethernet interface card, RJ45 (PIX-1FE)
PIX DES VPN/SSH/SSL encryption license (PIX-VPN-DES)
|
| Additional Information |
Demilitarized Zone (DMZ)
System bus: Single 32-bit, 33-MHz PCI
Enterprise-Class Security:
True security appliance
Stateful inspection firewall
Easy VPN Server
Site-to-site VPN
Intrusion protection
AAA support
X.509 certificate and CRL support
Integration with leading third-party solutions
Robust Network Services/Integration:
Virtual LAN (VLAN)-based virtual interfaces
Open Shortest Path First (OSPF) dynamic routing
DHCP server
DHCP relay
NAT/PAT support
Flexible Expansion Capabilities:
Fast Ethernet expansion options
Hardware VPN acceleration options
Expansion:
Two 32-bit/33-MHz PCI slots
Two 168-pin DIMM RAM slots, supporting up to 64 MB
memory maximum
Environmental Operating Ranges:
Operating:
- Shock: 1.14 m/sec (45 in./sec) 1/2 sine input
- Vibration: 0.41 Grms2 (3-500 Hz) random input
- Acoustic Noise 45 dBa maximum
Nonoperating:
- Shock: 30 G
- Vibration: 0.41 Grms2 (3-500 Hz) random input
|
| Certifications &
Standards |
Safety: UL 1950
CSA C22.2 No. 950
EN 60950
IEC 60950
AS/NZS3260
TS001
IEC60825
EN 60825
21CFR1040
Electro Magnetic Compatibility (EMC):
FCC Part 15 (CFR 47) Class A
ICES-003 Class A with UTP
EN55022 Class A with UTP
CISPR 22 Class A with UTP
AS/NZ 3548 Class A with UTP
VCCI Class A with UTP
EN55024
EN50082-1 (1997)
CE marking
EN55022 Class B with FTP
Cispr 22 Class B with FTP
AS/NZ 3548 Class B with FTP
VCCI Class B with FTP,
|
|
| Standard Warranty |
90 Day(s) Limited |
|
|
INTERNATIONAL GROUND SHIPPING: 
