ASA, PIX, and IOS Firewall ?

What is the advantages of using IOS based Firewall on 2800 series routers in comparison to new ASA or old PIX 515 devices.

How IDS features can be implement in the router's IOS? Any additional license require for IDS feature? Is it also possible to have IPS features in router's IOS? Is it possible to integrate some form of anti-X features like ASA and how?

Reply to
Loading thread data ...

You get a firewall on a router, which the PIX definately doesn't look like. If you need to do some routing, its much easier. For those that are more used to IOS, its easier to manage. You get about the same feature set overall. Downsides are the router platforms in the past don't have as good of throughput, but the 2800's are making up for that.

With the IDS Network module, same as with the ASA devices. The PIX doesn't have an IDS option.

No, you get the license when you buy the module.

You call it IDS, somebody else calls it IPS. It all blurs together depending on which vendor is doing the talking.

Traditional IOS does have some what would be called IDS/IPS now, but its fallen by the wayside in favor of the IDS network module.

Reply to
Doug McIntyre Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.