Firewall Builder for CISCO PIX is a module integrated into the Firewall Builder program suite.
When compared with other solutions like PDM, Firewall Builder for PIX has been designed to work in complex firewall policies in environments with multiple firewalls. PDM works well for smaller installations, but its limitations quickly become apparent when the firewall policy becomes more complex. It doesn't provide help with assigning rules to interfaces, It works on the same low level of "nat," "global," and "static" commands for NAT, doesn't allow for nesting of object groups, and has several other limitations.
Firewall Builder for PIX is an essential component that works as part of the Firewall Builder suite of programs. This program makes it easy to control and configure multiple firewalls from the same management workstation. It provides a unified view and standardized interface for managing all supported firewalls regardless of the platform. This feature opens up the unique opportunity of minimizing the cost of large firewall deployments by choosing a firewall platform from the wide variety of available solutions that are supported by Firewall Builder.
Firewall Builder for PIX provides unprecedented flexibility, giving you the option of using a combination of cheap but powerful open-source firewalls and solid Cisco PIX devices on the network and controlling all of them from the same central management station. Firewall Builder has been designed to work on all major Linux distributions, FreeBSD, Windows 2000 and XP, as well as Mac OS X. Some key features of Firewall Builder for Cisco PIX include:
- designed for complex firewall configurations
- can control multiple firewalls from the central management station
- utilizes an object-oriented approach to firewall policy design
- simplifies policy design
- can install policy updates without disrupting sessions opened through the firewall
Firewall Builder for PIX supports several features that appeared in PIX v6.3. These include the new fixup commands: 'ctiqbe', 'dns', 'icmp error', 'mgcp', 'pptp', 'sip udp', 'tftp', new logging features, and the support for "logging device-id" command. There's also support for marking ACL commands with original rule numbers using ACL remarks, commands "sysopt route dnat," and "sysopt security fragguard" are deprecated in v6.3, and much more.
Starting with this version, Firewall Builder for PIX has been released under the GPL and became a part of the main Firewall Builder code tree and binary packages. If you need a reliable software solution for your firewall policies, try Firewall Builder for Cisco PIX today.
Version 2.1.18: N/A