<div>
Not to mention that it's a lot easier to configure a PIX properly than CBAC.
</div>


Not to mention that it's a lot easier to configure a PIX properly than CBAC.

<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
Today IOS's ACLs and CBAC give us stateful inspection of packets, and I start wondering why invest<br />
money in PIX if today cisco's routers can also function as firewalls ?
</div>
</div>


Hi,

Today IOS's ACLs and CBAC give us stateful inspection of packets, and I start wondering why invest
money in PIX if today cisco's routers can also function as firewalls ?

PIX vs. Cisco Routers ACL

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).