What are the benefits of upgrading to PIX OS v7.1?

Posted on 2006-03-30
Last Modified: 2013-11-16
I was wondering what people's opinions are on upgrading to the PIX OS v7.1. I have enough RAM - I just want to know if it's worth it.

Also, does it support PPTP (Windows native VPN) like 6.3, or will I have to use the Cisco client?
Question by:brian975
    LVL 79

    Accepted Solution

    PIX 7.x adds a LOT of capabilities that you don't get with 6.x
    I like the new ASDM GUI as opposed to the PDM
    You will lose the PPTP support. Cisco VPN client only - sorry, but it's for the better anyway. PPTP is not secure.
    Much better VPN client control, much easier traffic control.
    You can setup an access list and enable/disable specific lines with a toggle of a check box without having to delete/recreate rules.
    DHCP server is now full service with all the options available to send to clients.
    LVL 5

    Assisted Solution

    Here are this list of new features for PIX IOS 6.3 >

    New Features
    The primary focus of this guide is to describe changed and deprecated features and commands in the PIX Security appliance Version 7.0; however, this section includes an at-a-glance look at the new features. For more information on these features in PIX Security appliance Version 7.0 and their accompanying CLI commands, see the following documents:

    •Cisco PIX Security Appliance Command Reference, Version 7.0

    •Cisco Security Appliance CLI Configuration Guide, Version 7.0

    •Adaptive Security Device Manager Online Help (previously known as PIX Device Manager, or PDM)

    The PIX Security appliance Version 7.0 introduces the following new features:

    Advanced Firewall Services

    •Cisco Modular Policy Framework

    •Advanced Web Security Services

    •Tunneling Application Control

    •Security Contexts

    •Layer 2 Transparent Firewall

    •FTP Session Command Filtering

    •Extended Simple Mail Transport

    •Protocol (ESMTP) Email Inspection Services

    •3G Mobile Wireless Security Services

    •Sun RPC/NIS+ Inspection Services

    •Internet Control Message Protocol (ICMP) Inspection Services

    •Enhanced TCP Security Engine

    •Outbound Access Control Lists (ACLs)

    •Time-based ACLs

    •Enable/Disable Individual ACL Entries

    •Improved Websence URL Filtering Performance

    Voice over IP and Mutlimedia Security Services

    •T.38 Fax over IP (FoIP)

    •Gatekeeper Routed Control Signaling (GKRCS)

    •Fragmented and Segmented Multimedia Stream Inspection

    •MGCP Address Translation Services

    •RTSP Address Translation Services

    Robust IPSec VPN Services

    •VPN Client Security Posture Enforcement

    •VPN Client Blocking by Operating System and Type

    •Automatic VPN Client Software Updates

    •Improved Support for Non-Split Tunneling Remote Access VPN Environments

    •Enhanced VPN NAT Transparency

    •Native Integration with Popular User Authentication Services

    •OSPF Dynamic Routing over VPN Tunnels

    •Enhanced Spoke-to-Spoke VPN Support

    •Enhanced X.509 Certificate Support

    •Cisco IOS Software Certificate Authority Support

    Resilient Architecture

    •Active/Active Stateful Failover

    •VPN Stateful Failover

    •Improved Failover Transition Times

    •Zero-Downtime Software Upgrades

    Intelligent Networking Services

    •PIM Multicast Routing

    •QoS Services

    •IPv6 Networking

    •Common Security Level for Multiple Interfaces

    •Improved VLAN Capacity

    •Optional Address Translation Services

    Flexible Management Solutions

    •Improved SNMP Monitoring

    •SSHv2 and Secure Copy Protocol (SCP)

    •Storage of Multiple Configurations in Flash Memory

    •Secure Asset Recovery

    •Scheduled System Reloads

    •Dedicated Out-of-Band Management Interface

    •Enhanced ICMP Ping Services

    •Command Line Interface (CLI) Usability Enhancements

    •SMTP Email Alerts

    •Administrative TACACS+ Accounting

    •RADIUS Accounting to Multiple Servers


    Author Comment

    Thank you both for your help.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
    Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now