What are the benefits of upgrading to PIX OS v7.1?

I was wondering what people's opinions are on upgrading to the PIX OS v7.1. I have enough RAM - I just want to know if it's worth it.

Also, does it support PPTP (Windows native VPN) like 6.3, or will I have to use the Cisco client?
Brian LongworthSystem EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
PIX 7.x adds a LOT of capabilities that you don't get with 6.x
I like the new ASDM GUI as opposed to the PDM
You will lose the PPTP support. Cisco VPN client only - sorry, but it's for the better anyway. PPTP is not secure.
Much better VPN client control, much easier traffic control.
You can setup an access list and enable/disable specific lines with a toggle of a check box without having to delete/recreate rules.
DHCP server is now full service with all the options available to send to clients.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
arvindSR Manager OperationCommented:
Here are this list of new features for PIX IOS 6.3 >

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_70/pix_upgd/pixupgrd.htm#wp1482875



New Features
The primary focus of this guide is to describe changed and deprecated features and commands in the PIX Security appliance Version 7.0; however, this section includes an at-a-glance look at the new features. For more information on these features in PIX Security appliance Version 7.0 and their accompanying CLI commands, see the following documents:

•Cisco PIX Security Appliance Command Reference, Version 7.0

•Cisco Security Appliance CLI Configuration Guide, Version 7.0

•Adaptive Security Device Manager Online Help (previously known as PIX Device Manager, or PDM)

The PIX Security appliance Version 7.0 introduces the following new features:

Advanced Firewall Services

•Cisco Modular Policy Framework

•Advanced Web Security Services

•Tunneling Application Control

•Security Contexts

•Layer 2 Transparent Firewall

•FTP Session Command Filtering

•Extended Simple Mail Transport

•Protocol (ESMTP) Email Inspection Services

•3G Mobile Wireless Security Services

•Sun RPC/NIS+ Inspection Services

•Internet Control Message Protocol (ICMP) Inspection Services

•Enhanced TCP Security Engine

•Outbound Access Control Lists (ACLs)

•Time-based ACLs

•Enable/Disable Individual ACL Entries

•Improved Websence URL Filtering Performance

Voice over IP and Mutlimedia Security Services

•T.38 Fax over IP (FoIP)

•Gatekeeper Routed Control Signaling (GKRCS)

•Fragmented and Segmented Multimedia Stream Inspection

•MGCP Address Translation Services

•RTSP Address Translation Services

Robust IPSec VPN Services

•VPN Client Security Posture Enforcement

•VPN Client Blocking by Operating System and Type

•Automatic VPN Client Software Updates

•Improved Support for Non-Split Tunneling Remote Access VPN Environments

•Enhanced VPN NAT Transparency

•Native Integration with Popular User Authentication Services

•OSPF Dynamic Routing over VPN Tunnels

•Enhanced Spoke-to-Spoke VPN Support

•Enhanced X.509 Certificate Support

•Cisco IOS Software Certificate Authority Support

Resilient Architecture

•Active/Active Stateful Failover

•VPN Stateful Failover

•Improved Failover Transition Times

•Zero-Downtime Software Upgrades

Intelligent Networking Services

•PIM Multicast Routing

•QoS Services

•IPv6 Networking

•Common Security Level for Multiple Interfaces

•Improved VLAN Capacity

•Optional Address Translation Services

Flexible Management Solutions

•Improved SNMP Monitoring

•SSHv2 and Secure Copy Protocol (SCP)

•Storage of Multiple Configurations in Flash Memory

•Secure Asset Recovery

•Scheduled System Reloads

•Dedicated Out-of-Band Management Interface

•Enhanced ICMP Ping Services

•Command Line Interface (CLI) Usability Enhancements

•SMTP Email Alerts

•Administrative TACACS+ Accounting

•RADIUS Accounting to Multiple Servers

Brian LongworthSystem EngineerAuthor Commented:
Thank you both for your help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.