• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 838
  • Last Modified:

What are the benefits of upgrading to PIX OS v7.1?

I was wondering what people's opinions are on upgrading to the PIX OS v7.1. I have enough RAM - I just want to know if it's worth it.

Also, does it support PPTP (Windows native VPN) like 6.3, or will I have to use the Cisco client?
Brian Longworth
Brian Longworth
2 Solutions
PIX 7.x adds a LOT of capabilities that you don't get with 6.x
I like the new ASDM GUI as opposed to the PDM
You will lose the PPTP support. Cisco VPN client only - sorry, but it's for the better anyway. PPTP is not secure.
Much better VPN client control, much easier traffic control.
You can setup an access list and enable/disable specific lines with a toggle of a check box without having to delete/recreate rules.
DHCP server is now full service with all the options available to send to clients.
Here are this list of new features for PIX IOS 6.3 >


New Features
The primary focus of this guide is to describe changed and deprecated features and commands in the PIX Security appliance Version 7.0; however, this section includes an at-a-glance look at the new features. For more information on these features in PIX Security appliance Version 7.0 and their accompanying CLI commands, see the following documents:

•Cisco PIX Security Appliance Command Reference, Version 7.0

•Cisco Security Appliance CLI Configuration Guide, Version 7.0

•Adaptive Security Device Manager Online Help (previously known as PIX Device Manager, or PDM)

The PIX Security appliance Version 7.0 introduces the following new features:

Advanced Firewall Services

•Cisco Modular Policy Framework

•Advanced Web Security Services

•Tunneling Application Control

•Security Contexts

•Layer 2 Transparent Firewall

•FTP Session Command Filtering

•Extended Simple Mail Transport

•Protocol (ESMTP) Email Inspection Services

•3G Mobile Wireless Security Services

•Sun RPC/NIS+ Inspection Services

•Internet Control Message Protocol (ICMP) Inspection Services

•Enhanced TCP Security Engine

•Outbound Access Control Lists (ACLs)

•Time-based ACLs

•Enable/Disable Individual ACL Entries

•Improved Websence URL Filtering Performance

Voice over IP and Mutlimedia Security Services

•T.38 Fax over IP (FoIP)

•Gatekeeper Routed Control Signaling (GKRCS)

•Fragmented and Segmented Multimedia Stream Inspection

•MGCP Address Translation Services

•RTSP Address Translation Services

Robust IPSec VPN Services

•VPN Client Security Posture Enforcement

•VPN Client Blocking by Operating System and Type

•Automatic VPN Client Software Updates

•Improved Support for Non-Split Tunneling Remote Access VPN Environments

•Enhanced VPN NAT Transparency

•Native Integration with Popular User Authentication Services

•OSPF Dynamic Routing over VPN Tunnels

•Enhanced Spoke-to-Spoke VPN Support

•Enhanced X.509 Certificate Support

•Cisco IOS Software Certificate Authority Support

Resilient Architecture

•Active/Active Stateful Failover

•VPN Stateful Failover

•Improved Failover Transition Times

•Zero-Downtime Software Upgrades

Intelligent Networking Services

•PIM Multicast Routing

•QoS Services

•IPv6 Networking

•Common Security Level for Multiple Interfaces

•Improved VLAN Capacity

•Optional Address Translation Services

Flexible Management Solutions

•Improved SNMP Monitoring

•SSHv2 and Secure Copy Protocol (SCP)

•Storage of Multiple Configurations in Flash Memory

•Secure Asset Recovery

•Scheduled System Reloads

•Dedicated Out-of-Band Management Interface

•Enhanced ICMP Ping Services

•Command Line Interface (CLI) Usability Enhancements

•SMTP Email Alerts

•Administrative TACACS+ Accounting

•RADIUS Accounting to Multiple Servers

Brian LongworthSystem EngineerAuthor Commented:
Thank you both for your help.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now