Name: Cisco PIX 501
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

4-8

Cisco PIX Firewall Hardware Installation Guide

78-15170-01

Chapter 4 PIX 515/515E

PIX 515/515E Feature Licenses

For information on upgrading feature licenses or downloading the latest software versions, refer to the

following website:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config/upgrade.htm

This section includes the following topics:

• PIX Firewall VPN Accelerator Card, page 4-8

• PIX Firewall VPN Accelerator Card+, page 4-8

PIX Firewall VPN Accelerator Card

The VPN Accelerator Card (VAC) for the Cisco PIX Firewall series is a card that provides high-performance,

tunneling and encryption services suitable for site-to-site and remote access applications. The VAC is

integrated with PIX 515 unrestricted (UR) and failover (FO) bundles. You can also purchase the VAC as a

spare for use with PIX 515 units that have a restricted (R) license.

PIX Firewall VPN Accelerator Card+

PIX Firewall Version 6.3 adds support for the VPN Accelerator Card+ (VAC+). The VAC+ is a

64-bit/66 MHz PCI card, that provides faster tunneling and encryption services for Virtual Private

Network (VPN) remote access, site-to-site intranet and extranet applications than the VAC. Each VAC+

card occupies a single PCI slot in the system. The VAC+ is supported on any chassis that runs Version

6.3 software, has an appropriate license to run VPN software, and at least one PCI slot available. While

the VAC continues to be supported in Version 6.3, if both types of cards, the VAC and the VAC+, are

installed in a system running Version 6.3, the VAC card is ignored. The VAC+ is a 64-bit/66 MHz PCI

card, that runs in both 32-bit/33 MHz, as well as 64-bit/66 MHz, and does not slow down the bus when

other 66 MHz cards are installed. It is strongly recommended that the VAC+ be installed in a 64bit/66 MHz

slot. Performance is degraded if this recommendation is not followed.

The 6.3 VAC+ driver supports the following:

• 3DES, DES, AES, SHA1, MD5 for (IPSec) ESP protocol (For AES, only the CBC mode and key

sizes of 128, 192, and 256 bits are supported).

• SHA1, MD5 for the (IPSec) AH protocol.

• Load sharing ESP and AH activity between up to three VAC+ cards.

• Diffie Hellman public key and shared secret generation.

• Any other crypto-related activity uses a software implementation.

Cisco PIX 501 Hardware Installation Guide

Other manuals for Cisco PIX 501