- Cisco Private Internet eXchange (PIX) is a popular IP firewall and network address translation (NAT) appliance. It was one of the first products in this market segment.
- In 2005, Cisco introduced the newer Adaptive Security Appliance (ASA), that inherited much of PIX features, and in 2008 announced PIX end-of-sale. The Cisco ASA Series controls network and application traffic, delivers flexible Virtual Private Network (VPN) connectivity, and reduces the overall deployment, operations costs and complexity that would otherwise be associated with this level of comprehensive security.
- An intrusion detection system (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet.
- An intrusion prevention system (IPS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. Network-based IPS, for example, will operate in-line to monitor all network traffic for malicious code or attacks. When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass. Intrusion prevention technology is considered by some to be an extension of intrusion detection (IDS) technology. IPS is used to detect/prevent attacks that have a distinctive packet pattern.
CCENT will ask you to Describe the functions of common security appliances and applications.
Good luck for your CCENT and CCNA exam.
ICND1 and ICND2 break down