7-2
Cisco 7600 Series Router Module Guide
OL-9392-05
Chapter 7 Firewall Services Module
• Reliability—Cisco firewalls provide adaptable security services for operation-critical network
environments by using the integrated stateful failover capabilities within the Firewall Services
Module. Network traffic can be automatically sent to a hot-standby module in the event of a failure,
while maintaining concurrent connections with automated state synchronization between the
primary module and the standby module.
• Network Address Translation (NAT) and Port Address Translation (PAT)—Cisco firewalls provide
NAT and PAT services that conceal IP addresses of internal networks and expand network address
space for internal networks.
• Denial-of-service (DoS) attack prevention—Cisco firewalls protect the firewall and networks
behind them from attempts to gain access, which can bring a network to a halt.
• Scalability—Up to two modules are supported in a single Cisco 7600 series router chassis.
The following PIX firewall features are not supported by the module:
• Virtual private networks (VPN) (the module supports IPSec VPN only for management purposes.)
• Intrusion detection system (IDS) syslog messages
• PIX Firewall Manager (PFM)
• CSPM
• Conduit
• DHCP client
The front panel LEDs are shown in Figure 7-1 and described in Table 7-1.
Figure 7-1 Firewall Services Module (WS-SVC-FWM-1-K9)
Ta b l e 7-1 Firewall Services Module STATUS LED Description
Color/State Description
Green All diagnostic tests pass. The module is
operational.
Red A diagnostic test other than an individual port test
failed.
Orange Indicates one of three conditions:
• The module is running through its boot and
self-test diagnostic sequence.
• The module is disabled.
• The module is in the shutdown state.
Off The firewall module power is off.
FIREWALL SERVICES MODULE
SHUTDOWN
WS-SVC-FWM-1
STATUS
73755
STATUS LED
SHUTDOWN button
To Next Page
Loading...
