© 2005 Cisco Systems, Inc. All rights reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Page 8 of 20
Feature
Benefit
(NIS+) Security Services
3G Mobile Wireless
Security Services
•
Delivers rich security services for 3G Mobile Wireless environments that provide packet switched data services
using the General Packet Radio Service (GPRS) Tunneling Protocol standard (GTP)
•
Provides advanced GTP inspection services that enable Mobile Wireless providers to have secure interactions
with roaming partners through robust filtering capabilities based on GTP specific parameters, such as International
Mobile Subscriber Identity (IMSI) prefixes and access point name (APN) values, and more
This feature is licensed separately.
H.323 Security Services
•
Enables advanced H.323 inspection services that support versions 1–4 of the protocol along with Direct Call
Signaling (DCS) and Gatekeeper Router Control Signaling (GKRCS) to provide flexible security integration in
a
variety of H.323-driven voice-over-IP (VoIP) environments
•
Includes NAT and PAT support for H.323 services, including advanced features such as fax over IP (FoIP) using
the T.38 protocol, an ITU standard that defines how to transmit FoIP in real time
SIP Security Services
•
Delivers a fortified SIP inspection engine that secures both, UDP and TCP based SIP environments
•
Enables NAT- and PAT-based address translation support for SIP-based IP phones and applications such as
Microsoft Windows Messenger, while delivering advanced services such as call forwarding, call transfers, and
more
SCCP Security Services
•
Provides secure integration of Cisco SCCP-based IP telephony services with Cisco CallManager Version 4.1 while
successfully connecting calls over multiprotocol VoIP environments across NAT and PAT boundaries
MGCP Security Services
•
Enables rich MGCP security services and NAT- and PAT-based address translation services for MGCP-based
connections between media gateways and call agents or media gateway controllers
RTSP Security Services
•
Delivers NAT-based address translation services for RTSP media streams for improved support in real-time
networking environments
TAPI/JTAPI over CTIQBE
Security Services
•
Supports inspection of various Cisco TAPI- and JTAPI-based applications that use CTIQBE, including Cisco IP
SoftPhone and the Cisco Customer Response solution
Fragmented and
Segmented Multimedia
Stream Inspection
•
Enables inspection of H.323, SIP, and SCCP-based voice and multimedia streams that have been fragmented or
segmented
Advanced TCP Security
Engine
•
Supports several foundational capabilities to assist in detecting protocol and application layer attacks
•
Provides TCP stream reassembly and analysis services to help detect attacks that are spread across a series of
packets
•
Offers TCP traffic normalization services for additional techniques to detect attacks, including advanced flag and
option checking, TCP packet checksum verification, detection of data tampering in retransmitted packets, and
more
Anti-X Security Services
Advanced Intrusion
Prevention and Anti-X
Services
•
Delivers advanced protection from known and unknown network and application layer attacks, DoS attacks, and
malware, including worms, network viruses, Trojan horses, spyware, and adware
•
Analyzes network traffic accurately for these threats using a wide range of techniques, including stateful pattern
recognition, protocol analysis, traffic anomaly detection, protocol anomaly detection, and Layer 2 analysis to
detect man-in-the-middle attacks
•
Provides specialized safeguards to “scrub” network traffic to prevent “detection evasion” attempts, including IP
fragmentation reassembly and normalization, TCP stream reassembly and normalization, TCP evasion control,
as
well as IP antispoofing and deobfuscation services
•
Helps ensure malicious attacks are stopped without impacting legitimate traffic by using innovative Cisco Risk
Rating technology—incorporating four elements (event severity, signature fidelity, asset value, and attack
relevancy) to accurately determine the risk of an event, and then confidently performing administrator-specified
mitigation action(s)
•
Provides on-device event correlation capabilities through Cisco Meta Event Generator to quickly identify and stop
new threats and optionally reduce the number of events sent to centralized monitoring systems for analysis
•
Supports both "in-line" prevention of attacks, as well as detection only, of attacks in both routed or Layer 2
