Cisco Firewalls for Secure Unified Communications

Cisco Firewalls for Secure Unified Communications

	Cisco ASA 5500 Series Adaptive Security Appliance	Cisco Firewall Services Module	Cisco IOS Firewall
Stateful Inspection (Access Control)	● Yes ● SIP UDP ● SIP TCP ● SCCP ● RTP/RTCP ● H.323 v1-4 ● H.323 RAS ● H.323 T.38 ● MGCP ● TAPI/JTAPI ● CTI-QBE	● Yes (with FWSM 4.0) ● SIP UDP ● SIP TCP ● SCCP ● RTP/RTCP ● H.323 v1-4 ● H.323 RAS ● H.323 T.38 ● MGCP	● Yes (with Cisco IOS Software Release 12.5 and later) ● SIP UDP ● SIP TCP ● SCCP ● RTP/RTCP ● H.323 v1-4 ● H.323 RAS ● H.323 T.38
Unified- Communications- Aware NAT	Yes	Yes	No
Protocol Conformance	Yes	Yes	Yes
Application Inspection and Control	Yes (SIP and SCCP)	Yes (FWSM 4.0)	On the roadmap
Remote Access/ Secure Connectivity	Yes (IPsec, SSL, DTLS)	No (firewall only)	Yes (IPsec and SSL in the Cisco IOS Advanced Security feature set)
Phone Proxy	Yes (Cisco ASA Software Release 8.0.4)	No (use Cisco ASA Phone Proxy)	No (use Cisco ASA Phone Proxy)
TLS Proxy	Yes (Cisco ASA Software Release 8.0)	No (firewall only)	No (on the roadmap)
Positioning	Campus and enterprise Internet edge for remote access	Data center: Unified communications and data applications	Branch office and commercial customers (Cisco Unified Communications Manager Express + Cisco IOS Firewall)