Cisco’s ASA 5500-X, ASA 5500 Series, and PIX 500 firewall appliances provide integrated firewall, IPsec VPN, and IPS services in compact single-box packages, delivering a wide range of features to meet the security needs of organizations ranging from small and mid-size businesses to enterprises and Internet service providers. Cisco’s ASA 5500-X, ASA 5500, and PIX firewall appliances allow network security staffs to defend their network edge and offer secure remote connectivity while using advanced administration tools built on Cisco's industry-leading firewall products.

Cisco’s ASA 5500 Series and PIX 500 firewalls have reached end-of-life (EOL) status but are still widely used in small and mid-size organizations as well as in some larger networks. Cisco’s ASA 5500-X Next-Generation Firewalls represent significantly more bang for the buck and have supplanted Cisco's ASA 5500 and PIX lines of firewalls for new installations. Still, Cisco's older model firewall appliances, if carefully managed, continue to offer a high level of protection by providing a variety of features such as stateful firewall, VPN, and IPS.

Following Cisco's purchase of Sourcefire, the whole family of Cisco ASA 5500-X devices can be provisioned to support Firepower Services, built on Sourcefire's Snort product, which is the world's most popular intrusion protection system. Firepower services provide powerful new features such as advanced malware protection (AMP), URL filtering, dynamic threat analytics, and automation.

Progent's Cisco-qualified network consultants can assist you to support and troubleshoot legacy ASA 5500 and PIX firewall appliances and can also assist you to design and implement a smooth upgrade to Cisco’s ASA 5500-X firewalls with Firepower Services. Progent can also assist you to design, integrate, optimize, manage and troubleshoot new firewall solutions based on Cisco's latest ASA 5500-X models with Firepower.

Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive family of ASA 5500-X firewalls features an enhanced replacement for each rack-mountable unit in the older ASA 5500 line of firewalls. Each ASA 5500-X firewall targets the same market as the corresponding previous models, which offers small and midsize businesses plenty of room for picking a firewall that aligns with their security needs and IT budgets. All ASA 5500-X firewalls are based on Cisco's tested stateful-inspection firewall technology and all incorporate purpose-built 64-bit hardware with multicore CPUs and are capable of running Cisco's powerful security services. All devices in Cisco's ASA 5500-X product line deliver consistent security across any mix of physical, virtual, and cloud environments.

>Cisco ASA 5500-X Firepower Consultants

For more details about Cisco's ASA 5500-X firewalls, Firepower services, and Progent's support for Cisco ASA security appliances, visit Firepower integration and debugging consulting

Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X security appliances accept either software or hardware modules that enable Firepower Services, which offer layered protection against multi-vector attacks. Cisco's Firepower Services are powered by technology acquired by Cisco from Sourcefire. Key features of Firepower Services for ASA firewalls include:

  • Layered protection against both familiar and zero-day threats
  • Cisco's Advanced Malware Protection that utilizes big data techniques to discover and remediate security breaches
  • A Next-Generation Intrusion Prevention System (NGIPS) that provides contextual analysis that looks at clients, network infrastructure, apps, and content to detect attacks that use multiple approaches
  • Fine-grained Application Visibility and Control that is familiar with thousands of applications and can automatically launch standard and custom IPS policies depending on the severity of threats
>Cisco Firepower Configuration Consultants

Firepower Services for ASA firewalls provide advanced multi-layered protection

Smaller implementations of Cisco ASA firewalls can be effectively administered via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web tool included with all ASA 5500-X versions. ASDM includes a simple web console for configuring, managing, and troubleshooting ASA 5500-X firewalls and modules.

For more complex environments, ASA 5500-X appliances with Firepower can be managed with Firepower Management Center, implemented as one or more physical or virtual appliances. Cisco's Firepower Management Center provides centralized firewall management, Application Visibility and Control, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection (AMP). Because of ongoing rebranding since Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names including Cisco Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.

Firepower Management Center provides capabilities unavailable with Cisco's on-device Adaptive Security Device Manager utility. Additional capabilities include expanded context awareness, Cisco's Advanced Malware Protection (AMP) with mitigation for user devices, a dashboard that offers dynamic network infrastructure visualization, automated policy optimization driven by risk assessment of attacks, advanced IPS, custom application detectors for Application Visibility and Control (AVC), customized health notifications, enhanced reporting options, and application interfaces for host input and database access. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be managed via the on-device ASDM or the ASA 5500-X CLI.

Cisco ASA 5500 Series Adaptive Security Appliances
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls leverage engineering behind the PIX 500 family firewall, Cisco's IPS 4200 Series Intrusion Prevention System, and Cisco's VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) Firewall product line to offer a firewall that defends against the broadest variety of attacks. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls deliver program security, network containment, and safe VPN connectivity throughout Cisco's product portfolio. This broad scope of protection enables the guarding of any network section, including the most common attack conduits like remote sites, LAN-connected internal users, and off-site connected VPNs.

>ASA 5500 Consulting Services and Technical Support
The scalable design of the ASA 5500 Series enables you to add more security services by installing security service modules and cards. These user-installable enhancements give you the option of adding Intrusion Protection and content protection functions like blocking virus, spyware, and phishing assaults and executing file and web screening. Beside enabling your IT staff to respond rapidly to the latest threat environments, the expandable architecture of the Cisco ASA 5500 Series also protects your hardware investment by increasing the life of your security appliances. The Cisco ASA 5500 Series also leverages your investment in IT team education by supporting the familiar library of PIX management utilities and protocols including the Cisco Adaptive Security Device Manager (ASDM) system, protected command-line interface access, syslog, and Simple Network Management Protocol (SNMP).

Cisco ASA 5500 Series firewalls provide robust application protection through smart, application-aware inspection engines that analyze network flows at Layers 4-7. The result is a safer network including Web, voice, and mobile wireless access. To protect against application-layer attacks and to offer better policing of the programs and protocols utilized in their networks, these inspection engines incorporate broad application and protocol knowledge and employ security enforcement solutions such as anomaly sensing and application and protocol state tracking. Also included are attack sensing and remediation techniques such as application/protocol command filtering and content verification. Cisco Adaptive Security Appliances firewall inspection engines also deliver control over instant messaging and peer-to-peer file sharing, enabling businesses to enforce usage policies and free up network bandwidth for important business processes.

For more information about Progent's consulting services for ASA 5500 firewalls, go to Cisco ASA 5500 firewalls configuration and troubleshooting consulting.

Cisco PIX Firewall Appliances
Built upon a hardened, purpose-built software platform that offers a wealth of protection features, Cisco PIX firewalls provide excellent security and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IPsec certification. PIX firewall appliances provide protection for a broad range of Voice over IP and additional multimedia standards including H.323 Version 4, SIP, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), helping businesses to protect deployments of a broad array of contemporary and next-generation IP voice and mixed-media applications.

PIX Security Consultants
Cisco PIX firewalls feature a wealth of configuration, monitoring, and analysis options, providing businesses the versatility to use the techniques that best meet their requirements. Management solutions include common, policy-based administration tools, integrated web-accessible management, and compatibility with remote-tracking standards like Simple Network Management Protocol (SNMP) and syslog. The integrated ASDM interface provides a world-class Web-based control solution that significantly simplifies the deployment, ongoing modification, and tracking of a single PIX security appliance without the need of any extra utility other than an ordinary browser and Java plug-in to be installed on a manager's PC.

Administrators can furthermore remotely set up, monitor, and troubleshoot Cisco PIX firewall appliances using a command-line interface (CLI). Secure command-line interface communication is available using a number of techniques such as SSHv2 Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. Cisco PIX security appliances also have dependable auto-update features, a collection of advanced protected remote-administration options that make sure that security settings and software images are always up to date.

For additional information about Progent's support services for Cisco PIX 500 security appliances, go to Cisco PIX 500 firewalls configuration and troubleshooting services.

Progent's PIX to ASA Migration Support Services
Because Cisco has discontinued selling the PIX product line, many businesses are uncomfortable with depending on a critical infrastructure mechanism that might no longer be supported. Cisco ASA 5500 firewalls offer the benefit of being current devices and also offer a number of functions and budgetary advantages in comparison to PIX 500 firewalls. These benefits include substantially higher performance, optional Secure Sockets Layer VPN capability, and an expandable architecture that protects your investment by enabling you to add new security features whenever you require them. Progent's CCIE-certified network engineers can assist you to assess the strategic case for migrating from PIX 500 to ASA 5500 security appliances, design a migration process that allows for a fast and non-disruptive changeover, help your IT staff to set up new ASA 5500 Series firewalls, and provide online, consulting, and technical support services.

Additional Ways Progent Can Assist You with Cisco Firewalls
Cisco Cisco ASA 5500 Series firewalls and PIX family firewalls incorporate an array of setup, monitoring, and troubleshooting options that give you the ability to set up these firewalls to align optimally with your company's requirements. Progent's CCIE certified network experts can help you to and support a cost-effective network infrastructure that incorporates Cisco ASA or PIX firewall technology and that offers world-class protection, resilience, performance, and recoverability. Progent's GISA and CISM-qualified IS security consultants can help your business to create a security policy appropriate for your business and can set up your firewall to support your security strategy. Progent's security assessment professionals can assess the effectiveness of your current firewall solution and audit the security of your entire IT network. Progent’s Technical Response Center can deliver emergency online technical support for Cisco products and can give you fast access to a Cisco expert.

To find out more details concerning Progent's professional help for Cisco technology, pick a topic:

To learn additional details concerning Progent's engineering help for Cisco networking products, pick a subject:

Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:

To get in touch with Progent about technical help for Cisco technology, phone 1-800-993-9400 or see Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.