Cisco’s ASA 5500-X Series, ASA 5500, and PIX 500 firewall appliances provide integrated firewall, IPsec VPN, and intrusion prevention system capabilities in compact single-box packages, delivering a broad range of features to meet the security requirements of companies from small businesses to enterprises and Internet service providers. Cisco’s ASA 5500-X, ASA 5500 Series, and PIX firewalls enable IT security staffs to defend their network edge and offer secure remote access while utilizing powerful administration mechanisms built on Cisco's industry-leading firewall products.

Cisco’s ASA 5500 and PIX 500 firewalls have reached end-of-life (EOL) status but remain commonly deployed in smaller businesses and in some larger networks. Cisco’s ASA 5500-X Series Next-Generation Firewalls deliver significantly more bang for the buck and have superseded the ASA 5500 and PIX 500 families of firewalls for new deployments. Still, Cisco's legacy firewall appliances, if properly managed, continue to offer a high level of protection by supplying a variety of security functions including firewall, VPN, and IPS.

Since Cisco's acquisition of Sourcefire, the entire family of ASA 5500-X devices can be configured to support Firepower Services, built on Sourcefire's Snort technology, which is the market's most deployed intrusion protection system. Firepower services provide powerful new features such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.

Progent's Cisco-certified network engineers can help you to support and debug older ASA 5500 and PIX firewalls and can also help you to design and implement a smooth migration to Cisco’s ASA 5500-X Series firewalls with Firepower. Progent can also help you to plan, deploy, tune, manage and troubleshoot new firewall ecosystems based on Cisco's latest ASA 5500-X firewalls with Firepower.

Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive line of ASA 5500-X firewalls includes an enhanced substitute for every rack-mountable model in the older ASA 5500 line of devices. Each ASA 5500-X firewall is suited for the identical market as the corresponding earlier models, which offers most ample choice for selecting a solution that meets their security requirements and IT budgets. All ASA 5500-X products build on Cisco's tested stateful-inspection firewall technology and all incorporate purpose-built 64-bit hardware with multicore CPUs and support Cisco's powerful security services. All devices in Cisco's ASA 5500-X product line deliver dependable security across any combination of physical, virtual, and cloud environments.

>Cisco ASA 5500-X Firepower Consultants

For additional information about ASA 5500-X security appliances, Cisco Firepower services, and Progent's consulting for Cisco ASA firewalls, go to Cisco Firepower configuration and debugging consulting

Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X firewalls work with either software or physical modules that support Cisco's Firepower Services, which provide layered defense against advanced attacks. Cisco's Firepower Services are powered by technology adopted by Cisco from Sourcefire. Key features of Firepower Services for ASA 5500-X firewalls include:

  • Layered protection against both familiar and zero-day attacks
  • Cisco's Advanced Malware Protection that utilizes big data techniques to find and remediate security breaches
  • Cisco's Next-Generation Intrusion Prevention System that provides contextual analysis that covers users, network infrastructure, software applications, and content to detect attacks that use multiple vectors
  • Fine-grained Application Visibility and Control that is familiar with thousands of applications and can automatically activate standard and custom IPS policies depending on the degree of risk
>Cisco Firepower Integration Consultants

Firepower Services for ASA 5500-X firewalls provide multi-layered threat protection

Smaller deployments of ASA 5500-X firewalls can be effectively administered via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility which is provided with all ASA 5500-X models. ASDM includes a simple web dashboard for deploying, managing, and debugging ASA 5500-X appliances and service modules.

For more complex environments, ASA 5500-X appliances with Firepower can be managed using Cisco's Firepower Management Center, available as one or more physical or virtual appliances. Firepower Management Center provides centralized firewall management, Application Visibility and Control (AVC, advanced IPS, URL filtering, and Cisco's Advanced Malware Protection (AMP). Because of frequent rebranding after Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under several names that include Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.

Cisco's Firepower Management Center provides features unavailable with Cisco's on-box ASDM utility. Additional capabilities include greater context awareness, Cisco's Advanced Malware Protection (AMP) with mitigation for client devices, a dashboard that offers real-time network visualization, automated policy optimization based on risk assessment of threats, advanced IPS, custom app discovery for Application Visibility and Control, customized health notifications, improved reporting features, and application interfaces for host input and database access. Hardware-dependent features such as clustering, stacking, switching, routing, VPN, and NAT must be handled using either the on-box ASDM or the ASA command line interface.

Cisco ASA 5500 Adaptive Security Appliances
Cisco Adaptive Security Appliances Firewalls build on technology developed for the Cisco PIX 500 Series Security Appliance, Cisco's IPS 4200 family sensor, and the Cisco VPN 3000 model concentrator. These technologies enable the Cisco Adaptive Security Appliances (ASA) Firewall family to deliver a platform that stops the broadest range of threats. Cisco ASA Firewalls provide application security, network containment, and safe Virtual Private Network connectivity across Cisco's product portfolio. This broad scope of protection allows the guarding of any network area, including the most common threat vectors like remote sites, locally-attached inside users, and off-site connected Virtual Private Networks.

>Cisco ASA 5500 Series Consulting Services and Technical Support
The scalable architecture of the ASA 5500 family permits you to add more security services via security service modules and security service cards (SSCs). These user-installable enhancements provide the ability to add IPS and content protection functions such as blocking virus, worms, and phishing assaults and performing file and URL screening. In addition to allowing your IT staff to react quickly to new risk environments, the expandable design of the Cisco ASA 5500 Series also protects your hardware investment by increasing the useful life of your security appliances. The Cisco ASA 5500 family also leverages your investment in administrative team education by supporting the rich library of PIX 500 management tools and protocols such as the Cisco ASDM platform, protected command-line interface availability, syslog, and Simple Network Management Protocol (SNMP).

Cisco Adaptive Security Appliances (ASA) firewalls deliver robust application protection through intelligent, application-sensitive inspection processes that analyze traffic at Layers 4-7. This results in a safer environment covering Web, voice, and mobile wireless services. To protect networks against application-layer attacks and to provide stronger policing of the programs and protocols used in their environments, Cisco's inspection engines incorporate extensive application and protocol knowledge and rely on security enforcement solutions that include protocol anomaly sensing and application and protocol state tracking. Also incorporated are assault sensing and remediation technology including application/protocol command filtering and content verification. Cisco Adaptive Security Appliances firewall inspection engines also deliver control over instant messaging and tunneling applications, enabling businesses to police usage policies and recover network bandwidth for crucial business processes.

For more information about Progent's consulting services for Cisco's ASA 5500 security appliances, go to ASA 5500 firewalls integration and debugging consulting.

PIX Firewall Appliances
Built upon a tested, purpose-built operating system that offers a wealth of protection features, PIX firewall appliances offer excellent protection and have received EAL 4 status and ICSA Labs Firewall and IP Security qualification. PIX firewall appliances offer security for a broad array of Voice over IP and additional multimedia conventions such as H.323 v. 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol, and MGCP, enabling businesses to protect deployments of a wide array of contemporary and upcoming Voice over IP and video applications.

PIX Firewalls Consulting Firm
Cisco PIX firewalls offer a variety of configuration, monitoring, and troubleshooting options, providing businesses the flexibility to utilize the techniques that most closely match their needs. Administrative options include common, policy-based administration utilities, integrated web-accessible administration, and support for remote-monitoring protocols such as SNMP and syslog. The integrated Adaptive Security Device Manager system offers a powerful Web-accessible control platform that greatly simplifies the installation, ongoing modification, and tracking of a single PIX security appliance without requiring any extra software other than an ordinary browser and Java plug-in to be installed on a manager's PC.

Administrators can also remotely set up, monitor, and troubleshoot Cisco PIX firewalls via a command-line interface (CLI). Secure command-line interface (CLI) communication is possible using several techniques including Secure Shell (SSHv2) Protocol, Telnet over IPSec, and out-of-band via a console port. PIX security appliances also include robust automatic-update capabilities, a set of revolutionary protected remote-administration options that ensure security settings and software images are always up to date.

For more details about Progent's consulting services for Cisco PIX firewalls, go to PIX 500 firewalls configuration and troubleshooting consulting.

Progent's PIX to ASA Migration Consulting Support
Because Cisco has ceased selling the PIX 500 family of firewalls, many companies are uncomfortable with depending on a key security component that may no longer be supported. Cisco ASA 5500 security appliances have the advantage of being new devices and also offer several technical and economic advantages in comparison to PIX devices. These benefits include significantly better performance, optional SSL VPN support, and a modular design that guards your investment by enabling you to self-install new security services when and if you need them. Progent's Cisco certified experts can help you to assess the strategic value of for moving from PIX 500 to ASA 5500 security appliances, design a migration plan that permits a quick and seamless upgrade, assist you to configure new ASA 5500 Series appliances, and provide online, consulting, and troubleshooting services.

Other Ways Progent Can Help You with Cisco ASA and PIX Firewalls
Cisco's ASA Series adaptive security appliances and PIX family security appliances provide a wealth of configuration, tracking, and analysis options that give you the ability to deploy these security appliances to match your business requirements. Progent's CCIE authorized network experts can assist you to install a cost-effective network infrastructure that incorporates Cisco ASA and/or PIX firewall technology and that offers world-class security, resilience, performance, and manageability. Progent's CISA and CISSP-ISSP-qualified information security professionals can assist you to create a security policy that makes sense for your situation and can set up your PIX or ASA firewall to support your security strategy. Progent's risk evaluation consultants can assess the strength of your existing firewall solution and audit the overall security of your whole information system environment. Progent’s Help Desk support team can provide urgent online troubleshooting for Cisco technology and offer fast access to a Cisco CCIE expert.

To find out additional details concerning Progent's consulting expertise for Cisco solutions, pick a subject:

For more information concerning Progent's engineering expertise for Cisco technology, select a subject:

Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:

If you wish to ask Progent about technical assistance for Cisco products, call 1-800-993-9400 or go to Contact Progent.
















© 2002- 2017 Progent Corporation. All rights reserved.