Cisco's PIX family firewalls and ASA 5500 Series firewalls integrate next-generation firewall, intrusion protection, and VPN functionality in an affordable, single-box format. Both of these product families have been replaced by Cisco's ASA 5500-X family of security appliances with Firepower Services. (Refer to configuration and troubleshooting expertise for ASA 5500-X firewalls with Firepower Services.) Still, both PIX and previous-generation ASA 5500 Series firewalls are widely deployed and continue to provide small and mid-size organizations a viable firewall environment.

Cisco PIC and the original ASA 5500 firewalls deliver robust client and program policy support, mutlivector attack defense, and safe connectivity services. The increased knowledge sharing of consolidated protection services in a stand-alone package provides users implementing these aggregated firewalls the benefits of enhanced security, lower cost of ownership, and minimal management expense.

Cisco PIX firewalls and the ASA 5500 product line combine with IOS Firewall, the Firewall Services Module for Cisco Catalyst 6500 family switches, and Cisco 7600 Series routers as parts of Cisco's flexible, self-contained firewall solutions. Based on a scalable, building-block approach, each offering is designed with a particular array of options to deliver better protection to different network environments. These solutions can be independently deployed to protect specific facets of a connectivity infrastructure, or can be combined for a systematic, defense-in-depth approach based on the design best practices outlined in Cisco's SAFE Blueprint. Completing the integrated firewall product line, Cisco provides a complete security management product portfolio, spanning Cisco security device and Cisco IOS security features and embedded appliance managers, to standalone management programs, helping to make sure that businesses can effectively manage their Cisco protection solution purchases.

Cisco PIX Security Appliance Series
PIX firewalls offer reliable policy enforcement, multi-source attack defense, and secure connectivity features in affordable, simple-to-configure modules. These purpose-built appliances offer a wealth of built-in security and connectivity capabilities such as application-aware firewall features, Voice over IP (VoIP) and multimedia security, robust multi-site and remote-access IP Security (IPsec) VPN connectivity, excellent resiliency, intelligent networking services, and versatile management solutions. The PIX firewall Appliance family ranges from small plug-and-play desktop units for small offices or at home offices to stackable gigabit products with investment protection for enterprise and ISP environments, Cisco PIX Security Appliance Series provide high levels of protection, performance, and availability for networks of any size.

Cisco PIX Firewalls Help

Built upon a tested, specialized software platform that delivers a wealth of protection features, PIX firewalls provide excellent security and have been awarded Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IP Security certification. PIX firewalls provide protection for a broad range of VoIP and additional mixed-media standards such as H.323 v. 4, SIP, Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol (MGCP), enabling businesses to safeguard deployments of a broad array of contemporary and next-generation IP voice and mixed-media applications.

Cisco PIX firewall appliances offer a wealth of setup, monitoring, and troubleshooting features, providing businesses the flexibility to use the techniques that most closely match their requirements. Management solutions include centralized, policy-based management utilities, integrated web-accessible administration, and compatibility with remote-monitoring protocols like SNMP and syslog. The integrated ASDM interface provides a world-class web-based control solution that significantly streamlines the deployment, in-place modification, and tracking of a specific PIX security appliance without the need of any extra utility other than an ordinary web browser and Java applet to be running on a manager's computer.

IT managers can furthermore remotely configure, track, and analyze PIX security appliances via a CLI interface. Safe command-line interface (CLI) access is available through a number of techniques such as SSHv2 Protocol, Telnet over IP Security (IPsec), and out-of-band via a console port. PIX firewalls also include robust auto-update capabilities, a collection of protected remote-administration services that make sure that security settings and software images are always current.

Cisco Adaptive Security Appliances (ASA) Firewalls
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls are specially engineered solutions that bring together advanced, industry-leading protection and Virtual Private Network support with a flexible design. The result is a powerful, multifunction network protection appliance better able to protect small and medium company and enterprise networks and, simultaneously, lower the overall deployment and maintenance expenses previously associated with this high level of security.

>Cisco Adaptive Security Appliances (ASA) Firewalls Help
Cisco Adaptive Security Appliances (ASA) Firewalls leverage engineering developed for the PIX 500 family firewall, the Cisco IPS 4200 family Intrusion Prevention System, and the VPN 3000 Series concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) Firewall product line to offer a firewall that defends against a broad range of threats. Cisco ASA Firewalls deliver program security, network containment and control, and safe Virtual Private Network functionality across Cisco's product portfolio. This broad scope of security allows defense of any network segment, including the most typical attack conduits such as remote locations, locally-connected internal users, and remote access VPNs.

Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls provide a high-level of application security via intelligent, application-sensitive inspection engines that analyze traffic at Layers 4-7. This results in a more secure network including web, voice, and mobile wireless connectivity. To protect environments from application-layer assaults and to offer businesses greater policing of the applications and protocols utilized in their networks, Cisco's inspection engines integrate broad application and protocol knowledgebases and employ security enforcement technologies such as anomaly detection and application and protocol state tracking. Also incorporated are assault sensing and mitigation techniques such as application/protocol command filtering and content verification. Cisco ASA firewall inspection engines also deliver management of instant messaging and peer-to-peer file sharing, enabling organizations to enforce usage policies and free up bandwidth for crucial business applications.

At the same time as increasing security, Cisco Adaptive Security Appliances 5500 Series firewalls also decrease installation and support costs. By providing broad VPN and protection services, the Cisco Adaptive Security Appliances firewall can be used as the the only platform for a multitude of uses, allowing product commonality. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be deployed as a converged attack-prevention appliance at the datacenter by taking advantage of its connectivity control, application inspection, and worm, virus, and other malware remediation technologies. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can also be used as a specialized remote connectivity solution utilizing its Virtual Private Network features. Alternatively, the Cisco Adaptive Security Appliances (ASA) firewall performs capably in the network interior for inter-office access control and to guard against malware internal users might unwittingly introduce into the environment. For small business and branch office environments, the Cisco Adaptive Security Appliances (ASA) firewall serves as an all-in-one device providing comprehensive intrusion defense and VPN services while fitting within the budgets and operational models of such situations.

This versatile single-device, multiple-solution approach reduces the total number of appliances that need to be deployed and managed while offering a standard functional and administrative system throughout all installations. This approach simplifies the education of setup, monitoring, support, and security personnel. To further minimize maintenance costs, Cisco ASA 5500 Series firewalls are also highly network aware, allowing them to insert gracefully into the network without disrupting legitimate traffic and processes.

How Progent's Consultants Can Assist Your Business with Cisco PIX and ASA Security Appliances
Cisco ASA 5500 Series adaptive security appliances and PIX family security appliances incorporate an array of configuration, monitoring, and troubleshooting options that offer you the flexibility to deploy these firewalls to match your company's requirements. Progent's CCIE authorized network experts can help you to maintain your current network infrastructure that incorporates Cisco ASA and/or PIX firewall technology and that provides protection, resilience, throughput, and manageability. Progent can also assist you to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-qualified IS security professionals can help your business to create a security strategy that makes sense for your business and can set up your firewall to support your security policies. Progent's risk assessment consultants can evaluate the effectiveness of your existing firewall deployment and validate the security of your whole IS network. Progentís Technical Response Center can provide urgent online technical support for Cisco products and can give you quick access to a Cisco network engineer.

Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:

To find out about Progent's consulting and support services for additional Cisco products and technologies, select a topic: To see more details about Progent's consulting support for Cisco products, select a subject: For more information about Progent's consulting and support services for Cisco technology, call 1-800-993-9400 or visit Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.

More topics of interest:
  • Durham Cisco Firewalls Computer Consulting
  • Cisco PIX Firewall Migration Support in Bakersfield, CA
  • Burlingame PIX Firewall Consultants
  • Information Technology Consulting Group
  • Information Technology Consulting for Cisco Security Washington, DC
  • Cisco PIX 500 Firewall Migration Integration Services in Montgomery, Alabama
  • Cisco PIX Migration Online Help in Rochester, NY
  • Detroit, Michigan Server Support