Cisco PIX family firewalls and ASA Series adaptive security appliances combine comprehensive firewall, intrusion defense, and Virtual Private Network (VPN) technologies in a cost-effective, one-box format. Both product lines have been replaced by the ASA 5500-X series of firewalls with Firepower Services. (Refer to integration and debugging expertise for Cisco AA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and previous-generation Cisco ASA 5500 Series adaptive security appliances are extensively used and continue to provide small and mid-size companies a reliable firewall environment.

PIX and the original ASA 5500 firewalls deliver powerful client and application policy enforcement, mutlivector attack protection, and secure access services. The increased knowledge sharing of consolidated security features in a stand-alone platform offers customers implementing these aggregated solutions the benefits of enhanced security, lower TCO, and minimal maintenance expense.

Cisco PIX security appliances and Cisco's ASA 5500 product line combine with Cisco IOS Firewall, the Firewall Services Module (FWSM) for Cisco Catalyst 6500 family switches, and Cisco 7600 Series routers as parts of Cisco's flexible, self-contained firewall line. Engineered with an expandable, building-block approach, each offering is designed with a particular array of options to provide more efficient security to different networking environments. These solutions can be individually deployed to secure certain areas of a network infrastructure, or can be combined for a layered, protection-in-depth strategy based on the design leading practices outlined in the Cisco SAFE framework. Completing the integrated firewall solutions, Cisco provides a comprehensive security management offering, ranging from Cisco security appliance and Cisco IOS Software security features and built-in appliance managers, to standalone management utilities, moving to make sure that businesses can effectively use their Cisco security solution investments.

PIX Security Appliance Series
PIX Security Appliance Series offer robust user and application policy enforcement, multivector invasion defense, and secure connectivity features in economical, easy-to-deploy solutions. These purpose-built devices offer a broad range of integrated security and networking services including application-aware firewall features, Voice over IP (VoIP) and multimedia security, robust multi-site and remote-access IP Security VPN connectivity, excellent resiliency, intelligent networking services, and versatile administration options. The PIX firewall product line ranges from small plug-and-play desktop units for small offices or at home offices to stackable high-bandwidth products with investment protection for enterprise and service-provider environments, Cisco PIX firewall appliances deliver dependable protection, performance, and availability for environments of any size.

PIX Firewalls Help

Built around a tested, specialized operating system that offers a wealth of security features, Cisco PIX security appliances offer excellent security and have earned EAL 4 status and ICSA Labs Firewall and IP Security certification. PIX firewall appliances provide security for a broad array of Voice over IP and additional multimedia standards such as H.323 v. 4, SIP, SCCP, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), helping businesses to safeguard installations of a wide array of current and upcoming VoIP and multimedia applications.

Cisco PIX security appliances feature a variety of configuration, monitoring, and troubleshooting features, giving IT managers the flexibility to utilize the methods that best meet their needs. Administrative options include common, policy-based management utilities, integrated web-accessible management, and compatibility with remote-monitoring standards like SNMP and syslog. The integrated Adaptive Security Device Manager system provides a powerful web-accessible management platform that significantly streamlines the deployment, in-place modification, and monitoring of a specific PIX security appliance without the need of any extra software other than an ordinary browser and Java applet to be installed on a manager's computer.

IT managers can also remotely configure, track, and troubleshoot PIX firewalls using a CLI interface. Safe command-line interface communication is possible using a number of techniques including Secure Shell (SSHv2) Protocol, Telnet through IP Security (IPsec), and out-of-band via a console port. PIX security appliances also have dependable auto-update features, a set of protected remote-administration services that make sure that security settings and software images are kept up to date.

Cisco Adaptive Security Appliances (ASA) Firewalls
Cisco Adaptive Security Appliances 5500 Series Firewalls are purpose-built devices that bring together advanced, industry-leading protection and Virtual Private Network support with an adaptive design. The result is a robust, versatile network protection solution better able to defend small and midsize business (SMB) and enterprise networks and, at the same time, lower the total deployment and operations costs formerly associated with this high degree of protection.

>Cisco Adaptive Security Appliances 5500 Series Firewalls Consultants
Cisco Adaptive Security Appliances 5500 Series Firewalls leverage engineering behind the Cisco PIX 500 Series firewall, the IPS 4200 Series Intrusion Prevention System, and Cisco's VPN 3000 model concentrator. These technologies enable the Cisco Adaptive Security Appliances Firewall product line to offer a firewall that stops a broad range of threats. Cisco ASA Firewalls deliver application security, local containment, and safe Virtual Private Network connectivity across Cisco's product line. This broad scope of protection allows the guarding of any network section, which includes the most typical attack vectors like remote locations, locally-attached internal users, and off-site connected Virtual Private Networks.

Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls deliver robust application protection through intelligent, application-aware inspection engines that examine traffic at Layers 4-7. This results in a safer network covering web, voice, and mobile wireless connectivity. To defend environments from application-layer attacks and to offer organizations greater control over the programs and protocols utilized in their networks, Cisco's inspection engines incorporate broad application and protocol knowledge and employ security enforcement solutions that include protocol anomaly sensing and state monitoring. Also included are assault sensing and remediation technology including application and protocol command filters and content verification. Cisco Adaptive Security Appliances 5500 Series firewall inspection engines also deliver control over instant messaging and peer-to-peer file sharing, allowing organizations to enforce usage policies and recover network bandwidth for important business processes.

At the same time as increasing network security, Cisco Adaptive Security Appliances 5500 Series firewalls also decrease deployment and support costs. By providing extensive Virtual Private Network and protection services, the Cisco Adaptive Security Appliances 5500 Series firewall can be a the only platform for a multitude of uses, allowing product standardization. The Cisco ASA firewall can be deployed as a converged threat-protection device at a central location by leveraging its connectivity control, application inspection, and worm, virus, and other malware mitigation technologies. The Cisco Adaptive Security Appliances 5500 Series firewall can also be used as a specialized remote connectivity device using its VPN features. As an alternative, the Cisco Adaptive Security Appliances 5500 Series firewall performs capably inside the network for interdepartmental access management and to defend against malware internal workers might inadvertently release into the environment. In small company and branch office networks, the Cisco Adaptive Security Appliances 5500 Series firewall acts as a total solution device offering complete threat prevention and VPN functionality while suiting the cost structure and performance demands of these situations.

This adaptive one-platform, many-solution design minimizes the number of appliances that need to be deployed and maintained while providing a standard operating and administrative environment throughout all those deployments. This architecture simplifies the training of configuration, monitoring, troubleshooting, and security personnel. To further minimize maintenance costs, Cisco Adaptive Security Appliances (ASA) firewalls are also highly network aware, enabling these devices to insert seamlessly into the environment without disrupting legitimate traffic and processes.

How Progent Can Assist Your Business with Cisco PIX and ASA Security Appliances
Cisco's ASA 5500 Series adaptive security appliances and PIX family security appliances provide an array of setup, monitoring, and troubleshooting features that offer you the flexibility to set up these security appliances to align optimally with your company's requirements. Progent's CCIE certified network consultants can help you to support your existing network infrastructure that incorporates Cisco ASA or PIX firewall technology and that provides security, fault tolerance, throughput, and manageability. Progent's firewall experts can also help your organization to upgrade to ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISM-certified IS security professionals can assist you to develop a security strategy that makes sense for your situation and can set up your security appliance to support your security policies. Progent's security assessment engineers can evaluate the strength of your current firewall deployment and validate the security of your entire IS network. Progentís Help Desk Call Center can provide emergency online troubleshooting for Cisco products and can give you quick access to a Cisco expert.

To see additional details about Progent's engineering assistance for Cisco networking products, pick a subject:

If you wish to ask Progent about professional support for Cisco products, phone 1-800-993-9400 or visit Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.