Cisco's PIX family firewalls and Cisco ASA 5500 Series firewalls combine comprehensive firewall, intrusion defense, and VPN features in a cost-effective, single-box package. Both of these product families have been superseded by the ASA 5500-X family of security appliances with Firepower. (Refer to integration and debugging support for ASA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and earlier-generation ASA 5500 Series firewalls are extensively deployed and continue to deliver small and mid-size companies a reliable firewall solution.

PIX and legacy ASA 5500 firewalls offer powerful client and application policy support, mutlivector assault protection, and safe access services. The enhanced knowledge sharing of consolidated security services in a stand-alone package offers users implementing these aggregated firewalls the advantages of enhanced protection, reduced cost of ownership, and minimal management expense.

PIX security appliances and Cisco's ASA 5500 family join IOS Firewall, the FWSM for Catalyst 6500 family switches, and 7600 family routers as parts of Cisco's flexible, self-contained firewall solutions. Based on a scalable, modular platform, every offering is equipped with a specific array of options to provide more efficient protection to different networking situations. These products can be independently installed to protect certain areas of a connectivity infrastructure, or can be combined for a layered, protection-in-depth strategy following the design best practices outlined in the Cisco SAFE framework. Completing the integrated firewall solutions, Cisco has developed a complete security management catalog, ranging from Cisco security device and Cisco IOS security components and embedded device managers, to standalone management applications, helping to ensure that customers can effectively use their Cisco protection solution investments.

Cisco PIX Firewall Appliances
PIX Security Appliance Series offer robust policy support, multivector attack protection, and safe connectivity features in cost-effective, easy-to-deploy modules. These specialized devices provide a wealth of integrated protection and connectivity services such as process-aware firewall services, VoIP and multimedia security, reliable multi-location and remote-connectivity IP Security VPN connectivity, excellent resiliency, smart networking features, and versatile management solutions. The Cisco PIX firewall family ranges from small plug-and-go desktop units for small or at home offices to stackable high-bandwidth products with investment protection for large business and service-provider environments, Cisco PIX Security Appliance Series provide high levels of protection, performance, and availability for environments of all sizes.

PIX Security Consulting Firm

Based upon a tested, specialized software platform that delivers a wealth of security services, PIX firewalls offer excellent protection and have been awarded Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IP Security qualification. Cisco PIX security appliances offer protection for a broad array of Voice over IP and other mixed-media conventions including H.323 v. 4, Session Initiation Protocol (SIP), SCCP, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), helping businesses to safeguard deployments of a broad array of current and next-generation VoIP and multimedia applications.

Cisco PIX security appliances feature a variety of configuration, monitoring, and analysis features, giving businesses the flexibility to utilize the techniques that best meet their requirements. Administrative solutions include centralized, policy-based administration tools, integrated web-based administration, and compatibility with remote-monitoring protocols such as Simple Network Management Protocol (SNMP) and syslog. The integrated ASDM system provides a world-class web-based control platform that greatly streamlines the installation, in-place configuration, and tracking of a specific Cisco PIX firewall appliance without requiring any additional software beyond an ordinary web browser and Java plug-in to be running on a manager's computer.

IT managers can also remotely set up, track, and troubleshoot PIX security appliances using a command-line interface (CLI). Secure command-line interface (CLI) access is available using a number of techniques such as SSHv2 Protocol, Telnet through IPsec, and out-of-band through a console port. PIX security appliances also include robust automatic-update capabilities, a set advanced secure remote-management services that make sure that security configurations and software images are kept up to date.

Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls are specially engineered devices that incorporate market-proven, best-of-breed security and VPN services plus a flexible design. The result is a powerful, versatile network security solution better suited to protect small and midsize business (SMB) and larger networks and, at the same time, lower the overall installation and operations expenses previously required for this enhanced level of security.

>Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls Experts
Cisco ASA 5500 Series Firewalls build on engineering developed for the Cisco PIX 500 Series firewall, Cisco's IPS 4200 family sensor, and Cisco's VPN 3000 model concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) Firewall family to offer a platform that stops a broad range of threats. Cisco ASA 5500 Series Firewalls provide program security, network containment and control, and safe Virtual Private Network functionality across Cisco's product portfolio. This breadth of protection enables defense of any network area, including the most common threat conduits like remote sites, LAN-connected internal users, and remote access VPNs.

Cisco Adaptive Security Appliances 5500 Series firewalls deliver robust application security via smart, application-sensitive inspection processes that analyze traffic at Layers 4-7. The result is a more secure environment covering web, voice, and mobile wireless access. To defend environments against application-layer attacks and to give organizations more policing of the programs and protocols utilized in their networks, these inspection engines incorporate extensive application and protocol knowledgebases and employ protection enforcement technologies that include protocol anomaly sensing and application and protocol state tracking. Also included are assault sensing and remediation technology such as application/protocol command filtering and content verification. Cisco ASA firewall inspection engines also provide management of IM and peer-to-peer file sharing, enabling businesses to enforce usage policies and free up network bandwidth for critical business processes.

At the same time as improving security, Cisco Adaptive Security Appliances 5500 Series firewalls also lower deployment and support costs. By offering broad Virtual Private Network and protection services, the Cisco Adaptive Security Appliances (ASA) firewall can be a single device for many uses, allowing platform standardization. The Cisco ASA firewall can be used as a consolidated attack-prevention appliance at a central location by leveraging its access control, process inspection, and malicious assault remediation capabilities. The Cisco ASA firewall can also be deployed as a specialized remote connectivity solution utilizing its Virtual Private Network capabilities. Alternatively, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall performs capably inside the network for interdepartmental connectivity control and to defend against malicious assaults internal workers may inadvertently release into the network. For small company and branch office networks, the Cisco Adaptive Security Appliances 5500 Series firewall serves as a total solution platform offering complete threat defense and VPN services while suiting the budgets and operational demands of such situations.

This adaptive one-device, multiple-use design minimizes the number of appliances that need to be deployed and maintained while providing a standard operating and management system throughout all those deployments. This architecture simplifies the training of setup, tracking, support, and security personnel. To further minimize maintenance expenses, Cisco Adaptive Security Appliances firewalls are also highly network conscious, allowing them to integrate seamlessly into the network without interfering with legitimate data flow and processes.

How Progent's Cisco Certified Experts Can Assist You with Cisco Firewalls
Cisco's ASA Series firewalls and PIX security appliances incorporate an array of setup, tracking, and troubleshooting features which offer you the ability to deploy these security appliances to match your company's requirements. Progent's CCIE certified network consultants can assist you to support your current infrastructure that includes Cisco ASA or PIX security appliances and that provides protection, fault tolerance, throughput, and manageability. Progent can also assist you to migrate to ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISM-certified IS security engineers can help you to develop a security policy appropriate for your situation and can configure your PIX or ASA firewall to support your security policies. Progent's security assessment consultants can assess the strength of your current firewall deployment and validate the security of your entire information system environment. Progentís Help Desk support team can provide urgent remote troubleshooting for Cisco products and offer fast access to a Cisco network engineer.

For more information concerning Progent's consulting expertise for Cisco solutions, pick a subject:

In order to contact Progent about consulting help for Cisco products, call 1-800-993-9400 or see Contact Progent.
















© 2002- 2017 Progent Corporation. All rights reserved.