Cisco PIX firewalls and ASA 5500 Series adaptive security appliances integrate next-generation firewall, intrusion defense, and VPN features in a cost-effective, one-cabinet package. Both of these product lines have been superseded by the ASA 5500-X line of firewalls with Firepower. (See configuration and debugging support for ASA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and first-generation ASA 5500 Series adaptive security appliances are widely deployed and continue to deliver small and mid-size companies a viable security environment.

PIX and the original ASA 5500 firewalls deliver robust client and program policy support, mutlivector attack protection, and secure connectivity services. The increased knowledge sharing of integrated protection services in a stand-alone package offers customers deploying these integrated firewalls the benefits of enhanced protection, reduced cost of ownership, and minimal management expense.

PIX security appliances and the ASA 5500 family join IOS Firewall, the FWSM for Catalyst 6500 switches, and Cisco 7600 routers as parts of Cisco's versatile, self-contained firewall solutions. Based on a scalable, modular platform, each device is equipped with a particular feature set to deliver better security to a variety of network situations. These solutions can be independently installed to secure specific areas of the connectivity infrastructure, or can be combined for a systematic, protection-in-depth strategy based on the design leading practices described in Cisco's SAFE framework. Completing the modular firewall solutions, Cisco has developed a complete security management portfolio, spanning Cisco security appliance and IOS Software security features and built-in appliance controllers, to self-contained management applications, helping to make sure that businesses can productively use their Cisco protection solution investments.

PIX Security Appliance Series
PIX Security Appliance Series offer reliable policy enforcement, multivector invasion defense, and secure networking features in cost-effective, out-of-the-box solutions. These purpose-built appliances offer a wealth of built-in protection and networking capabilities such as process-aware firewall services, VoIP and multimedia security, reliable multi-site and remote-access IP Security Virtual Private Network networking, fault tolerance, intelligent networking services, and flexible administration solutions. The Cisco PIX firewall Appliance family spans compact plug-and-play devices for small offices and at home offices to modular high-bandwidth appliances with ROI for large business and service-provider environments, Cisco PIX firewall appliances deliver high levels of security, speed, and availability for network environments of all sizes.

PIX Security Experts

Built around a tested, specialized operating system that offers rich protection features, PIX firewall appliances offer a high level of security and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Firewall and IP Security (IPsec) certification. Cisco PIX firewall appliances provide security for a wide array of VoIP and additional multimedia conventions including H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), and MGCP, helping businesses to safeguard installations of a wide array of current and upcoming IP voice and video applications.

PIX security appliances feature a wealth of configuration, monitoring, and troubleshooting features, providing businesses the versatility to use the methods that most closely meet their requirements. Management solutions include centralized, policy-based management utilities, integrated web-based management, and compatibility with remote-tracking protocols like SNMP and syslog. The integrated ASDM system provides a powerful web-based management solution that greatly streamlines the deployment, ongoing modification, and monitoring of a single Cisco PIX security appliance without the need of any extra utility other than a standard browser and Java plug-in to be installed on a manager's PC.

IT managers can furthermore remotely configure, monitor, and analyze PIX firewalls via a command-line interface (CLI). Safe command-line interface access is possible through several methods including SSHv2 Protocol, Telnet through IP Security, and out-of-band through a console port. Cisco PIX security appliances also have dependable automatic-update features, a collection advanced protected remote-management options that ensure security configurations and software images are always up to date.

Cisco ASA Firewalls
Cisco Adaptive Security Appliances 5500 Series Firewalls are specially engineered solutions that bring together market-proven, best-of-breed protection and VPN services with an adaptive design. The result is a robust, versatile network security solution better able to protect small and midsize company and larger networks and, simultaneously, lower the total deployment and operations costs formerly required for this high degree of protection.

>Cisco Adaptive Security Appliances (ASA) Firewalls Consulting
Cisco ASA 5500 Series Firewalls build on technology developed for Cisco's PIX 500 family firewall, Cisco's IPS 4200 Series sensor, and Cisco's VPN 3000 model concentrator. These solutions enable the Cisco ASA Firewall family to offer a firewall that stops a wide range of attacks. Cisco Adaptive Security Appliances (ASA) Firewalls deliver application protection, local containment and control, and safe VPN connectivity across the entire product line. This breadth of protection allows the guarding of any network area, including the most typical threat conduits such as remote locations, LAN-attached internal users, and remote connected Virtual Private Networks.

Cisco ASA firewalls provide robust application security via smart, application-aware inspection engines that analyze traffic at Layers 4-7. This produces a more secure network covering web, voice, and mobile wireless connectivity. To defend networks against application-layer attacks and to offer organizations greater control over the programs and protocols utilized in their networks, Cisco's inspection engines incorporate extensive application and protocol knowledgebases and rely on protection enforcement solutions that include anomaly detection and state tracking. Also included are assault sensing and mitigation technology including application and protocol command filtering and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide control over instant messaging and peer-to-peer file sharing, allowing businesses to police usage policies and recover network bandwidth for critical business processes.

At the same time as improving network protection, Cisco Adaptive Security Appliances firewalls also decrease installation and support costs. By providing broad VPN and protection functions, the Cisco ASA firewall can be a single device for a multitude of uses, allowing product commonality. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be deployed as a consolidated attack-protection appliance at the datacenter by taking advantage of its connectivity control, process inspection, and worm, virus, and other malware mitigation capabilities. The Cisco Adaptive Security Appliances firewall can also be deployed as a dedicated remote access solution using its Virtual Private Network features. As another option, the Cisco Adaptive Security Appliances firewall performs capably in the network interior for inter-office connectivity management and to defend against worms, viruses, and other malicious code inside users might unwittingly release into the network. For small company and satellite office environments, the Cisco ASA firewall acts as a total solution platform offering comprehensive threat prevention and Virtual Private Network functionality while fitting within the budgets and performance demands of such deployments.

This adaptive single-platform, multiple-use design reduces the total number of appliances that need to be deployed and maintained while offering a standard operating and administrative system across all those deployments. This architecture simplifies the education of setup, tracking, troubleshooting, and security staff. To further minimize maintenance costs, Cisco ASA 5500 Series firewalls are also exceptionally network conscious, enabling these devices to integrate seamlessly into the network without interfering with legitimate data flow and applications.

How Progent's Cisco Certified Experts Can Help You with Cisco PIX and ASA Security Appliances
Cisco's ASA 5500 Series firewalls and PIX family security appliances provide a wealth of configuration, tracking, and analysis features which offer you the ability to deploy these security appliances to align optimally with your company's requirements. Progent's CCIE certified network consultants can assist you to maintain your current network infrastructure that incorporates Cisco ASA and/or PIX security appliances and that provides protection, resilience, throughput, and recoverability. Progent can also assist your organization to upgrade to ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISM-certified IS security consultants can help your business to create a security strategy that makes sense for your situation and can configure your security appliance to support your security policies. Progent's security assessment experts can assess the effectiveness of your current firewall deployment and audit the security of your entire information system network. Progentís Help Desk Call Center can provide urgent remote troubleshooting for Cisco products and offer quick access to a Cisco CCIE expert.

To learn more details about Progent's consulting expertise for Cisco products, select a subject:

To get in touch with Progent about engineering support for Cisco products, call 1-800-993-9400 or visit Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.