Cisco's PIX firewalls and ASA Series adaptive security appliances integrate comprehensive firewall, intrusion protection, and Virtual Private Network technologies in an economical, single-box package. Both product lines have been superseded by the ASA 5500-X family of firewalls with Firepower. (Refer to integration and troubleshooting support for Cisco AA 5500-X firewalls with Firepower Services.) Still, PIX and earlier-generation Cisco ASA 5500 model firewalls are extensively deployed and continue to provide small and mid-size organizations a reliable security solution.

Cisco PIC and the original ASA 5500 firewalls deliver powerful user and application policy support, mutlivector assault protection, and safe connectivity services. The increased intelligence sharing of integrated security features in a stand-alone platform provides users implementing these integrated firewalls the benefits of enhanced security, reduced TCO, and minimal maintenance costs.

PIX security appliances and the ASA 5500 product line join IOS Firewall, the FWSM for Catalyst 6500 switches, and Cisco 7600 family routers as parts of Cisco's flexible, self-contained firewall line. Based on an expandable, building-block platform, each device is designed with a specific feature set to provide more efficient protection to different network situations. These products can be independently installed to protect certain areas of the network environment, or can be grouped for a layered, defense-in-depth approach following the design best practices outlined in the Cisco SAFE Blueprint. Rounding out the integrated firewall product line, Cisco has developed a comprehensive security management catalog, ranging from Cisco security appliance and IOS security components and embedded device managers, to self-contained management utilities, helping to ensure that businesses can productively use their Cisco protection solution purchases.

PIX Security Appliance Series
Cisco PIX firewall appliances offer robust policy support, multi-source attack protection, and secure networking services in cost-effective, out-of-the-box solutions. These purpose-built devices offer a broad range of built-in security and connectivity services such as application-aware firewall services, VoIP and multimedia protection, robust multi-site and remote-access IP Security Virtual Private Network (VPN) networking, excellent resiliency, intelligent networking services, and versatile management options. The Cisco PIX firewall Appliance family ranges from compact plug-and-play devices for small and at home offices to stackable high-bandwidth appliances with ROI for large business and ISP customers, Cisco PIX firewalls provide high levels of protection, speed, and availability for networks of all sizes.

Cisco PIX Firewalls Experts

Based around a tested, specialized software platform that delivers a wealth of protection services, Cisco PIX firewall appliances offer a high level of security and have been awarded EAL 4 status and ICSA Firewall and IPsec qualification. Cisco PIX firewall appliances provide protection for a broad range of VoIP and additional mixed-media conventions such as H.323 Version 4, SIP, SCCP, Real-Time Streaming Protocol, and MGCP, enabling businesses to safeguard installations of a broad array of contemporary and next-generation IP voice and multimedia applications.

Cisco PIX firewall appliances offer a variety of configuration, monitoring, and analysis options, giving businesses the versatility to use the techniques that best meet their requirements. Management options include centralized, policy-based management utilities, integrated web-accessible management, and support for remote-tracking standards such as SNMP and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) interface offers a world-class web-based management solution that significantly simplifies the installation, in-place modification, and tracking of a specific PIX firewall appliance without the need of any additional utility other than a standard browser and Java plug-in to be installed on an administrator's PC.

IT managers can furthermore remotely configure, monitor, and analyze Cisco PIX firewalls using a command-line interface. Secure command-line interface communication is available using several techniques including Secure Shell (SSHv2) Protocol, Telnet over IPsec, and out-of-band via a console port. Cisco PIX security appliances also include robust auto-update features, a set advanced secure remote-management services that ensure security settings and software images are always up to date.

Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls are specially engineered devices that bring together advanced, best-of-breed protection and VPN services plus a flexible design. The result is a robust, versatile network protection appliance better suited to defend small and midsize company and larger networks and, at the same time, lower the total installation and maintenance expenses previously required for this enhanced degree of security.

>Cisco ASA 5500 Series Firewalls Help
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls build on engineering developed for the PIX 500 Series Security Appliance, the IPS 4200 sensor, and the Cisco VPN 3000 family concentrator. These solutions converge on the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall product line to offer a firewall that defends against a broad range of attacks. Cisco Adaptive Security Appliances Firewalls deliver application security, local containment, and safe VPN connectivity throughout the entire product line. This breadth of security allows defense of any network segment, including the most typical attack vectors such as remote sites, LAN-connected inside users, and remote connected Virtual Private Networks.

Cisco Adaptive Security Appliances 5500 Series firewalls provide strong application security through intelligent, application-aware inspection processes that examine network flows at Layers 4-7. The result is a more secure network including web, voice, and mobile wireless connectivity. To protect environments from application-layer assaults and to give businesses greater control over the programs and protocols used in their environments, Cisco's inspection engines integrate extensive application and protocol knowledgebases and employ protection enforcement technologies such as anomaly detection and state tracking. Also incorporated are assault sensing and mitigation technology including application/protocol command filtering and content verification. Cisco ASA 5500 Series firewall inspection engines also provide management of instant messaging and peer-to-peer file sharing, enabling businesses to enforce usage policies and free up bandwidth for critical business processes.

While improving security, Cisco Adaptive Security Appliances 5500 Series firewalls also lower deployment and operational costs. By offering broad Virtual Private Network and security functions, the Cisco Adaptive Security Appliances 5500 Series firewall can be used as the single device for many environments, enabling platform standardization. The Cisco Adaptive Security Appliances 5500 Series firewall can be deployed as a converged attack-prevention device at the datacenter by taking advantage of its connectivity control, application inspection, and malware mitigation capabilities. The Cisco Adaptive Security Appliances (ASA) firewall can also be used as a dedicated remote connectivity solution using its VPN capabilities. As an alternative, the Cisco ASA firewall performs capably in the network interior for inter-office access control and to defend against malicious assaults inside workers might unknowingly release into the network. For small business and branch office networks, the Cisco ASA 5500 Series firewall acts as an all-in-one device offering complete intrusion prevention and Virtual Private Network functionality while fitting within the budgets and operational models of such deployments.

This adaptive single-device, multiple-solution approach minimizes the total number of appliances that need to be deployed and managed while providing a standard operating and management environment throughout all those deployments. This architecture streamlines the training of configuration, tracking, troubleshooting, and security staff. To further reduce operations costs, Cisco Adaptive Security Appliances 5500 Series firewalls are also exceptionally network aware, allowing these devices to integrate seamlessly into the network without disrupting legitimate data flow and processes.

How Progent Can Help You with Cisco Firewalls
Cisco ASA 5500 Series firewalls and PIX firewalls provide a wealth of configuration, monitoring, and analysis options which offer you the ability to deploy these firewalls to match your business requirements. Progent's CCIE certified network experts can help you to support your current network infrastructure that incorporates Cisco ASA and/or PIX firewalls and that offers protection, resilience, throughput, and manageability. Progent can also help your organization to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISM-certified IS security engineers can help your business to develop a security strategy that makes sense for your business and can configure your PIX or ASA firewall to support your security policies. Progent's security assessment experts can evaluate the effectiveness of your existing firewall solution and audit the security of your entire IS network. Progentís Technical Response Center can deliver urgent remote technical support for Cisco technology and can give you quick access to a Cisco expert.

To find out more information about Progent's consulting support for Cisco solutions, select a topic:

To ask Progent about engineering expertise for Cisco technology, phone 1-800-993-9400 or go to Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.