Cisco's PIX security appliances and Cisco ASA 5500 Series adaptive security appliances integrate comprehensive firewall, intrusion protection, and Virtual Private Network features in a cost-effective, single-cabinet package. Both product families offer powerful user and program policy support, mutlivector assault defense, and safe access features. The increased intelligence sharing of consolidated security services in a single package provides customers deploying these aggregated solutions the advanced of enhanced protection, reduced cost of ownership (COI), and less maintenance costs.

Cisco PIX firewalls and the ASA 5500 family combine with IOS Firewall, the FWSM for Cisco Catalyst 6500 switches, and Cisco 7600 routers as components of Cisco's versatile, self-contained firewall line. Engineered with an expandable, modular approach, each offering is designed with a particular array of options to deliver more efficient protection to different network situations. These products can be individually installed to protect certain areas of the connectivity infrastructure, or can be combined for a systematic, protection-in-depth strategy based on the design best practices described in the Cisco SAFE framework. Rounding out the integrated firewall solutions, Cisco has developed a comprehensive security management catalog, ranging from Cisco security appliance and IOS Software security features and built-in device managers, to standalone management programs, helping to make sure that businesses can productively use their Cisco protection solution purchases.

Cisco PIX Security Appliance Series
The popular PIX Security Appliance Series deliver robust policy support, multivector invasion defense, and secure networking services in economical, out-of-the-box solutions. These purpose-built appliances provide a wealth of built-in security and connectivity capabilities including state-of-the=art process-aware firewall features, market-leading VoIP and multimedia protection, robust site-to-site and remote-access IP Security (IPSec) Virtual Private Network connectivity, fault tolerance, intelligent networking features, and flexible management solutions. The Cisco PIX firewall product line ranges from small plug-and-play desktop units for small or home offices to stackable gigabit products with greater investment protection for large business and ISP customers, PIX Security Appliance Series deliver high levels of security, speed, and availability for network environments of any size.

PIX firewall appliances deliver a variety of configuration, monitoring, and troubleshooting options, providing businesses the flexibility to use the techniques that best match their requirements. Administrative solutions cover the gamut from centralized, policy-based management utilities to integrated Web-accessible administration to support for remote-tracking standards such as SNMP and syslog. The integrated Adaptive Security Device Manager interface offers a powerful Web-accessible management solution that greatly simplifies the installation, in-place configuration, and monitoring of a single Cisco PIX firewall appliance without requiring any extra utility beyond an ordinary Web browser and Java plug-in to be installed on a manager's computer. Administrators can also remotely set up, track, and troubleshoot PIX security appliances via a CLI interface. Secure CLI interface communication is possible using several techniques, such as Secure Shell Protocol, Telnet through IP Security, and out-of-band via a console port. PIX firewalls also include dependable auto-update features, a set of revolutionary secure remote-administration options that make sure that firewall configurations and software images are kept up to date. In addition, PIX firewall appliances are supported by several setup and tracking utilities offered by Cisco Architecture for Voice, Video and Integrated Data partners.

Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco Adaptive Security Appliances Firewalls are specially engineered solutions that bring together advanced, best-of-breed protection and Virtual Private Network support plus an innovative, adaptive design. The result is a powerful, versatile network protection appliance better able to defend small and midsize company and enterprise networks and, simultaneously, lower the overall deployment and operations expenses of this new degree of protection.

Cisco Adaptive Security Appliances (ASA) firewalls deliver strong application protection through intelligent, application-sensitive inspection engines that analyze network flows at Layers 4-7. The result is a safer environment including Web, voice, and 3G-mobile wireless access. To protect environments from application-layer attacks and to offer organizations greater control over the programs and protocols used in their networks, these inspection engines incorporate extensive application and protocol knowledge and rely on security enforcement solutions such as anomaly detection and state monitoring. Also included are attack sensing and mitigation techniques including application/protocol command filters and URL deobfuscation. Cisco ASA firewall inspection engines also deliver management of IM and peer-to-peer file sharing, enabling organizations to police usage policies and free up network bandwidth for important business applications.

While increasing security, Cisco ASA firewalls also decrease installation and support expenses. By offering extensive Virtual Private Network and protection functions, the Cisco ASA firewall can be used as the the only platform for a multitude of uses, enabling product commonality. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as a consolidated threat-protection appliance at a central location by taking advantage of its connectivity control, application inspection, and malicious assault remediation capabilities. The Cisco ASA 5500 Series firewall can also be used as a dedicated remote connectivity solution utilizing its Virtual Private Network features. As another option, the Cisco ASA 5500 Series firewall serves equally well in the network interior for interdepartmental access control and to defend against malware internal workers might unknowingly introduce into the environment. For small business and satellite office networks, the Cisco ASA 5500 Series firewall acts as a total solution device offering comprehensive intrusion prevention and VPN functionality while suiting the cost structure and operational demands of these deployments. This versatile one-platform, many-use design lowers the amount of platforms that must be installed and managed while offering a common operating and administrative environment throughout all those installations. This approach streamlines the training of setup, monitoring, troubleshooting, and protection staff. To further minimize operations costs, Cisco Adaptive Security Appliances (ASA) firewalls are also exceptionally network aware, enabling them to insert seamlessly into the network without interfering with legitimate data flow and applications.

How Progent Can Assist You with Cisco Firewalls
Cisco's PIX family firewalls and ASA 5500 Series firewalls provide a wealth of setup, tracking, and troubleshooting options that give you the flexibility to configure these firewalls to align optimally with your business needs. Progent's CISM authorized network security professionals can show you how to create a security strategy that makes sense for your environment and can set up your PIX or ASA firewall to support your security policy. Progent's CISA-certified information security audit professionals and GIAC-certified IT security consultants can assess the strength of your existing firewall solution and help determine the security of your whole information system environment. Progent can also analyze your firewall both remotely and in person, and can train your existing IT maintenance staff to configure and support your security appliances.

To see more details concerning Progent's consulting expertise for Cisco technology, select a topic: