Cisco PIX firewalls and ASA Series firewalls combine next-generation firewall, intrusion protection, and Virtual Private Network (VPN) functionality in an economical, single-box package. Both product families have been replaced by Cisco's ASA 5500-X line of firewalls with Firepower Services. (See configuration and debugging help with ASA 5500-X firewalls with Firepower Services.) Still, PIX and previous-generation Cisco ASA 5500 Series firewalls are widely deployed and continue to provide small and mid-size companies a reliable firewall solution.

Cisco PIC and the original ASA 5500 firewalls offer robust user and application policy enforcement, mutlivector attack defense, and secure access services. The enhanced intelligence sharing of integrated protection features in a single package provides users deploying these integrated firewalls the benefits of advanced security, reduced cost of ownership, and smaller maintenance expense.

PIX security appliances and Cisco's ASA 5500 product line combine with Cisco IOS Firewall, the Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series switches, and 7600 routers as components of Cisco's versatile, integrated firewall line. Engineered with a scalable, modular platform, each device is designed with a specific array of options to deliver more efficient protection to different network environments. These products can be independently installed to secure certain facets of the connectivity environment, or can be combined for a layered, defense-in-depth strategy following the design best practices outlined in Cisco's SAFE framework. Rounding out the modular firewall solutions, Cisco provides a comprehensive security management portfolio, ranging from Cisco security appliance and Cisco IOS Software security features and built-in appliance managers, to self-contained management programs, moving to make sure that customers can effectively use their Cisco security infrastructure investments.

PIX Firewall Appliances
Cisco PIX Security Appliance Series offer reliable user and application policy support, multi-source invasion defense, and safe networking services in economical, easy-to-deploy modules. These specialized devices provide a wealth of integrated protection and networking services such as process-aware firewall features, Voice over IP and multimedia security, reliable multi-site and remote-access IPcec VPN networking, high availability, smart networking features, and versatile management solutions. The Cisco PIX Security Appliance Series family spans compact plug-and-play devices for small offices or home offices to stackable gigabit appliances with ROI for enterprise and ISP customers, Cisco PIX firewall appliances provide high levels of protection, speed, and availability for networks of any size.

PIX Security Consulting

Based around a hardened, purpose-built OS that offers a wealth of protection services, Cisco PIX firewall appliances provide excellent security and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Firewall and IP Security (IPsec) qualification. PIX firewalls offer security for a wide range of VoIP and additional mixed-media conventions such as H.323 v. 4, SIP, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol, enabling organizations to protect installations of a broad range of contemporary and upcoming VoIP and mixed-media applications.

PIX security appliances feature a variety of configuration, monitoring, and analysis options, giving businesses the flexibility to utilize the methods that most closely match their requirements. Administrative options include centralized, policy-based management tools, integrated web-accessible management, and compatibility with remote-monitoring protocols like Simple Network Management Protocol (SNMP) and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system provides a powerful web-based management solution that greatly simplifies the installation, ongoing configuration, and monitoring of a specific Cisco PIX security appliance without requiring any extra software beyond a standard web browser and Java plug-in to be installed on an administrator's PC.

IT managers can furthermore remotely configure, track, and analyze Cisco PIX security appliances via a CLI interface. Safe command-line interface (CLI) access is available using several methods including Secure Shell (SSHv2) Protocol, Telnet over IP Security (IPsec), and out-of-band via a console port. Cisco PIX firewall appliances also have dependable automatic-update capabilities, a collection of protected remote-management services that ensure firewall settings and software images are always up to date.

Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco Adaptive Security Appliances (ASA) Firewalls are purpose-built solutions that bring together market-proven, best-of-breed protection and Virtual Private Network services plus an adaptive architecture. The end product is a robust, versatile network protection appliance better able to protect small and medium business (SMB) and larger networks and, at the same time, reduce the total installation and maintenance costs formerly associated with this enhanced degree of security.

>Cisco Adaptive Security Appliances Firewalls Support
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls build on engineering behind the Cisco PIX 500 Series Security Appliance, the IPS 4200 sensor, and Cisco's VPN 3000 Series concentrator. These technologies enable the Cisco ASA 5500 Series Firewall product line to deliver a platform that stops a broad range of threats. Cisco Adaptive Security Appliances Firewalls deliver application protection, network containment and control, and safe VPN connectivity across Cisco's product line. This breadth of protection allows defense of any network section, which includes the most common threat vectors such as remote locations, locally-attached inside users, and remote connected Virtual Private Networks.

Cisco Adaptive Security Appliances firewalls provide strong application security through smart, application-sensitive inspection engines that examine traffic at Layers 4-7. This produces a safer network including web, voice, and mobile wireless services. To defend environments from application-layer attacks and to give businesses greater control over the programs and protocols utilized in their environments, these inspection engines incorporate broad application and protocol knowledge and rely on security enforcement solutions that include protocol anomaly sensing and state monitoring. Also included are attack detection and remediation technology such as application and protocol command filters and content verification. Cisco ASA firewall inspection engines also deliver control over IM and tunneling applications, allowing businesses to enforce usage policies and preserve network bandwidth for important business processes.

While increasing network security, Cisco Adaptive Security Appliances firewalls also lower installation and operational expenses. By providing broad VPN and protection services, the Cisco Adaptive Security Appliances (ASA) firewall can be used as the single device for many uses, allowing platform commonality. The Cisco Adaptive Security Appliances firewall can be deployed as a converged attack-prevention device at a central location by leveraging its connectivity control, process inspection, and worm, virus, and other malware mitigation technologies. The Cisco ASA firewall can also be used as a specialized remote access solution using its VPN features. Alternatively, the Cisco Adaptive Security Appliances (ASA) firewall serves equally well inside the network for interdepartmental connectivity control and to guard against malware internal workers may unwittingly release into the environment. In small company and satellite office environments, the Cisco Adaptive Security Appliances 5500 Series firewall acts as an all-in-one device offering comprehensive threat defense and VPN functionality while suiting the cost structure and performance models of such deployments.

This adaptive one-platform, many-solution design minimizes the number of devices that must be installed and managed while offering a standard operating and administrative environment throughout all those installations. This architecture streamlines the education of configuration, tracking, support, and security staff. To further reduce maintenance costs, Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls are also exceptionally network aware, allowing them to insert seamlessly into the environment without interfering with authorized data flow and applications.

How Progent's Consultants Can Help Your Business with Cisco PIX and ASA Security Appliances
Cisco ASA Series adaptive security appliances and PIX firewalls provide a wealth of setup, tracking, and analysis options that offer you the flexibility to set up these security appliances to align optimally with your company's needs. Progent's CCIE certified network experts can help you to maintain your existing infrastructure that incorporates Cisco ASA or PIX firewall technology and that provides security, resilience, throughput, and recoverability. Progent's firewall experts can also assist your organization to migrate to ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISM-certified information security professionals can assist you to create a security policy appropriate for your business and can set up your security appliance to enforce your security policies. Progent's security evaluation consultants can evaluate the effectiveness of your current firewall deployment and help determine the overall security of your whole IS environment. Progentís Technical Response Center (TRC) can provide urgent remote troubleshooting for Cisco products and can give you quick access to a Cisco network engineer.

To find out additional information concerning Progent's professional expertise for Cisco technology, pick a subject:

In order to contact Progent about technical help for Cisco technology, call 1-800-993-9400 or see Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.