Cisco's PIX family security appliances and ASA 5500 Series firewalls integrate comprehensive firewall, intrusion protection, and Virtual Private Network functionality in an affordable, single-box format. Both product families have been superseded by the ASA 5500-X series of firewalls with Firepower Services. (Refer to configuration and debugging expertise for ASA 5500-X firewalls with Firepower Services.) Nevertheless, PIX and earlier-generation Cisco ASA 5500 model firewalls are widely deployed and continue to offer small and mid-size companies a viable firewall environment.

PIX and the original ASA 5500 firewalls deliver powerful client and application policy enforcement, mutlivector assault defense, and secure access features. The increased knowledge sharing of integrated security features in a stand-alone package provides customers implementing these aggregated firewalls the advantages of enhanced protection, reduced TCO, and minimal management expense.

PIX security appliances and Cisco's ASA 5500 Series combine with IOS Firewall, the FWSM for Catalyst 6500 Series switches, and 7600 Series routers as parts of Cisco's flexible, self-contained firewall line. Based on an expandable, modular approach, every offering is equipped with a particular array of options to provide more efficient protection to a variety of network environments. These solutions can be individually deployed to protect certain facets of the network infrastructure, or can be grouped for a layered, protection-in-depth approach following the architecture best practices described in the Cisco SAFE Blueprint. Rounding out the integrated firewall solutions, Cisco provides a complete security management catalog, spanning Cisco security appliance and IOS Software security features and built-in device controllers, to self-contained management utilities, moving to make sure that customers can effectively use their Cisco protection infrastructure purchases.

PIX Firewalls
Cisco PIX Security Appliance Series offer robust policy support, multivector invasion defense, and secure connectivity features in affordable, easy-to-deploy modules. These specialized appliances offer a wealth of integrated protection and networking capabilities including application-aware firewall features, VoIP and multimedia protection, reliable site-to-site and remote-access IP Security (IPsec) Virtual Private Network (VPN) connectivity, fault tolerance, smart networking features, and flexible administration solutions. The PIX firewall product line ranges from compact plug-and-go devices for small offices and at home offices to modular high-bandwidth products with ROI for large business and service-provider environments, Cisco PIX firewall appliances deliver high levels of security, performance, and reliability for networks of any size.

Cisco PIX Firewalls Help

Built around a hardened, specialized OS that offers a wealth of security features, Cisco PIX firewalls provide excellent protection and have been awarded EAL 4 status and ICSA Labs Firewall and IPsec qualification. Cisco PIX firewall appliances offer protection for a wide array of VoIP and other mixed-media standards such as H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol (SCCP), RTSP, and Media Gateway Control Protocol (MGCP), helping businesses to protect deployments of a broad array of contemporary and next-generation Voice over IP and mixed-media applications.

PIX security appliances offer a variety of configuration, monitoring, and analysis features, providing IT managers the flexibility to use the methods that most closely meet their requirements. Management options include centralized, policy-based management utilities, integrated web-based administration, and support for remote-monitoring protocols like Simple Network Management Protocol and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) interface offers a world-class web-accessible management platform that significantly streamlines the deployment, ongoing modification, and tracking of a specific Cisco PIX firewall appliance without requiring any extra software beyond an ordinary web browser and Java plug-in to be installed on a manager's computer.

IT managers can also remotely configure, track, and troubleshoot Cisco PIX firewalls using a command-line interface (CLI). Safe command-line interface access is available through several methods such as Secure Shell Protocol, Telnet through IPsec, and out-of-band via a console port. PIX security appliances also have dependable auto-update features, a collection of protected remote-administration services that make sure that security settings and software images are kept up to date.

Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco Adaptive Security Appliances 5500 Series Firewalls are specially engineered solutions that bring together market-proven, best-of-breed security and VPN services with an adaptive architecture. The result is a robust, multifunction network protection solution better suited to defend small and midsize company and enterprise networks and, simultaneously, reduce the overall deployment and operations expenses formerly associated with this enhanced level of protection.

>Cisco Adaptive Security Appliances (ASA) Firewalls Experts
Cisco ASA Firewalls leverage technology developed for Cisco's PIX 500 Series firewall, the IPS 4200 family sensor, and Cisco's VPN 3000 model concentrator. These solutions converge on the Cisco Adaptive Security Appliances (ASA) Firewall product line to offer a firewall that defends against a wide range of threats. Cisco Adaptive Security Appliances 5500 Series Firewalls deliver application security, network containment, and clean Virtual Private Network functionality across the entire product line. This breadth of security allows the guarding of any network section, which includes the most typical attack conduits such as remote locations, LAN-attached internal users, and off-site connected VPNs.

Cisco ASA 5500 Series firewalls deliver a high-level of application security via smart, application-sensitive inspection processes that analyze network flows at Layers 4-7. This results in a safer environment covering web, voice, and mobile wireless services. To protect environments from application-layer attacks and to give businesses more control over the applications and protocols used in their networks, these inspection engines incorporate extensive application and protocol knowledgebases and rely on security enforcement technologies such as protocol anomaly sensing and state monitoring. Also incorporated are assault detection and mitigation technology including application/protocol command filtering and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also provide control over IM and peer-to-peer file sharing, enabling businesses to enforce usage policies and conserve network bandwidth for crucial business processes.

While increasing network security, Cisco Adaptive Security Appliances 5500 Series firewalls also lower deployment and support costs. By offering broad Virtual Private Network and security services, the Cisco Adaptive Security Appliances firewall can be a the only platform for many environments, allowing platform standardization. The Cisco Adaptive Security Appliances 5500 Series firewall can be used as a consolidated attack-prevention device at the datacenter by taking advantage of its access control, application inspection, and malicious assault remediation capabilities. The Cisco Adaptive Security Appliances firewall can also be deployed as a specialized remote connectivity device utilizing its VPN capabilities. As another option, the Cisco Adaptive Security Appliances (ASA) firewall serves capably in the network interior for interdepartmental connectivity control and to defend against worms, viruses, and other malicious code internal workers may unwittingly release into the network. In small company and branch office environments, the Cisco ASA firewall serves as an all-in-one platform offering complete intrusion prevention and VPN services while fitting within the cost structure and performance models of such situations.

This adaptive single-device, many-use design minimizes the total number of appliances that must be installed and managed while offering a standard functional and administrative system throughout all those deployments. This architecture streamlines the training of configuration, monitoring, troubleshooting, and protection staff. To further minimize operations costs, Cisco Adaptive Security Appliances 5500 Series firewalls are also exceptionally network aware, enabling them to integrate gracefully into the network without interfering with legitimate traffic and processes.

How Progent Can Help Your Business with Cisco Firewalls
Cisco ASA 5500 Series firewalls and PIX family firewalls provide an array of setup, tracking, and analysis features that offer you the flexibility to set up these firewalls to match your company's requirements. Progent's CCIE certified network professionals can show you how to support your current network infrastructure that includes Cisco ASA and/or PIX firewalls and that offers security, resilience, throughput, and manageability. Progent's firewall experts can also help you to upgrade to ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISSP-ISSP-certified IS security professionals can assist you to develop a security strategy that makes sense for your business and can set up your firewall to support your security strategy. Progent's security assessment experts can evaluate the effectiveness of your current firewall deployment and help determine the security of your entire IS environment. Progentís Technical Response Center can deliver urgent remote technical support for Cisco technology and offer quick access to a Cisco CCIE expert.

To find out more details about Progent's engineering assistance for Cisco solutions, pick a subject:

If you wish to get in touch with Progent about professional support for Cisco networking, phone 1-800-993-9400 or see Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.