Cisco PIX security appliances and ASA 5500 Series adaptive security appliances integrate comprehensive firewall, intrusion defense, and VPN features in an affordable, single-box format. Both of these product lines have been replaced by Cisco's ASA 5500-X family of firewalls with Firepower Services. (Refer to integration and troubleshooting help with Cisco AA 5500-X firewalls with Firepower Services.) Still, PIX and first-generation ASA 5500 model adaptive security appliances are extensively used and continue to offer small and mid-size companies a viable security environment.

PIX and legacy ASA 5500 firewalls deliver powerful client and program policy enforcement, mutlivector assault defense, and safe access services. The enhanced knowledge sharing of integrated protection services in a single package offers customers deploying these integrated solutions the advantages of advanced security, lower TCO, and minimal management expense.

PIX firewalls and Cisco's ASA 5500 family join IOS Firewall, the Firewall Services Module (FWSM) for Catalyst 6500 Series switches, and 7600 routers as parts of Cisco's flexible, integrated firewall line. Engineered with a scalable, building-block platform, each device is equipped with a specific array of options to provide more efficient security to different network situations. These solutions can be independently deployed to secure certain facets of the network infrastructure, or can be grouped for a layered, protection-in-depth approach based on the design leading practices outlined in Cisco's SAFE Blueprint. Completing the modular firewall product line, Cisco has developed a complete security management portfolio, ranging from Cisco security appliance and IOS Software security features and embedded device controllers, to self-contained management utilities, moving to ensure that businesses can productively manage their Cisco security infrastructure investments.

PIX Firewall Appliances
Cisco PIX firewall appliances deliver reliable user and application policy enforcement, multi-source attack protection, and safe networking features in economical, out-of-the-box modules. These specialized devices provide a broad range of built-in security and networking capabilities such as process-aware firewall services, VoIP and multimedia security, reliable multi-location and remote-connectivity IP Security (IPsec) Virtual Private Network connectivity, excellent resiliency, smart networking features, and flexible administration solutions. The PIX firewall product line ranges from compact plug-and-go desktop units for small offices and home offices to stackable gigabit appliances with ROI for enterprise and service-provider customers, PIX Security Appliance Series provide high levels of protection, speed, and availability for environments of all sizes.

Cisco PIX Security Consulting Firm

Built upon a hardened, purpose-built software platform that delivers a wealth of protection services, PIX firewalls provide excellent security and have received Common Criteria Evaluation Assurance Level 4 status and ICSA Firewall and IP Security (IPsec) qualification. Cisco PIX firewalls offer protection for a broad array of VoIP and additional mixed-media conventions such as H.323 Version 4, Session Initiation Protocol (SIP), SCCP, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol, enabling businesses to protect installations of a wide array of contemporary and upcoming IP voice and video applications.

PIX firewall appliances offer a wealth of setup, tracking, and analysis features, providing businesses the flexibility to use the methods that best match their requirements. Management solutions include centralized, policy-based management utilities, integrated web-accessible management, and compatibility with remote-monitoring protocols like SNMP and syslog. The integrated Adaptive Security Device Manager interface provides a world-class web-accessible management solution that greatly simplifies the deployment, in-place configuration, and monitoring of a specific PIX firewall appliance without the need of any extra software beyond an ordinary web browser and Java plug-in to be installed on an administrator's PC.

Administrators can furthermore remotely set up, monitor, and troubleshoot PIX firewall appliances via a CLI interface. Safe command-line interface (CLI) communication is possible through several techniques including Secure Shell Protocol, Telnet through IP Security, and out-of-band via a console port. Cisco PIX firewalls also include dependable automatic-update features, a collection of protected remote-administration services that ensure firewall settings and software images are kept current.

Cisco ASA Firewalls
Cisco ASA Firewalls are specially engineered devices that bring together market-proven, industry-leading security and Virtual Private Network services plus an adaptive architecture. The end product is a robust, multifunction network protection appliance better able to protect small and medium business and larger networks and, at the same time, lower the total installation and operations expenses formerly associated with this high degree of security.

Cisco Adaptive Security Appliances Firewalls Consultants
Cisco ASA 5500 Series Firewalls build on technology behind Cisco's PIX 500 Series Security Appliance, the IPS 4200 Intrusion Prevention System, and the VPN 3000 Series concentrator. These solutions converge on the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall product line to offer a firewall that defends against a broad range of attacks. Cisco ASA 5500 Series Firewalls provide application protection, network containment, and clean VPN connectivity throughout the entire product portfolio. This breadth of protection allows defense of any network section, which includes the most common attack conduits such as remote sites, locally-connected inside users, and remote access VPNs.

Cisco Adaptive Security Appliances (ASA) firewalls deliver robust application security through intelligent, application-sensitive inspection engines that examine traffic at Layers 4-7. This results in a better protected environment including web, voice, and mobile wireless connectivity. To protect environments from application-layer attacks and to offer businesses more control over the applications and protocols used in their networks, Cisco's inspection engines incorporate broad application and protocol knowledge and employ security enforcement technologies such as protocol anomaly detection and application and protocol state tracking. Also incorporated are attack detection and mitigation techniques such as application and protocol command filters and content verification. Cisco Adaptive Security Appliances firewall inspection engines also provide management of IM and peer-to-peer file sharing, allowing organizations to enforce usage policies and recover bandwidth for critical business applications.

While improving security, Cisco Adaptive Security Appliances 5500 Series firewalls also decrease deployment and support expenses. By offering extensive VPN and security functions, the Cisco ASA 5500 Series firewall can be used as the single device for many uses, enabling platform standardization. The Cisco ASA firewall can be deployed as a consolidated attack-prevention appliance at the datacenter by leveraging its connectivity control, process inspection, and malicious assault remediation technologies. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can also be deployed as a dedicated remote connectivity solution utilizing its Virtual Private Network capabilities. As an alternative, the Cisco Adaptive Security Appliances 5500 Series firewall operates equally well in the network interior for inter-office connectivity management and to defend against malware internal users might unknowingly release into the environment. For small business and branch office networks, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall acts as an all-in-one platform providing complete intrusion defense and VPN functionality while suiting the cost structure and operational demands of these situations.

This adaptive single-device, multiple-use design minimizes the number of devices that must be deployed and maintained while offering a common operating and administrative system across all those installations. This architecture simplifies the training of configuration, monitoring, support, and security personnel. To further minimize operations expenses, Cisco Adaptive Security Appliances (ASA) firewalls are also exceptionally network aware, allowing these devices to insert gracefully into the network without disrupting authorized traffic and processes.

How Progent's Cisco Certified Experts Can Help You with Cisco PIX and ASA Firewalls
Cisco's ASA Series firewalls and PIX family security appliances provide a wealth of setup, tracking, and troubleshooting features which offer you the flexibility to configure these security appliances to align optimally with your company's requirements. Progent's CCIE authorized network consultants can show you how to support your current network infrastructure that includes Cisco ASA or PIX firewalls and that provides protection, resilience, throughput, and manageability. Progent's firewall experts can also help you to migrate to ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-qualified IS security experts can assist your business to develop a security strategy that makes sense for your environment and can set up your PIX or ASA firewall to support your security policies. Progent's security evaluation professionals can evaluate the strength of your current firewall solution and help determine the security of your whole information system network. Progentís Help Desk support team can provide emergency online technical support for Cisco technology and offer quick access to a Cisco CCIE network engineer.

For additional details about Progent's engineering help for Cisco solutions, select a subject:

In order to contact Progent about technical assistance for Cisco products, call 1-800-993-9400 or refer to Contact Progent.

© 2002- 2019 Progent Corporation. All rights reserved.