Cisco IT Consultants PIX and ASA Firewall Support From CCIE and CCNA Qualified Professionals
Cisco's PIX firewalls and ASA Series firewalls combine next-generation firewall, intrusion defense, and Virtual Private Network (VPN) functionality in an economical, one-cabinet format. Both device series offer robust client and program policy enforcement, mutlivector assault protection, and secure connectivity services. The enhanced knowledge sharing of integrated security services in a stand-alone platform offers customers deploying these integrated solutions the benefits of advanced security, reduced cost of ownership, and smaller operational costs.
Cisco PIX firewalls and the ASA 5500 Series combine with Cisco IOS Firewall, the Firewall Services Module for Cisco Catalyst 6500 family switches, and 7600 routers as components of Cisco's flexible, self-contained firewall line. Based on a scalable, modular platform, each offering is designed with a particular array of options to deliver better protection to different network environments. These solutions can be individually installed to protect certain facets of the connectivity infrastructure, or can be combined for a systematic, defense-in-depth approach following the architecture best practices described in Cisco's SAFE framework. Completing the modular firewall solutions, Cisco has developed a comprehensive security management offering, spanning Cisco security appliance and IOS security components and built-in appliance controllers, to self-contained management utilities, moving to ensure that businesses can productively manage their Cisco protection solution purchases.
PIX Firewalls
The market-leading PIX Security Appliance Series deliver reliable user and application policy enforcement, multi-source invasion defense, and secure networking features in economical, out-of-the-box solutions. These purpose-built devices offer a broad range of integrated security and connectivity capabilities including advanced process-aware firewall features, market-leading VoIP and multimedia protection, reliable multi-site and remote-connectivity IP Security (IPSec) Virtual Private Network networking, high availability, intelligent networking features, and versatile management options. The Cisco PIX firewall product line ranges from compact plug-and-go devices for small offices or at home offices to modular high-bandwidth products with superior ROI for large business and ISP environments, PIX firewall appliances deliver dependable protection, speed, and reliability for network environments of all sizes.
Based around a hardened, purpose-built operating system that delivers a wealth of protection services, PIX firewall appliances offer the advanced security and have received many industry evaluations such as Common Criteria Evaluation Assurance Level (EAL) 4 status, plus ICSA Firewall and IP Security qualification. Cisco PIX firewalls offer advanced security for a broad range of VoIP and additional mixed-media conventions such as H.323 v. 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), helping organizations to secure installations of a broad array of contemporary and next-generation VoIP and multimedia applications.
PIX firewalls offer a wealth of setup, monitoring, and analysis options, giving IT managers the flexibility to use the methods that most closely meet their requirements. Management options range from common, policy-based management tools to integrated Web-accessible administration to compatibility with remote-monitoring standards such as Simple Network Management Protocol and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system offers a powerful Web-based control solution that greatly streamlines the installation, in-place configuration, and tracking of a specific PIX security appliance without the need of any extra software beyond a standard browser and Java plug-in to be running on an administrator's PC. IT managers can furthermore remotely set up, monitor, and troubleshoot Cisco PIX firewalls via a CLI interface. Protected command-line interface (CLI) access is available through a number of techniques, such as Secure Shell Protocol, Telnet through IPSec, and out-of-band via a console port. PIX firewall appliances also include robust auto-update features, a set of revolutionary protected remote-administration options that make sure that firewall settings and software images are always up to date. Also, PIX firewall appliances are supported by several configuration and monitoring tools available from Cisco Architecture for Voice, Video and Integrated Data partners.
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls
Cisco Adaptive Security Appliances 5500 Series Firewalls are specially engineered devices that bring together market-proven, best-of-breed security and Virtual Private Network services plus a new generation, flexible design. The result is a powerful, multifunction network protection appliance better suited to protect small and medium business and larger networks and, simultaneously, lower the overall deployment and operations expenses of this unprecedented degree of security.
Cisco ASA Firewalls leverage technology developed for the Cisco PIX 500 firewall, Cisco's IPS 4200 family Intrusion Prevention System, and the VPN 3000 Series concentrator. These solutions converge on the Cisco Adaptive Security Appliances 5500 Series Firewall product line to offer a platform that stops the widest variety of threats. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls deliver application security, anti-X defense, local containment and control, and safe VPN functionality throughout Cisco's product line. This breadth of protection enables the guarding of any network segment, which includes the most typical attack vectors like remote locations, LAN-connected inside users, and off-site connected Virtual Private Networks.
Cisco ASA firewalls provide a high-level of application protection through smart, application-aware inspection engines that analyze network flows at Layers 4-7. This results in a more secure network including Web, voice, and mobile wireless connectivity. To defend environments from application-layer attacks and to offer organizations greater control over the programs and protocols utilized in their networks, these inspection engines integrate broad application and protocol knowledge and rely on protection enforcement solutions that include anomaly sensing and state monitoring. Also incorporated are attack sensing and mitigation techniques including application/protocol command filters and content verification. Cisco Adaptive Security Appliances 5500 Series firewall inspection engines also provide management of instant messaging and tunneling applications, allowing businesses to enforce usage policies and preserve bandwidth for crucial business processes.
At the same time as increasing network protection, Cisco Adaptive Security Appliances (ASA) firewalls also decrease installation and operational costs. By providing extensive Virtual Private Network and security services, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as the single device for a multitude of environments, enabling platform commonality. The Cisco Adaptive Security Appliances firewall can be deployed as a consolidated threat-prevention device at a central location by leveraging its access control, application inspection, and malicious assault mitigation capabilities. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can also be used as a specialized remote connectivity solution using its Virtual Private Network features. Alternatively, the Cisco Adaptive Security Appliances 5500 Series firewall serves equally well in the network interior for interdepartmental connectivity management and to defend against malware inside users may unknowingly introduce into the environment. In small company and branch office environments, the Cisco ASA firewall acts as a total solution device providing complete threat prevention and VPN services while suiting the cost structure and operational models of these deployments. This versatile one-device, multiple-use approach reduces the amount of devices that must be deployed and maintained while providing a common functional and management system across all deployments. This architecture streamlines the education of setup, monitoring, troubleshooting, and security personnel. To further reduce operations costs, Cisco ASA firewalls are also highly network conscious, enabling them to integrate seamlessly into the network without disrupting legitimate traffic and applications.
How Progent Can Help You with Cisco PIX and ASA Security Appliances
Cisco's PIX firewalls and Cisco ASA 5500 Series adaptive security appliances incorporate an array of configuration, monitoring, and troubleshooting options that give you the ability to configure these security appliances to meet your business needs. Progent's CISSP authorized security consulting can help you to develop a security strategy that makes sense for your business and can set up your security appliance to support your protection strategy. Progent's CISA-qualified IS security audit experts and GIAC-qualified system security consultants can assess the effectiveness of your existing firewall deployment and audit the overall security of your whole IS network.
Progent also can analyze your security appliances either remotely and onsite, and can train your in-house network support staff to configure and support your PIX or ASA firewalls.
To see additional information about Progent's professional assistance for Cisco products, select a topic:
