Cisco PIX family firewalls and Cisco ASA 5500 Series firewalls integrate next-generation firewall, intrusion defense, and VPN features in an affordable, single-box format. Both product lines have been replaced by Cisco's ASA 5500-X family of security appliances with Firepower. (Refer to integration and debugging help with ASA 5500-X firewalls with Firepower Services.) Still, both PIX and previous-generation Cisco ASA 5500 Series adaptive security appliances are extensively deployed and continue to offer small and mid-size companies a viable firewall solution.

PIX and the original ASA 5500 firewalls deliver powerful user and application policy support, mutlivector assault protection, and secure access features. The increased intelligence sharing of consolidated security features in a single package offers customers implementing these aggregated solutions the benefits of advanced security, reduced cost of ownership, and minimal maintenance expense.

Cisco PIX security appliances and the ASA 5500 product line combine with Cisco IOS Firewall, the FWSM for Catalyst 6500 family switches, and 7600 family routers as components of Cisco's flexible, self-contained firewall solutions. Based on an expandable, modular platform, each offering is designed with a particular feature set to deliver better protection to a variety of networking environments. These products can be independently installed to secure certain areas of a network infrastructure, or can be grouped for a layered, protection-in-depth strategy based on the architecture leading practices outlined in Cisco's SAFE Blueprint. Rounding out the integrated firewall solutions, Cisco has developed a comprehensive security management catalog, ranging from Cisco security appliance and IOS security features and embedded appliance controllers, to standalone management applications, helping to ensure that customers can effectively use their Cisco protection infrastructure investments.

PIX Firewalls
PIX firewalls offer robust user and application policy enforcement, multi-source attack defense, and safe networking services in affordable, simple-to-configure solutions. These purpose-built appliances offer a broad range of integrated protection and connectivity services including process-aware firewall features, VoIP and multimedia protection, reliable site-to-site and remote-connectivity IP Security Virtual Private Network (VPN) networking, excellent resiliency, smart networking features, and versatile administration options. The PIX Security Appliance Series product line spans compact plug-and-go devices for small offices and at home offices to stackable gigabit products with ROI for large business and service-provider customers, PIX firewall appliances provide dependable protection, performance, and availability for network environments of any size.

PIX Firewalls Help

Based around a hardened, specialized OS that delivers a wealth of security features, Cisco PIX firewalls offer excellent security and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IP Security (IPsec) certification. Cisco PIX security appliances provide protection for a wide array of Voice over IP and other mixed-media standards such as H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol, enabling businesses to protect deployments of a wide range of contemporary and upcoming Voice over IP and mixed-media applications.

Cisco PIX firewall appliances feature a wealth of configuration, tracking, and analysis features, providing businesses the flexibility to use the techniques that most closely meet their needs. Management solutions include common, policy-based management utilities, integrated web-accessible administration, and support for remote-tracking standards like SNMP and syslog. The integrated ASDM interface offers a powerful web-based management platform that greatly streamlines the deployment, ongoing configuration, and tracking of a specific PIX security appliance without requiring any extra utility beyond a standard web browser and Java plug-in to be running on an administrator's computer.

Administrators can furthermore remotely configure, monitor, and analyze PIX firewalls via a command-line interface. Safe command-line interface (CLI) access is possible using several techniques such as Secure Shell Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. PIX security appliances also include robust automatic-update capabilities, a set advanced protected remote-administration services that ensure firewall settings and software images are kept current.

Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco ASA 5500 Series Firewalls are specially engineered solutions that incorporate advanced, industry-leading security and VPN services with a flexible architecture. The result is a powerful, versatile network protection appliance better suited to defend small and medium business (SMB) and enterprise networks and, simultaneously, reduce the total installation and operations costs formerly associated with this high level of security.

>Cisco Adaptive Security Appliances (ASA) Firewalls Professional Services
Cisco Adaptive Security Appliances 5500 Series Firewalls leverage technology developed for the PIX 500 Series Security Appliance, the IPS 4200 Intrusion Prevention System, and the Cisco VPN 3000 model concentrator. These technologies converge on the Cisco Adaptive Security Appliances Firewall product line to deliver a platform that defends against a wide range of attacks. Cisco ASA 5500 Series Firewalls provide program security, local containment and control, and clean VPN functionality across Cisco's product line. This broad scope of protection enables the guarding of any network segment, including the most common attack vectors such as remote locations, LAN-connected internal users, and off-site access Virtual Private Networks.

Cisco ASA 5500 Series firewalls deliver robust application protection through smart, application-sensitive inspection processes that examine network flows at Layers 4-7. The result is a safer environment covering web, voice, and mobile wireless access. To defend environments from application-layer attacks and to offer businesses greater control over the applications and protocols utilized in their networks, Cisco's inspection engines integrate broad application and protocol knowledgebases and rely on protection enforcement technologies that include anomaly detection and application and protocol state tracking. Also incorporated are attack detection and remediation techniques including application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide management of IM and peer-to-peer file sharing, allowing organizations to enforce usage policies and free up network bandwidth for crucial business processes.

While improving security, Cisco Adaptive Security Appliances firewalls also decrease deployment and support costs. By providing extensive Virtual Private Network and protection services, the Cisco ASA 5500 Series firewall can be used as the the only platform for many environments, enabling platform standardization. The Cisco Adaptive Security Appliances firewall can be used as a consolidated attack-prevention device at the datacenter by leveraging its connectivity control, application inspection, and malicious assault remediation capabilities. The Cisco Adaptive Security Appliances (ASA) firewall can also be used as a specialized remote access device using its VPN features. As an alternative, the Cisco ASA firewall performs capably inside the network for inter-office access control and to guard against worms, viruses, and other malicious code inside users might inadvertently release into the network. For small business and satellite office environments, the Cisco Adaptive Security Appliances 5500 Series firewall acts as an all-in-one platform providing complete intrusion prevention and Virtual Private Network functionality while fitting within the budgets and performance demands of these deployments.

This versatile single-device, multiple-use approach minimizes the total number of devices that need to be deployed and managed while offering a standard functional and management environment across all those deployments. This approach streamlines the education of setup, tracking, troubleshooting, and security personnel. To further minimize operations expenses, Cisco Adaptive Security Appliances (ASA) firewalls are also exceptionally network conscious, enabling them to integrate gracefully into the network without disrupting authorized traffic and processes.

How Progent's Cisco Certified Experts Can Help You with Cisco Firewalls
Cisco ASA Series adaptive security appliances and PIX family security appliances provide an array of setup, monitoring, and analysis options which offer you the ability to deploy these firewalls to match your company's needs. Progent's CCIE authorized network consultants can assist you to support your existing network infrastructure that includes Cisco ASA and/or PIX security appliances and that provides security, fault tolerance, performance, and manageability. Progent's firewall experts can also help you to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISM-qualified IS security experts can help you to develop a security strategy appropriate for your situation and can configure your firewall to support your security policies. Progent's security evaluation experts can assess the strength of your current firewall deployment and help determine the security of your whole information system network. Progentís Technical Response Center (TRC) can deliver emergency remote technical support for Cisco products and can give you fast access to a Cisco expert.

To learn more information concerning Progent's consulting support for Cisco solutions, choose a subject:

If you wish to contact Progent about consulting support for Cisco technology, call 1-800-993-9400 or refer to Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.