Cisco's PIX family firewalls and ASA Series adaptive security appliances combine comprehensive firewall, intrusion protection, and Virtual Private Network functionality in a cost-effective, one-cabinet format. Both product lines have been replaced by Cisco's ASA 5500-X line of security appliances with Firepower Services. (See integration and debugging help with Cisco AA 5500-X firewalls with Firepower Services.) Still, both PIX and previous-generation Cisco ASA 5500 Series firewalls are extensively used and continue to offer small and mid-size organizations a viable firewall environment.

PIX and the original ASA 5500 firewalls offer powerful client and application policy enforcement, mutlivector assault defense, and safe connectivity features. The increased intelligence sharing of integrated protection services in a single package provides customers deploying these aggregated solutions the advantages of advanced protection, reduced TCO, and smaller management expense.

Cisco PIX firewalls and the ASA 5500 Series join Cisco IOS Firewall, the Firewall Services Module (FWSM) for Catalyst 6500 Series switches, and Cisco 7600 routers as components of Cisco's versatile, self-contained firewall solutions. Based on an expandable, building-block approach, every offering is designed with a specific array of options to provide more efficient protection to different network environments. These solutions can be independently installed to secure certain areas of the network infrastructure, or can be grouped for a systematic, defense-in-depth approach following the architecture best practices outlined in Cisco's SAFE framework. Rounding out the integrated firewall solutions, Cisco provides a comprehensive security management offering, spanning Cisco security appliance and Cisco IOS security components and embedded appliance controllers, to standalone management applications, helping to make sure that businesses can productively use their Cisco security solution investments.

PIX Security Appliance Series
PIX firewalls offer reliable user and application policy support, multivector attack defense, and safe connectivity features in affordable, simple-to-configure modules. These specialized appliances offer a wealth of built-in security and connectivity capabilities such as application-aware firewall services, Voice over IP (VoIP) and multimedia protection, robust site-to-site and remote-connectivity IPcec Virtual Private Network networking, fault tolerance, smart networking features, and flexible administration options. The Cisco PIX Security Appliance Series product line spans small plug-and-go devices for small offices or home offices to stackable high-bandwidth products with investment protection for enterprise and ISP customers, PIX firewalls deliver dependable security, speed, and reliability for environments of any size.

PIX Security Help

Built upon a hardened, purpose-built software platform that offers rich protection features, Cisco PIX firewalls provide excellent protection and have received EAL 4 status and ICSA Firewall and IP Security (IPsec) certification. Cisco PIX firewalls offer security for a broad range of Voice over IP and additional mixed-media conventions including H.323 Version 4, SIP, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), enabling businesses to protect deployments of a wide range of contemporary and next-generation IP voice and multimedia applications.

Cisco PIX firewall appliances offer a wealth of configuration, monitoring, and analysis features, giving IT managers the flexibility to utilize the methods that best match their requirements. Administrative solutions include common, policy-based administration tools, integrated web-based management, and support for remote-monitoring standards like SNMP and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system offers a powerful web-based management platform that significantly streamlines the installation, ongoing configuration, and monitoring of a single Cisco PIX firewall appliance without requiring any extra software beyond an ordinary web browser and Java plug-in to be installed on an administrator's PC.

Administrators can also remotely set up, track, and analyze PIX firewalls via a command-line interface. Safe CLI interface access is possible through a number of techniques such as SSHv2 Protocol, Telnet through IPsec, and out-of-band through a console port. PIX security appliances also include robust automatic-update capabilities, a collection advanced protected remote-administration options that ensure firewall configurations and software images are always up to date.

Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances Firewalls are purpose-built solutions that incorporate market-proven, best-of-breed protection and Virtual Private Network services plus a flexible architecture. The end product is a robust, multifunction network security solution better suited to protect small and medium business and larger networks and, at the same time, lower the overall installation and maintenance expenses previously associated with this enhanced degree of protection.

>Cisco Adaptive Security Appliances 5500 Series Firewalls Consultants
Cisco Adaptive Security Appliances Firewalls leverage technology behind Cisco's PIX 500 family Security Appliance, Cisco's IPS 4200 Series Intrusion Prevention System, and the VPN 3000 model concentrator. These solutions enable the Cisco Adaptive Security Appliances 5500 Series Firewall product line to offer a firewall that stops a broad range of threats. Cisco ASA Firewalls deliver program security, local containment, and safe Virtual Private Network connectivity across Cisco's product portfolio. This broad scope of protection allows defense of any network area, including the most typical attack vectors like remote sites, locally-connected internal users, and remote connected VPNs.

Cisco Adaptive Security Appliances 5500 Series firewalls provide strong application protection through smart, application-aware inspection engines that analyze traffic at Layers 4-7. The result is a safer network covering web, voice, and mobile wireless connectivity. To protect networks against application-layer assaults and to give organizations more control over the applications and protocols used in their environments, these inspection engines incorporate extensive application and protocol knowledge and rely on protection enforcement technologies that include anomaly detection and state monitoring. Also included are attack detection and mitigation technology such as application/protocol command filtering and content verification. Cisco Adaptive Security Appliances 5500 Series firewall inspection engines also deliver control over instant messaging and tunneling applications, enabling businesses to police usage policies and recover network bandwidth for critical business processes.

While improving network security, Cisco Adaptive Security Appliances firewalls also decrease installation and support expenses. By offering extensive VPN and protection services, the Cisco Adaptive Security Appliances (ASA) firewall can be used as the the only platform for a multitude of uses, allowing platform standardization. The Cisco ASA 5500 Series firewall can be deployed as a consolidated threat-protection device at a central location by leveraging its connectivity control, application inspection, and malicious assault mitigation technologies. The Cisco ASA 5500 Series firewall can also be deployed as a dedicated remote access solution using its Virtual Private Network features. As an alternative, the Cisco Adaptive Security Appliances 5500 Series firewall performs equally well in the network interior for inter-office connectivity control and to guard against worms, viruses, and other malicious code inside workers might unknowingly release into the environment. In small business and satellite office environments, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall acts as a total solution device providing comprehensive threat prevention and VPN functionality while fitting within the budgets and performance demands of these situations.

This versatile single-platform, many-solution design minimizes the number of appliances that must be deployed and maintained while offering a standard operating and management environment across all those installations. This approach simplifies the education of setup, monitoring, support, and protection staff. To further minimize maintenance expenses, Cisco Adaptive Security Appliances 5500 Series firewalls are also highly network conscious, allowing them to integrate seamlessly into the environment without disrupting authorized data flow and applications.

How Progent Can Help You with Cisco Firewalls
Cisco's ASA 5500 Series adaptive security appliances and PIX family security appliances provide a wealth of configuration, monitoring, and troubleshooting options which give you the ability to deploy these firewalls to align optimally with your company's requirements. Progent's CCIE authorized network professionals can assist you to support your current infrastructure that includes Cisco ASA and/or PIX firewalls and that provides security, fault tolerance, throughput, and manageability. Progent's firewall experts can also help you to migrate to ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-qualified IS security experts can help your business to develop a security strategy appropriate for your business and can configure your security appliance to support your security policies. Progent's security evaluation engineers can evaluate the effectiveness of your current firewall deployment and validate the security of your whole information system environment. Progentís Technical Response Center can provide urgent online troubleshooting for Cisco products and offer quick access to a Cisco expert.

For additional details concerning Progent's consulting help for Cisco technology, pick a topic:

If you wish to get in touch with Progent about consulting help for Cisco technology, call 1-800-993-9400 or refer to Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.