Cisco's PIX family firewalls and Cisco ASA 5500 Series firewalls integrate next-generation firewall, intrusion defense, and Virtual Private Network (VPN) functionality in a cost-effective, single-cabinet package. Both of these product lines have been superseded by the ASA 5500-X series of security appliances with Firepower. (See configuration and troubleshooting support for ASA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and earlier-generation Cisco ASA 5500 Series firewalls are extensively deployed and continue to provide small and mid-size companies a viable firewall solution.

Cisco PIC and the original ASA 5500 firewalls offer robust user and program policy support, mutlivector attack defense, and safe access services. The increased knowledge sharing of consolidated protection features in a stand-alone package provides users implementing these aggregated solutions the benefits of enhanced security, reduced cost of ownership, and minimal management costs.

PIX security appliances and the ASA 5500 family join IOS Firewall, the Firewall Services Module (FWSM) for Cisco Catalyst 6500 switches, and Cisco 7600 routers as components of Cisco's flexible, integrated firewall solutions. Engineered with an expandable, modular approach, every offering is designed with a particular array of options to deliver more efficient security to a variety of network situations. These solutions can be individually deployed to protect certain areas of the connectivity environment, or can be grouped for a systematic, protection-in-depth approach based on the design leading practices described in Cisco's SAFE framework. Completing the integrated firewall product line, Cisco provides a comprehensive security management offering, ranging from Cisco security appliance and IOS security features and embedded appliance controllers, to standalone management utilities, helping to make sure that businesses can effectively manage their Cisco protection infrastructure investments.

PIX Firewalls
PIX firewall appliances deliver robust user and application policy enforcement, multi-source attack protection, and safe connectivity features in affordable, out-of-the-box modules. These specialized appliances offer a broad range of integrated protection and networking capabilities including application-aware firewall features, Voice over IP and multimedia protection, reliable multi-location and remote-connectivity IP Security Virtual Private Network (VPN) networking, excellent resiliency, smart networking features, and flexible management solutions. The Cisco PIX Security Appliance Series family ranges from compact plug-and-play desktop units for small or at home offices to stackable high-bandwidth products with investment protection for enterprise and service-provider environments, PIX firewalls deliver dependable protection, speed, and availability for network environments of all sizes.

Cisco PIX Firewalls Consultants

Based upon a hardened, specialized operating system that offers rich protection services, PIX security appliances provide excellent protection and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IP Security qualification. PIX firewall appliances provide security for a broad range of Voice over IP and additional multimedia standards such as H.323 Version 4, SIP, Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), and MGCP, helping organizations to safeguard deployments of a wide range of contemporary and upcoming IP voice and video applications.

Cisco PIX firewalls feature a variety of setup, monitoring, and troubleshooting options, providing IT managers the flexibility to utilize the techniques that most closely match their requirements. Administrative options include centralized, policy-based administration tools, integrated web-based management, and support for remote-tracking protocols like Simple Network Management Protocol (SNMP) and syslog. The integrated ASDM system provides a world-class web-accessible control solution that significantly simplifies the installation, ongoing configuration, and tracking of a specific Cisco PIX security appliance without the need of any additional software other than an ordinary browser and Java plug-in to be running on an administrator's PC.

IT managers can also remotely set up, monitor, and troubleshoot Cisco PIX firewalls using a command-line interface (CLI). Secure command-line interface (CLI) communication is available through a number of methods such as SSHv2 Protocol, Telnet over IPsec, and out-of-band through a console port. Cisco PIX security appliances also have dependable automatic-update capabilities, a collection of protected remote-administration services that make sure that firewall configurations and software images are always up to date.

Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls
Cisco ASA 5500 Series Firewalls are specially engineered solutions that incorporate advanced, best-of-breed protection and Virtual Private Network services with an adaptive design. The end product is a powerful, versatile network protection appliance better able to defend small and medium company and larger networks and, simultaneously, reduce the total installation and operations expenses previously required for this enhanced degree of security.

>Cisco Adaptive Security Appliances Firewalls Consulting Firm
Cisco ASA Firewalls build on engineering behind Cisco's PIX 500 family firewall, the IPS 4200 sensor, and the VPN 3000 model concentrator. These technologies converge on the Cisco ASA Firewall product line to offer a platform that defends against a broad range of threats. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls deliver application security, network containment, and clean VPN functionality throughout the entire product line. This broad scope of protection enables the guarding of any network segment, which includes the most common threat conduits like remote locations, LAN-attached inside users, and remote connected VPNs.

Cisco ASA firewalls provide a high-level of application security through smart, application-aware inspection processes that analyze traffic at Layers 4-7. This results in a more secure environment covering web, voice, and mobile wireless connectivity. To defend networks from application-layer assaults and to offer organizations greater control over the programs and protocols used in their environments, these inspection engines incorporate extensive application and protocol knowledge and rely on protection enforcement technologies that include protocol anomaly sensing and application and protocol state tracking. Also incorporated are attack sensing and mitigation techniques such as application and protocol command filters and content verification. Cisco ASA firewall inspection engines also provide management of instant messaging and peer-to-peer file sharing, allowing organizations to police usage policies and preserve network bandwidth for important business processes.

At the same time as improving security, Cisco ASA firewalls also lower deployment and support costs. By providing extensive Virtual Private Network and protection services, the Cisco Adaptive Security Appliances (ASA) firewall can be used as the single device for a multitude of uses, enabling product standardization. The Cisco ASA 5500 Series firewall can be used as a consolidated threat-protection appliance at a central location by taking advantage of its connectivity control, application inspection, and malware mitigation capabilities. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can also be deployed as a dedicated remote connectivity device using its Virtual Private Network capabilities. As an alternative, the Cisco Adaptive Security Appliances firewall performs equally well in the network interior for inter-office connectivity control and to guard against worms, viruses, and other malicious code inside workers may unknowingly release into the network. In small company and satellite office networks, the Cisco ASA firewall acts as a total solution device offering complete intrusion defense and VPN services while fitting within the cost structure and performance demands of these deployments.

This versatile single-device, many-solution approach reduces the number of appliances that need to be deployed and maintained while offering a common operating and administrative system across all installations. This approach streamlines the education of configuration, tracking, support, and protection personnel. To further minimize operations costs, Cisco Adaptive Security Appliances firewalls are also exceptionally network conscious, allowing these devices to integrate seamlessly into the environment without disrupting legitimate traffic and applications.

How Progent's Consultants Can Assist You with Cisco PIX and ASA Firewalls
Cisco ASA 5500 Series firewalls and PIX firewalls incorporate an array of configuration, tracking, and troubleshooting features that give you the ability to deploy these security appliances to match your business needs. Progent's CCIE certified network experts can show you how to maintain your existing infrastructure that includes Cisco ASA or PIX firewall technology and that offers protection, resilience, throughput, and recoverability. Progent can also help you to migrate to ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-qualified IS security professionals can assist you to develop a security strategy appropriate for your business and can set up your security appliance to enforce your security strategy. Progent's risk evaluation consultants can evaluate the strength of your current firewall solution and audit the overall security of your entire IS network. Progentís Help Desk support team can provide urgent remote technical support for Cisco products and offer quick access to a Cisco CCIE network engineer.

For more details concerning Progent's consulting help for Cisco technology, select a topic:

In order to get in touch with Progent about technical assistance for Cisco products, call 1-800-993-9400 or see Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.