Cisco PIX family security appliances and ASA 5500 Series adaptive security appliances combine comprehensive firewall, intrusion defense, and Virtual Private Network (VPN) technologies in an affordable, one-box format. Both of these product families have been replaced by Cisco's ASA 5500-X family of security appliances with Firepower. (Refer to configuration and debugging support for ASA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and first-generation Cisco ASA 5500 Series firewalls are extensively deployed and continue to deliver small and mid-size organizations a viable security environment.

Cisco PIC and legacy ASA 5500 firewalls deliver powerful client and application policy support, mutlivector attack protection, and safe access features. The increased knowledge sharing of integrated security features in a single platform provides users deploying these integrated firewalls the benefits of advanced protection, reduced TCO, and smaller management costs.

PIX security appliances and Cisco's ASA 5500 family combine with Cisco IOS Firewall, the FWSM for Catalyst 6500 switches, and 7600 Series routers as parts of Cisco's versatile, self-contained firewall product. Engineered with an expandable, building-block platform, each offering is designed with a particular array of options to deliver better protection to a variety of network situations. These products can be independently deployed to secure specific facets of the network infrastructure, or can be grouped for a systematic, protection-in-depth strategy following the architecture best practices described in the Cisco SAFE framework. Rounding out the integrated firewall product line, Cisco has developed a comprehensive security management catalog, spanning Cisco security device and Cisco IOS Software security components and embedded device controllers, to standalone management applications, helping to make sure that customers can productively use their Cisco protection infrastructure investments.

PIX Firewall Appliances
PIX Security Appliance Series deliver robust user and application policy enforcement, multivector invasion protection, and safe networking services in cost-effective, out-of-the-box modules. These specialized devices provide a broad range of built-in protection and networking capabilities including application-aware firewall services, VoIP and multimedia security, robust site-to-site and remote-connectivity IPcec VPN connectivity, high availability, intelligent networking features, and flexible management options. The Cisco PIX Security Appliance Series family ranges from compact plug-and-play appliances for small offices and at home offices to stackable high-bandwidth products with ROI for enterprise and ISP customers, Cisco PIX Security Appliance Series deliver dependable protection, speed, and reliability for networks of all sizes.

Cisco PIX Firewalls Help

Based around a tested, specialized OS that delivers a wealth of protection services, Cisco PIX firewalls offer a high level of protection and have earned EAL 4 status and ICSA Labs Firewall and IP Security certification. PIX firewall appliances provide protection for a wide range of VoIP and other multimedia standards such as H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol, and MGCP, helping organizations to safeguard deployments of a wide range of current and next-generation IP voice and multimedia applications.

PIX firewall appliances feature a wealth of setup, tracking, and analysis features, giving IT managers the flexibility to use the techniques that most closely meet their needs. Administrative options include centralized, policy-based administration tools, integrated web-based management, and compatibility with remote-monitoring standards like Simple Network Management Protocol (SNMP) and syslog. The integrated Adaptive Security Device Manager interface offers a world-class web-based management platform that significantly simplifies the deployment, ongoing configuration, and tracking of a specific Cisco PIX firewall appliance without the need of any additional software other than a standard browser and Java applet to be installed on an administrator's computer.

Administrators can also remotely configure, track, and analyze PIX firewalls using a command-line interface. Safe command-line interface access is possible through several techniques including SSHv2 Protocol, Telnet over IP Security (IPsec), and out-of-band via a console port. Cisco PIX firewalls also include dependable automatic-update capabilities, a collection advanced secure remote-management services that ensure firewall settings and software images are always up to date.

Cisco Adaptive Security Appliances (ASA) Firewalls
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls are purpose-built devices that bring together market-proven, industry-leading protection and Virtual Private Network support plus an adaptive architecture. The end product is a robust, multifunction network protection solution better suited to defend small and medium company and larger networks and, at the same time, lower the overall installation and operations expenses previously required for this high degree of security.

>Cisco ASA 5500 Series Firewalls Consulting
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls build on technology developed for Cisco's PIX 500 family Security Appliance, the IPS 4200 family sensor, and the VPN 3000 Series concentrator. These technologies enable the Cisco ASA 5500 Series Firewall family to deliver a platform that defends against a wide range of attacks. Cisco ASA 5500 Series Firewalls deliver program protection, network containment and control, and safe Virtual Private Network connectivity throughout the entire product portfolio. This breadth of protection allows defense of any network segment, including the most common attack vectors like remote sites, LAN-connected inside users, and remote connected VPNs.

Cisco Adaptive Security Appliances firewalls provide a high-level of application protection through smart, application-aware inspection engines that examine traffic at Layers 4-7. This results in a better protected environment including web, voice, and mobile wireless connectivity. To defend environments against application-layer assaults and to offer organizations greater control over the programs and protocols used in their networks, these inspection engines integrate extensive application and protocol knowledgebases and employ protection enforcement solutions such as anomaly sensing and application and protocol state monitoring. Also included are assault sensing and mitigation techniques including application and protocol command filters and content verification. Cisco ASA firewall inspection engines also provide control over IM and peer-to-peer file sharing, enabling organizations to police usage policies and preserve network bandwidth for vital business applications.

At the same time as improving network security, Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls also lower deployment and support costs. By providing broad VPN and protection services, the Cisco Adaptive Security Appliances (ASA) firewall can be used as the single device for a multitude of uses, enabling platform commonality. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as a converged threat-protection device at the datacenter by taking advantage of its access control, application inspection, and malware mitigation technologies. The Cisco ASA 5500 Series firewall can also be used as a dedicated remote connectivity device utilizing its VPN features. Alternatively, the Cisco ASA firewall serves equally well in the network interior for interdepartmental connectivity management and to guard against worms, viruses, and other malicious code inside users might unknowingly release into the environment. In small company and satellite office networks, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall serves as a total solution device offering comprehensive intrusion prevention and VPN functionality while suiting the cost structure and operational models of these deployments.

This versatile single-platform, multiple-use design reduces the number of appliances that need to be installed and maintained while providing a standard functional and administrative environment across all deployments. This approach streamlines the education of setup, monitoring, support, and protection staff. To further minimize maintenance costs, Cisco Adaptive Security Appliances firewalls are also highly network aware, enabling them to insert seamlessly into the environment without interfering with authorized traffic and applications.

How Progent's Consultants Can Help Your Business with Cisco PIX and ASA Security Appliances
Cisco's ASA 5500 Series adaptive security appliances and PIX security appliances provide an array of setup, monitoring, and troubleshooting features which give you the ability to set up these security appliances to align optimally with your company's needs. Progent's CCIE certified network professionals can assist you to maintain your existing network infrastructure that incorporates Cisco ASA or PIX security appliances and that offers security, resilience, performance, and manageability. Progent's firewall experts can also help you to migrate to ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISSP-ISSP-qualified information security professionals can assist your business to develop a security strategy that makes sense for your situation and can set up your security appliance to enforce your security strategy. Progent's risk evaluation engineers can assess the strength of your current firewall solution and validate the overall security of your whole IT environment. Progentís Help Desk support team can deliver urgent remote troubleshooting for Cisco technology and can give you quick access to a Cisco CCIE expert.

For more details concerning Progent's consulting support for Cisco solutions, pick a topic:

To ask Progent about engineering expertise for Cisco technology, phone 1-800-993-9400 or see Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.