Cisco PIX family security appliances and ASA 5500 Series adaptive security appliances combine comprehensive firewall, intrusion protection, and Virtual Private Network (VPN) functionality in an economical, one-cabinet package. Both of these product families have been replaced by Cisco's ASA 5500-X family of security appliances with Firepower Services. (Refer to integration and troubleshooting help with Cisco AA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and previous-generation ASA 5500 model adaptive security appliances are widely deployed and continue to offer small and mid-size companies a reliable security environment.

PIX and the original ASA 5500 firewalls deliver powerful client and application policy support, mutlivector attack defense, and safe connectivity services. The increased intelligence sharing of consolidated security features in a stand-alone platform provides users deploying these aggregated firewalls the advantages of enhanced security, reduced cost of ownership, and minimal maintenance expense.

PIX security appliances and the ASA 5500 product line combine with Cisco IOS Firewall, the FWSM for Catalyst 6500 family switches, and 7600 Series routers as parts of Cisco's versatile, self-contained firewall product. Engineered with a scalable, building-block approach, each offering is designed with a particular array of options to deliver better protection to a variety of networking situations. These solutions can be individually installed to secure certain facets of a connectivity infrastructure, or can be combined for a layered, defense-in-depth strategy based on the design best practices outlined in Cisco's SAFE Blueprint. Rounding out the integrated firewall solutions, Cisco provides a complete security management catalog, spanning Cisco security appliance and IOS security components and built-in device controllers, to self-contained management utilities, moving to ensure that customers can effectively use their Cisco security infrastructure investments.

Cisco PIX Firewalls
PIX Security Appliance Series deliver reliable policy enforcement, multivector invasion defense, and secure networking services in cost-effective, easy-to-deploy modules. These specialized devices offer a broad range of integrated security and connectivity capabilities including process-aware firewall features, Voice over IP and multimedia protection, robust multi-location and remote-connectivity IP Security Virtual Private Network networking, high availability, intelligent networking services, and versatile management options. The PIX firewall product line spans small plug-and-go devices for small offices and home offices to stackable gigabit appliances with investment protection for large business and service-provider customers, Cisco PIX firewall appliances provide high levels of protection, performance, and reliability for environments of any size.

Cisco PIX Security Consulting Firm

Built upon a tested, purpose-built software platform that offers rich protection features, PIX firewall appliances provide a high level of security and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IPsec certification. Cisco PIX firewall appliances provide security for a wide array of VoIP and other multimedia standards including H.323 Version 4, Session Initiation Protocol, SCCP, RTSP, and MGCP, helping businesses to safeguard installations of a broad array of current and upcoming VoIP and video applications.

PIX security appliances offer a wealth of setup, tracking, and troubleshooting options, giving IT managers the flexibility to utilize the techniques that best meet their requirements. Management options include centralized, policy-based administration utilities, integrated web-accessible administration, and support for remote-tracking standards such as Simple Network Management Protocol (SNMP) and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system provides a world-class web-accessible management solution that greatly simplifies the deployment, ongoing configuration, and monitoring of a specific Cisco PIX security appliance without the need of any additional utility other than an ordinary web browser and Java plug-in to be installed on a manager's computer.

IT managers can furthermore remotely set up, track, and analyze Cisco PIX security appliances via a command-line interface. Secure command-line interface communication is possible using several techniques including Secure Shell Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. PIX security appliances also have robust automatic-update features, a collection of protected remote-management services that ensure security settings and software images are kept up to date.

Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls
Cisco ASA Firewalls are purpose-built solutions that bring together market-proven, industry-leading protection and VPN services plus a flexible architecture. The result is a powerful, multifunction network protection appliance better able to defend small and midsize business and larger networks and, simultaneously, lower the overall installation and maintenance expenses formerly required for this enhanced degree of security.

>Cisco ASA 5500 Series Firewalls Professional Services
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls build on technology developed for Cisco's PIX 500 firewall, the Cisco IPS 4200 sensor, and Cisco's VPN 3000 Series concentrator. These technologies enable the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall family to deliver a firewall that stops a broad range of attacks. Cisco ASA 5500 Series Firewalls deliver application protection, network containment, and safe VPN connectivity across the entire product portfolio. This breadth of security allows defense of any network section, which includes the most typical attack conduits such as remote sites, locally-connected internal users, and off-site connected VPNs.

Cisco Adaptive Security Appliances (ASA) firewalls provide robust application security via intelligent, application-sensitive inspection processes that analyze network flows at Layers 4-7. This produces a more secure environment including web, voice, and mobile wireless services. To defend networks against application-layer attacks and to give organizations more policing of the applications and protocols used in their environments, Cisco's inspection engines incorporate extensive application and protocol knowledgebases and employ security enforcement technologies such as protocol anomaly detection and application and protocol state tracking. Also included are attack detection and remediation techniques including application and protocol command filters and content verification. Cisco ASA 5500 Series firewall inspection engines also provide control over instant messaging and peer-to-peer file sharing, allowing organizations to enforce usage policies and preserve bandwidth for important business applications.

While improving security, Cisco Adaptive Security Appliances 5500 Series firewalls also lower installation and operational costs. By offering extensive Virtual Private Network and protection functions, the Cisco Adaptive Security Appliances 5500 Series firewall can be a single device for many uses, allowing platform standardization. The Cisco Adaptive Security Appliances 5500 Series firewall can be deployed as a consolidated attack-prevention device at the datacenter by taking advantage of its connectivity control, process inspection, and malware remediation technologies. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can also be used as a specialized remote access device utilizing its Virtual Private Network capabilities. As another option, the Cisco Adaptive Security Appliances firewall operates equally well inside the network for interdepartmental access management and to defend against malware internal workers may unwittingly release into the network. In small business and satellite office environments, the Cisco Adaptive Security Appliances 5500 Series firewall acts as a total solution device providing comprehensive threat prevention and Virtual Private Network services while suiting the budgets and operational models of such deployments.

This adaptive one-platform, multiple-solution design minimizes the total number of appliances that must be deployed and maintained while offering a common functional and administrative environment across all those installations. This approach simplifies the training of setup, tracking, troubleshooting, and protection staff. To further minimize maintenance costs, Cisco Adaptive Security Appliances 5500 Series firewalls are also highly network conscious, allowing these devices to insert seamlessly into the environment without disrupting legitimate data flow and applications.

How Progent Can Assist Your Business with Cisco PIX and ASA Firewalls
Cisco ASA Series adaptive security appliances and PIX family firewalls provide a wealth of configuration, tracking, and troubleshooting options that offer you the ability to configure these firewalls to match your business needs. Progent's CCIE authorized network professionals can help you to maintain your current network infrastructure that incorporates Cisco ASA or PIX security appliances and that provides security, resilience, performance, and recoverability. Progent's firewall experts can also help you to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISSP-ISSP-certified information security professionals can assist you to create a security strategy appropriate for your situation and can set up your firewall to enforce your security policies. Progent's security evaluation consultants can assess the strength of your current firewall deployment and validate the security of your entire information system environment. Progentís Technical Response Center (TRC) can deliver urgent remote technical support for Cisco products and offer quick access to a Cisco network engineer.

To see more information about Progent's engineering help for Cisco technology, select a topic:

To get in touch with Progent about professional assistance for Cisco products, phone 1-800-993-9400 or visit Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.