Cisco's PIX security appliances and Cisco ASA 5500 Series firewalls integrate comprehensive firewall, intrusion protection, and Virtual Private Network features in a cost-effective, one-box package. Both of these product lines have been superseded by the ASA 5500-X family of security appliances with Firepower. (Refer to integration and debugging help with Cisco AA 5500-X firewalls with Firepower Services.) Nevertheless, PIX and first-generation Cisco ASA 5500 Series adaptive security appliances are widely used and continue to deliver small and mid-size organizations a reliable security environment.

PIX and legacy ASA 5500 firewalls deliver powerful client and program policy support, mutlivector attack protection, and safe connectivity services. The increased intelligence sharing of consolidated protection services in a stand-alone package provides customers implementing these integrated firewalls the benefits of advanced security, lower TCO, and smaller maintenance expense.

PIX security appliances and Cisco's ASA 5500 Series join Cisco IOS Firewall, the Firewall Services Module (FWSM) for Catalyst 6500 Series switches, and Cisco 7600 Series routers as parts of Cisco's versatile, integrated firewall product. Engineered with a scalable, modular platform, each device is equipped with a particular array of options to provide more efficient security to different networking environments. These products can be independently installed to secure specific areas of the network infrastructure, or can be grouped for a layered, protection-in-depth approach based on the design best practices described in Cisco's SAFE framework. Rounding out the modular firewall product line, Cisco has developed a complete security management portfolio, spanning Cisco security device and Cisco IOS Software security components and built-in appliance controllers, to standalone management applications, moving to make sure that businesses can effectively use their Cisco protection infrastructure investments.

PIX Firewalls
PIX firewalls deliver reliable user and application policy enforcement, multi-source attack defense, and secure connectivity features in affordable, simple-to-configure solutions. These purpose-built appliances provide a broad range of integrated security and connectivity services such as application-aware firewall services, VoIP and multimedia security, robust site-to-site and remote-access IPcec Virtual Private Network networking, fault tolerance, intelligent networking services, and versatile administration solutions. The PIX firewall family spans compact plug-and-go devices for small or at home offices to stackable gigabit products with ROI for large business and service-provider environments, Cisco PIX firewall appliances provide high levels of security, speed, and availability for network environments of any size.

Cisco PIX Firewalls Consultants

Built around a hardened, specialized software platform that delivers a wealth of security services, PIX firewalls provide a high level of security and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IPsec certification. PIX firewall appliances offer protection for a broad range of Voice over IP and additional multimedia conventions such as H.323 Version 4, Session Initiation Protocol, SCCP, Real-Time Streaming Protocol (RTSP), and MGCP, enabling organizations to safeguard installations of a wide range of contemporary and upcoming VoIP and multimedia applications.

Cisco PIX security appliances feature a wealth of setup, monitoring, and analysis features, providing IT managers the versatility to use the techniques that most closely meet their requirements. Administrative solutions include common, policy-based administration tools, integrated web-accessible administration, and support for remote-tracking protocols such as SNMP and syslog. The integrated ASDM interface provides a powerful web-based control solution that significantly simplifies the installation, ongoing configuration, and tracking of a specific PIX security appliance without requiring any additional software beyond a standard web browser and Java applet to be running on an administrator's PC.

Administrators can furthermore remotely set up, monitor, and troubleshoot Cisco PIX firewalls using a command-line interface. Secure CLI interface access is possible through a number of methods such as SSHv2 Protocol, Telnet over IP Security, and out-of-band through a console port. Cisco PIX firewalls also include dependable auto-update features, a set of protected remote-administration options that ensure security settings and software images are always up to date.

Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances Firewalls are purpose-built solutions that bring together advanced, industry-leading security and VPN support with an adaptive architecture. The end product is a robust, versatile network security solution better able to protect small and medium business (SMB) and larger networks and, simultaneously, lower the total deployment and maintenance costs formerly associated with this enhanced degree of protection.

>Cisco Adaptive Security Appliances 5500 Series Firewalls Consulting Firm
Cisco ASA 5500 Series Firewalls leverage engineering behind Cisco's PIX 500 Series firewall, the IPS 4200 Intrusion Prevention System, and the VPN 3000 Series concentrator. These technologies enable the Cisco Adaptive Security Appliances Firewall product line to deliver a platform that defends against a wide range of attacks. Cisco Adaptive Security Appliances 5500 Series Firewalls deliver program protection, network containment, and safe Virtual Private Network functionality across Cisco's product line. This broad scope of protection allows the guarding of any network segment, including the most typical threat vectors like remote sites, LAN-connected inside users, and remote connected Virtual Private Networks.

Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls deliver a high-level of application protection via smart, application-aware inspection engines that analyze network flows at Layers 4-7. This results in a safer network including web, voice, and mobile wireless access. To defend environments from application-layer attacks and to give organizations more policing of the programs and protocols utilized in their environments, Cisco's inspection engines integrate broad application and protocol knowledge and employ protection enforcement technologies such as anomaly sensing and state monitoring. Also included are attack detection and remediation technology such as application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also provide management of IM and tunneling applications, enabling businesses to enforce usage policies and free up bandwidth for important business applications.

At the same time as improving security, Cisco Adaptive Security Appliances firewalls also decrease deployment and support expenses. By offering broad VPN and security functions, the Cisco Adaptive Security Appliances 5500 Series firewall can be a the only platform for many uses, enabling platform standardization. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be deployed as a converged attack-prevention device at a central location by leveraging its access control, process inspection, and worm, virus, and other malware mitigation capabilities. The Cisco Adaptive Security Appliances firewall can also be deployed as a dedicated remote connectivity device utilizing its Virtual Private Network features. As an alternative, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall performs equally well in the network interior for inter-office access control and to defend against worms, viruses, and other malicious code inside users might unwittingly release into the environment. In small company and satellite office environments, the Cisco Adaptive Security Appliances 5500 Series firewall acts as an all-in-one platform offering comprehensive threat defense and Virtual Private Network functionality while fitting within the budgets and operational models of such situations.

This adaptive single-platform, multiple-solution approach minimizes the total number of appliances that must be installed and managed while providing a common functional and administrative environment across all those installations. This approach streamlines the education of setup, tracking, troubleshooting, and security staff. To further reduce operations costs, Cisco ASA 5500 Series firewalls are also exceptionally network aware, allowing them to insert seamlessly into the network without interfering with authorized traffic and applications.

How Progent Can Help Your Business with Cisco PIX and ASA Firewalls
Cisco's ASA Series adaptive security appliances and PIX family firewalls incorporate an array of setup, monitoring, and troubleshooting options which offer you the flexibility to set up these security appliances to align optimally with your company's requirements. Progent's CCIE authorized network professionals can show you how to maintain your current network infrastructure that includes Cisco ASA or PIX firewalls and that provides protection, resilience, throughput, and manageability. Progent can also help your organization to migrate to ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-certified IS security engineers can assist you to create a security policy appropriate for your business and can configure your PIX or ASA firewall to enforce your security policies. Progent's security assessment professionals can evaluate the strength of your existing firewall solution and help determine the overall security of your whole IT network. Progentís Help Desk Call Center can deliver urgent remote technical support for Cisco technology and offer quick access to a Cisco CCIE network engineer.

For more details about Progent's professional expertise for Cisco products, choose a subject:

If you wish to get in touch with Progent about consulting support for Cisco technology, call 1-800-993-9400 or see Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.