Cisco PIX firewalls and ASA Series adaptive security appliances integrate comprehensive firewall, intrusion defense, and Virtual Private Network technologies in a cost-effective, one-cabinet format. Both product lines have been superseded by the ASA 5500-X family of security appliances with Firepower Services. (See integration and troubleshooting support for Cisco AA 5500-X firewalls with Firepower Services.) Still, PIX and first-generation Cisco ASA 5500 model firewalls are extensively used and continue to provide small and mid-size organizations a reliable security environment.

PIX and legacy ASA 5500 firewalls offer robust client and application policy support, mutlivector attack protection, and safe connectivity services. The enhanced intelligence sharing of integrated protection services in a single package provides customers deploying these aggregated solutions the advantages of enhanced protection, lower TCO, and minimal management expense.

PIX security appliances and the ASA 5500 family combine with IOS Firewall, the Firewall Services Module (FWSM) for Cisco Catalyst 6500 switches, and 7600 Series routers as components of Cisco's versatile, self-contained firewall line. Based on a scalable, building-block platform, every device is equipped with a specific array of options to deliver better protection to different network situations. These solutions can be individually installed to secure specific areas of the connectivity infrastructure, or can be combined for a systematic, protection-in-depth approach following the architecture leading practices described in Cisco's SAFE framework. Rounding out the integrated firewall solutions, Cisco provides a comprehensive security management portfolio, ranging from Cisco security appliance and Cisco IOS security components and embedded appliance managers, to self-contained management utilities, moving to ensure that businesses can effectively use their Cisco security infrastructure purchases.

PIX Security Appliance Series
PIX firewall appliances deliver reliable user and application policy support, multi-source attack protection, and secure networking features in cost-effective, easy-to-deploy solutions. These specialized devices provide a broad range of integrated security and connectivity capabilities such as process-aware firewall features, Voice over IP and multimedia security, robust multi-location and remote-access IP Security VPN connectivity, high availability, smart networking features, and flexible administration solutions. The Cisco PIX Security Appliance Series product line spans compact plug-and-play appliances for small or at home offices to stackable high-bandwidth appliances with ROI for enterprise and ISP customers, Cisco PIX Security Appliance Series provide dependable protection, performance, and availability for environments of any size.

PIX Firewalls Consultants

Built around a tested, specialized operating system that delivers rich security features, PIX security appliances offer a high level of protection and have received Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IPsec certification. Cisco PIX firewalls offer protection for a wide range of Voice over IP and additional multimedia conventions including H.323 Version 4, SIP, Cisco Skinny Client Control Protocol (SCCP), RTSP, and Media Gateway Control Protocol (MGCP), enabling organizations to safeguard deployments of a wide array of contemporary and next-generation Voice over IP and video applications.

PIX security appliances offer a variety of configuration, monitoring, and analysis options, providing IT managers the flexibility to utilize the techniques that best meet their requirements. Management solutions include centralized, policy-based administration tools, integrated web-accessible management, and support for remote-monitoring protocols like SNMP and syslog. The integrated Adaptive Security Device Manager interface provides a powerful web-accessible control platform that greatly streamlines the deployment, in-place modification, and tracking of a specific PIX firewall without the need of any extra software other than a standard web browser and Java plug-in to be running on a manager's computer.

IT managers can furthermore remotely set up, track, and troubleshoot Cisco PIX firewalls via a command-line interface (CLI). Safe command-line interface access is possible through several techniques including Secure Shell (SSHv2) Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. PIX firewall appliances also have dependable automatic-update capabilities, a set advanced protected remote-administration options that make sure that firewall settings and software images are always up to date.

Cisco ASA Firewalls
Cisco Adaptive Security Appliances 5500 Series Firewalls are purpose-built solutions that bring together market-proven, best-of-breed protection and Virtual Private Network support plus an adaptive design. The end product is a robust, versatile network protection solution better suited to defend small and midsize business (SMB) and enterprise networks and, at the same time, reduce the total deployment and maintenance expenses formerly associated with this high degree of security.

>Cisco Adaptive Security Appliances Firewalls Experts
Cisco Adaptive Security Appliances 5500 Series Firewalls leverage engineering behind the PIX 500 family Security Appliance, the Cisco IPS 4200 family sensor, and the Cisco VPN 3000 Series concentrator. These solutions enable the Cisco Adaptive Security Appliances (ASA) Firewall product line to deliver a firewall that defends against a wide range of threats. Cisco ASA Firewalls deliver program security, network containment and control, and safe Virtual Private Network connectivity throughout the entire product portfolio. This breadth of security enables defense of any network area, including the most typical attack conduits like remote sites, locally-connected inside users, and remote access Virtual Private Networks.

Cisco ASA firewalls provide strong application security through intelligent, application-aware inspection engines that examine traffic at Layers 4-7. This produces a better protected network including web, voice, and mobile wireless connectivity. To protect networks from application-layer attacks and to give businesses greater control over the applications and protocols used in their networks, Cisco's inspection engines incorporate extensive application and protocol knowledgebases and rely on security enforcement solutions that include protocol anomaly sensing and state tracking. Also included are assault sensing and remediation technology such as application/protocol command filters and content verification. Cisco ASA firewall inspection engines also deliver control over IM and peer-to-peer file sharing, enabling organizations to police usage policies and preserve bandwidth for crucial business processes.

At the same time as increasing network security, Cisco Adaptive Security Appliances (ASA) firewalls also decrease deployment and operational expenses. By providing extensive VPN and security functions, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be a the only platform for many environments, enabling platform standardization. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as a consolidated threat-protection device at a central location by taking advantage of its connectivity control, application inspection, and malware remediation technologies. The Cisco Adaptive Security Appliances (ASA) firewall can also be deployed as a dedicated remote connectivity device using its VPN capabilities. As an alternative, the Cisco ASA firewall operates equally well in the network interior for interdepartmental access management and to defend against malicious assaults internal users may unwittingly release into the environment. In small business and branch office environments, the Cisco Adaptive Security Appliances firewall serves as a total solution platform providing comprehensive threat defense and VPN functionality while fitting within the cost structure and performance demands of such deployments.

This versatile one-device, multiple-use design reduces the total number of appliances that must be deployed and managed while providing a common functional and administrative system across all those installations. This approach simplifies the training of setup, tracking, support, and security staff. To further minimize operations costs, Cisco ASA 5500 Series firewalls are also highly network aware, enabling them to integrate gracefully into the environment without disrupting authorized data flow and applications.

How Progent's Cisco Certified Experts Can Help You with Cisco PIX and ASA Firewalls
Cisco's ASA Series firewalls and PIX firewalls incorporate an array of setup, tracking, and analysis options which offer you the ability to configure these firewalls to align optimally with your business requirements. Progent's CCIE certified network professionals can assist you to maintain your current infrastructure that incorporates Cisco ASA or PIX firewall technology and that provides protection, resilience, throughput, and recoverability. Progent can also assist your organization to migrate to ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-qualified information security experts can assist your business to create a security policy that makes sense for your situation and can configure your firewall to enforce your security strategy. Progent's risk evaluation professionals can assess the strength of your existing firewall solution and help determine the overall security of your entire IT environment. Progentís Help Desk support team can provide urgent online technical support for Cisco technology and offer quick access to a Cisco CCIE expert.

To find out more details about Progent's engineering help for Cisco products, pick a subject:

If you wish to get in touch with Progent about consulting expertise for Cisco products, phone 1-800-993-9400 or see Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.