Cisco's PIX firewalls and Cisco ASA 5500 Series firewalls combine next-generation firewall, intrusion defense, and VPN features in an economical, single-cabinet package. Both of these product families have been replaced by the ASA 5500-X line of firewalls with Firepower Services. (Refer to configuration and troubleshooting expertise for ASA 5500-X firewalls with Firepower Services.) Still, PIX and first-generation Cisco ASA 5500 model adaptive security appliances are widely deployed and continue to deliver small and mid-size companies a viable firewall environment.

Cisco PIC and the original ASA 5500 firewalls offer powerful user and program policy support, mutlivector attack defense, and safe access features. The enhanced knowledge sharing of integrated protection features in a single platform provides customers implementing these aggregated solutions the benefits of enhanced protection, reduced cost of ownership, and minimal maintenance expense.

PIX firewalls and Cisco's ASA 5500 product line combine with Cisco IOS Firewall, the Firewall Services Module for Cisco Catalyst 6500 family switches, and Cisco 7600 Series routers as parts of Cisco's versatile, integrated firewall solutions. Based on a scalable, modular approach, every offering is designed with a particular feature set to provide more efficient security to a variety of network situations. These solutions can be individually installed to protect certain facets of the network environment, or can be grouped for a systematic, defense-in-depth strategy following the architecture best practices described in the Cisco SAFE Blueprint. Rounding out the modular firewall solutions, Cisco provides a comprehensive security management offering, spanning Cisco security appliance and IOS security components and embedded appliance managers, to standalone management applications, moving to make sure that businesses can effectively manage their Cisco protection infrastructure investments.

PIX Firewall Appliances
PIX firewalls offer robust policy support, multi-source invasion defense, and safe connectivity features in affordable, simple-to-configure modules. These purpose-built appliances offer a wealth of integrated security and connectivity capabilities including application-aware firewall features, Voice over IP and multimedia security, reliable multi-location and remote-connectivity IP Security Virtual Private Network connectivity, high availability, smart networking services, and versatile management solutions. The PIX firewall product line ranges from small plug-and-go appliances for small or home offices to modular gigabit appliances with ROI for enterprise and service-provider environments, Cisco PIX Security Appliance Series provide dependable protection, speed, and reliability for environments of all sizes.

Cisco PIX Security Help

Built upon a hardened, purpose-built software platform that delivers rich protection services, PIX firewalls offer a high level of security and have received EAL 4 status and ICSA Firewall and IP Security certification. Cisco PIX firewalls provide protection for a wide range of Voice over IP and additional multimedia conventions such as H.323 Version 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, RTSP, and MGCP, helping organizations to protect deployments of a broad array of current and next-generation Voice over IP and mixed-media applications.

Cisco PIX firewall appliances offer a wealth of configuration, monitoring, and troubleshooting options, providing businesses the flexibility to use the techniques that most closely match their needs. Administrative solutions include common, policy-based administration utilities, integrated web-accessible management, and compatibility with remote-tracking protocols like Simple Network Management Protocol (SNMP) and syslog. The integrated Adaptive Security Device Manager system provides a powerful web-accessible control solution that greatly simplifies the installation, ongoing modification, and tracking of a single Cisco PIX firewall without requiring any extra software other than a standard browser and Java applet to be running on a manager's PC.

IT managers can also remotely configure, track, and troubleshoot Cisco PIX security appliances using a CLI interface. Secure command-line interface (CLI) access is possible using a number of methods such as Secure Shell Protocol, Telnet through IPsec, and out-of-band via a console port. PIX firewall appliances also include dependable automatic-update features, a collection advanced secure remote-administration services that ensure firewall configurations and software images are kept current.

Cisco Adaptive Security Appliances (ASA) Firewalls
Cisco Adaptive Security Appliances Firewalls are purpose-built devices that incorporate market-proven, best-of-breed protection and Virtual Private Network support plus an adaptive architecture. The end product is a powerful, multifunction network protection solution better suited to protect small and medium company and larger networks and, at the same time, reduce the overall deployment and operations costs formerly associated with this high level of protection.

Cisco Adaptive Security Appliances (ASA) Firewalls Consulting
Cisco Adaptive Security Appliances Firewalls build on technology behind Cisco's PIX 500 firewall, Cisco's IPS 4200 family sensor, and Cisco's VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) Firewall family to deliver a platform that defends against a broad range of threats. Cisco Adaptive Security Appliances Firewalls deliver program protection, local containment and control, and clean Virtual Private Network connectivity throughout Cisco's product line. This breadth of security enables the guarding of any network segment, including the most typical attack vectors such as remote locations, LAN-attached inside users, and remote access Virtual Private Networks.

Cisco Adaptive Security Appliances (ASA) firewalls provide robust application security via smart, application-aware inspection processes that examine network flows at Layers 4-7. This produces a more secure network including web, voice, and mobile wireless services. To defend networks against application-layer assaults and to offer businesses greater control over the programs and protocols used in their environments, these inspection engines integrate broad application and protocol knowledge and employ protection enforcement solutions that include anomaly sensing and state tracking. Also incorporated are assault detection and remediation technology such as application/protocol command filtering and content verification. Cisco ASA 5500 Series firewall inspection engines also provide control over IM and tunneling applications, allowing organizations to enforce usage policies and preserve network bandwidth for crucial business applications.

While increasing network security, Cisco ASA 5500 Series firewalls also lower installation and support expenses. By offering extensive Virtual Private Network and security functions, the Cisco Adaptive Security Appliances 5500 Series firewall can be a the only platform for a multitude of environments, enabling platform standardization. The Cisco ASA firewall can be used as a converged attack-protection appliance at the datacenter by leveraging its access control, process inspection, and malicious assault remediation capabilities. The Cisco Adaptive Security Appliances (ASA) firewall can also be used as a specialized remote connectivity solution utilizing its VPN capabilities. Alternatively, the Cisco Adaptive Security Appliances 5500 Series firewall performs equally well inside the network for interdepartmental access control and to defend against worms, viruses, and other malicious code inside workers may inadvertently introduce into the environment. In small business and satellite office networks, the Cisco ASA 5500 Series firewall acts as a total solution device providing complete threat prevention and VPN functionality while suiting the cost structure and operational models of such deployments.

This adaptive one-device, multiple-solution design minimizes the number of devices that must be installed and managed while providing a common operating and administrative system across all installations. This architecture simplifies the training of setup, monitoring, troubleshooting, and protection staff. To further minimize maintenance costs, Cisco ASA firewalls are also exceptionally network aware, allowing these devices to integrate seamlessly into the environment without interfering with legitimate traffic and applications.

How Progent's Cisco Certified Experts Can Assist You with Cisco PIX and ASA Firewalls
Cisco's ASA 5500 Series firewalls and PIX firewalls incorporate an array of configuration, monitoring, and troubleshooting options that offer you the ability to configure these security appliances to match your business needs. Progent's CCIE authorized network consultants can help you to support your existing network infrastructure that incorporates Cisco ASA or PIX firewall technology and that provides protection, fault tolerance, performance, and recoverability. Progent can also help you to migrate to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-certified information security engineers can help your business to create a security strategy that makes sense for your environment and can configure your PIX or ASA firewall to support your security policies. Progent's risk evaluation experts can evaluate the strength of your current firewall deployment and help determine the security of your entire IS network. Progentís Technical Response Center (TRC) can deliver urgent online troubleshooting for Cisco products and can give you fast access to a Cisco CCIE expert.

To learn more information concerning Progent's professional assistance for Cisco products, select a topic:

To contact Progent about technical assistance for Cisco products, phone 1-800-993-9400 or see Contact Progent.
















© 2002- 2019 Progent Corporation. All rights reserved.