Cisco PIX firewalls and ASA Series adaptive security appliances integrate next-generation firewall, intrusion protection, and VPN functionality in an economical, single-cabinet format. Both of these product lines have been superseded by Cisco's ASA 5500-X series of security appliances with Firepower. (See integration and troubleshooting help with ASA 5500-X firewalls with Firepower Services.) Still, both PIX and previous-generation Cisco ASA 5500 model firewalls are extensively deployed and continue to deliver small and mid-size organizations a reliable security solution.

Cisco PIC and the original ASA 5500 firewalls offer robust user and program policy enforcement, mutlivector assault protection, and secure connectivity features. The increased intelligence sharing of integrated security features in a stand-alone package offers users implementing these integrated firewalls the advantages of advanced protection, lower TCO, and minimal management expense.

PIX firewalls and Cisco's ASA 5500 Series join Cisco IOS Firewall, the FWSM for Cisco Catalyst 6500 family switches, and 7600 family routers as parts of Cisco's flexible, integrated firewall solutions. Based on a scalable, modular approach, each offering is equipped with a specific array of options to provide better protection to different network situations. These products can be individually deployed to protect specific facets of the connectivity infrastructure, or can be grouped for a systematic, protection-in-depth strategy based on the architecture leading practices described in the Cisco SAFE Blueprint. Rounding out the integrated firewall solutions, Cisco has developed a comprehensive security management catalog, spanning Cisco security appliance and IOS Software security features and built-in device managers, to standalone management programs, moving to ensure that businesses can effectively manage their Cisco protection solution purchases.

Cisco PIX Firewalls
Cisco PIX Security Appliance Series offer reliable policy support, multivector invasion protection, and secure networking services in cost-effective, easy-to-deploy modules. These specialized devices provide a broad range of integrated protection and connectivity services including application-aware firewall features, Voice over IP and multimedia protection, reliable site-to-site and remote-access IP Security (IPsec) VPN networking, high availability, intelligent networking services, and versatile administration options. The PIX firewall family spans compact plug-and-go devices for small and home offices to stackable high-bandwidth products with investment protection for large business and service-provider customers, PIX firewalls provide high levels of protection, performance, and availability for environments of all sizes.

PIX Firewalls Consultants

Built around a hardened, purpose-built operating system that delivers a wealth of security services, Cisco PIX firewalls offer a high level of security and have been awarded EAL 4 status and ICSA Firewall and IPsec qualification. PIX firewall appliances provide security for a wide range of Voice over IP and additional multimedia conventions including H.323 Version 4, Session Initiation Protocol, SCCP, RTSP, and Media Gateway Control Protocol (MGCP), enabling businesses to protect installations of a broad array of contemporary and upcoming VoIP and multimedia applications.

Cisco PIX security appliances feature a wealth of configuration, tracking, and troubleshooting features, giving businesses the versatility to utilize the methods that most closely match their requirements. Administrative options include common, policy-based management tools, integrated web-based management, and compatibility with remote-tracking protocols like Simple Network Management Protocol and syslog. The integrated ASDM system provides a world-class web-based management platform that significantly simplifies the installation, in-place modification, and monitoring of a single Cisco PIX firewall without requiring any additional software beyond a standard web browser and Java plug-in to be installed on an administrator's computer.

IT managers can also remotely set up, monitor, and analyze PIX firewalls via a command-line interface (CLI). Secure CLI interface communication is possible using several techniques including Secure Shell (SSHv2) Protocol, Telnet over IP Security, and out-of-band through a console port. PIX security appliances also include robust automatic-update capabilities, a set of protected remote-management options that make sure that security configurations and software images are kept current.

Cisco Adaptive Security Appliances (ASA) Firewalls
Cisco ASA Firewalls are specially engineered solutions that bring together market-proven, industry-leading security and Virtual Private Network services plus an adaptive architecture. The result is a powerful, multifunction network security appliance better suited to protect small and midsize business and enterprise networks and, simultaneously, lower the total deployment and operations expenses previously associated with this high level of protection.

>Cisco ASA Firewalls Support
Cisco ASA Firewalls build on engineering behind the PIX 500 Security Appliance, the Cisco IPS 4200 Intrusion Prevention System, and Cisco's VPN 3000 family concentrator. These solutions enable the Cisco ASA Firewall product line to offer a platform that stops a broad range of attacks. Cisco ASA Firewalls provide program security, network containment, and clean Virtual Private Network connectivity throughout the entire product portfolio. This broad scope of protection enables defense of any network segment, including the most common threat conduits like remote locations, locally-attached internal users, and remote connected VPNs.

Cisco ASA 5500 Series firewalls deliver robust application security via smart, application-aware inspection processes that analyze network flows at Layers 4-7. This produces a better protected environment covering web, voice, and mobile wireless services. To protect networks from application-layer assaults and to offer businesses more control over the applications and protocols used in their networks, Cisco's inspection engines incorporate broad application and protocol knowledge and employ protection enforcement solutions that include anomaly sensing and state tracking. Also included are attack sensing and mitigation techniques such as application/protocol command filtering and content verification. Cisco Adaptive Security Appliances firewall inspection engines also provide management of IM and tunneling applications, enabling organizations to police usage policies and preserve bandwidth for vital business applications.

At the same time as improving network security, Cisco ASA firewalls also decrease installation and support expenses. By offering broad Virtual Private Network and protection services, the Cisco Adaptive Security Appliances 5500 Series firewall can be used as the single device for many environments, enabling product commonality. The Cisco ASA 5500 Series firewall can be deployed as a consolidated threat-prevention appliance at the datacenter by taking advantage of its access control, application inspection, and malicious assault mitigation capabilities. The Cisco Adaptive Security Appliances 5500 Series firewall can also be used as a specialized remote connectivity solution utilizing its VPN features. As an alternative, the Cisco Adaptive Security Appliances firewall operates equally well inside the network for inter-office connectivity management and to guard against malware internal users may inadvertently release into the network. In small business and satellite office networks, the Cisco Adaptive Security Appliances (ASA) firewall acts as a total solution platform offering comprehensive intrusion prevention and VPN services while fitting within the budgets and operational models of these situations.

This versatile one-platform, many-use design reduces the total number of appliances that must be deployed and maintained while providing a common functional and administrative system across all installations. This approach streamlines the training of setup, monitoring, support, and protection staff. To further reduce maintenance costs, Cisco Adaptive Security Appliances (ASA) firewalls are also exceptionally network aware, enabling these devices to integrate gracefully into the network without interfering with authorized traffic and applications.

How Progent's Cisco Certified Experts Can Help Your Business with Cisco Firewalls
Cisco's ASA Series firewalls and PIX security appliances incorporate a wealth of configuration, monitoring, and analysis features which give you the ability to set up these firewalls to match your business needs. Progent's CCIE authorized network consultants can show you how to support your current infrastructure that incorporates Cisco ASA or PIX firewalls and that provides security, fault tolerance, performance, and recoverability. Progent's firewall experts can also help you to migrate to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-certified IS security experts can assist your business to develop a security strategy appropriate for your environment and can configure your firewall to support your security strategy. Progent's security evaluation experts can evaluate the strength of your existing firewall deployment and help determine the security of your entire IT environment. Progentís Technical Response Center can provide urgent online technical support for Cisco products and can give you quick access to a Cisco CCIE network engineer.

For additional information about Progent's consulting help for Cisco networking products, pick a topic:

To get in touch with Progent about technical expertise for Cisco technology, phone 1-800-993-9400 or visit Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.