Cisco's PIX security appliances and Cisco ASA Series adaptive security appliances integrate comprehensive firewall, intrusion defense, and Virtual Private Network (VPN) technologies in an affordable, one-cabinet package. Both product families offer robust user and program policy enforcement, mutlivector attack defense, and secure connectivity features. The increased knowledge sharing of consolidated protection features in a single package offers users deploying these integrated solutions the advantages of enhanced security, reduced TCO, and minimal management costs.
PIX security appliances and Cisco's ASA 5500 family join Cisco IOS Firewall, the FWSM for Cisco Catalyst 6500 family switches, and Cisco 7600 family routers as components of Cisco's flexible, self-contained firewall product. Engineered with a scalable, modular approach, each offering is equipped with a specific array of options to provide more efficient protection to different network situations. These solutions can be individually deployed to secure specific facets of the connectivity infrastructure, or can be combined for a layered, defense-in-depth strategy based on the architecture best practices outlined in the Cisco SAFE Blueprint. Completing the integrated firewall solutions, Cisco has developed a complete security management offering, spanning Cisco security device and Cisco IOS security features and embedded appliance managers, to self-contained management programs, helping to make sure that businesses can productively use their Cisco security infrastructure purchases.
Cisco PIX Firewall Appliances
The popular PIX firewalls offer robust user and application policy support, multivector invasion protection, and safe networking services in cost-effective, easy-to-deploy solutions. These purpose-built devices offer a broad range of integrated security and connectivity services such as state-of-the-art process-aware firewall features, market-leading VoIP and multimedia security, reliable multi-site and remote-access IP Security (IPSec) Virtual Private Network (VPN) connectivity, excellent resiliency, smart networking features, and versatile administration solutions. The PIX firewall family ranges from compact plug-and-play appliances for small or at home offices to modular gigabit appliances with superior investment protection for enterprise and ISP environments, Cisco PIX firewall appliances provide dependable security, performance, and reliability for networks of any size.
Built around a tested, purpose-built operating system that offers rich protection services, PIX security appliances provide excellent protection and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IP Security certification. PIX security appliances offer security for a wide range of VoIP and additional multimedia conventions such as H.323 Version 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol, and MGCP, enabling businesses to safeguard installations of a wide array of contemporary and next-generation VoIP and mixed-media applications.
Cisco PIX firewalls feature a wealth of configuration, tracking, and troubleshooting options, giving businesses the versatility to use the techniques that most closely match their needs. Administrative options include common, policy-based management tools, integrated web-accessible administration, and support for remote-tracking protocols like SNMP and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) interface offers a powerful Web-based control solution that greatly simplifies the deployment, ongoing modification, and tracking of a specific PIX firewall without requiring any extra software other than an ordinary Web browser and Java applet to be running on a manager's PC.
IT managers can also remotely configure, monitor, and analyze PIX security appliances via a command-line interface (CLI). Secure command-line interface (CLI) access is available through a number of methods such as SSHv2 Protocol, Telnet over IPSec, and out-of-band via a console port. Cisco PIX firewalls also include dependable auto-update features, a collection of advanced secure remote-management options that make sure that security configurations and software images are always current.
Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco ASA 5500 Series Firewalls are purpose-built devices that incorporate market-proven, industry-leading security and Virtual Private Network services plus a new generation, flexible architecture. The result is a powerful, versatile network protection solution better suited to defend small and midsize business (SMB) and larger networks and, simultaneously, lower the total deployment and maintenance expenses of this new degree of security.
Cisco Adaptive Security Appliances (ASA) Firewalls leverage technology developed for the PIX 500 family Security Appliance, the IPS 4200 family Intrusion Prevention System, and the VPN 3000 Series concentrator. These solutions enable the Cisco Adaptive Security Appliances 5500 Series Firewall product line to offer a platform that defends against the broadest variety of attacks. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls provide application protection, network containment, and clean VPN functionality throughout the entire product line. This broad scope of security allows defense of any network segment, including the most common attack vectors like remote locations, locally-connected inside users, and remote access Virtual Private Networks.
Cisco Adaptive Security Appliances (ASA) firewalls provide robust application protection through intelligent, application-aware inspection processes that examine network flows at Layers 4-7. The result is a better protected environment covering Web, voice, and mobile wireless services. To defend networks against application-layer attacks and to give businesses more control over the applications and protocols used in their environments, Cisco's inspection engines incorporate extensive application and protocol knowledge and employ security enforcement solutions such as protocol anomaly sensing and application and protocol state tracking. Also incorporated are attack detection and remediation techniques such as application/protocol command filtering and content verification. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also deliver control over IM and tunneling applications, enabling businesses to police usage policies and preserve network bandwidth for crucial business processes.
At the same time as increasing security, Cisco Adaptive Security Appliances (ASA) firewalls also lower deployment and support expenses. By providing extensive VPN and security functions, the Cisco ASA firewall can be a the only platform for many uses, enabling product standardization. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as a consolidated attack-protection appliance at the datacenter by leveraging its connectivity control, process inspection, and worm, virus, and other malware mitigation technologies. The Cisco Adaptive Security Appliances firewall can also be used as a specialized remote connectivity device utilizing its VPN capabilities. As another option, the Cisco ASA 5500 Series firewall serves equally well in the network interior for inter-office access control and to defend against worms, viruses, and other malicious code internal users may unknowingly release into the network. For small company and satellite office environments, the Cisco Adaptive Security Appliances firewall serves as an all-in-one device providing comprehensive threat prevention and VPN services while fitting within the cost structure and performance demands of these deployments. This adaptive one-platform, many-solution design minimizes the total number of devices that must be deployed and maintained while providing a standard operating and management environment across all deployments. This architecture streamlines the education of configuration, tracking, support, and security personnel. To further minimize maintenance expenses, Cisco Adaptive Security Appliances firewalls are also exceptionally network conscious, enabling these devices to insert gracefully into the network without disrupting authorized data flow and applications.
How Progent's Consultants Can Assist You with Cisco Firewalls
Cisco ASA 5500 Series firewalls and PIX family firewalls provide an array of configuration, monitoring, and troubleshooting options which give you the ability to configure these firewalls to align optimally with your business requirements. Progent's CCIE certified network professionals can show you how to install an efficient network infrastructure that includes Cisco ASA and/or PIX firewalls and that offers advanced protection, fault tolerance, throughput, and recoverability. Progent's CISA and CISM-certified information security engineers can help you to create a security strategy appropriate for your situation and can configure your security appliance to enforce your security strategy. Progent's security evaluation engineers can assess the effectiveness of your current firewall deployment and validate the overall security of your entire IS environment. Progent’s Technical Response Center (TRC) can deliver emergency remote technical support for Cisco technology and offer quick access to a Cisco CCIE network engineer.
For more details concerning Progent's professional assistance for Cisco solutions, select a topic:
Overview of Cisco Consulting Services
Immediate Phone Support from a Cisco Certified Internetwork Expert Consultant
Cisco Routers Consulting Support
Aironet Wireless Consulting Help
Cisco Voice over IP Engineering Services
Cisco Switches Professional Support
Cisco VPN and Network Security Consulting Expertise
Design and Support for Cisco-based Datacenters
Engineering Expertise for ISPs
Network Management Solutions for Cisco Environments
To ask Progent about consulting help for Cisco technology, call 1-800-993-9400 or e-mail cisco-help@progent.com.
