Cisco PIX firewalls and ASA Series adaptive security appliances integrate next-generation firewall, intrusion protection, and Virtual Private Network (VPN) technologies in an affordable, one-box format. Both product lines have been superseded by Cisco's ASA 5500-X line of security appliances with Firepower. (See integration and troubleshooting expertise for Cisco AA 5500-X firewalls with Firepower Services.) Nevertheless, PIX and previous-generation Cisco ASA 5500 model adaptive security appliances are extensively used and continue to deliver small and mid-size companies a reliable security solution.

PIX and the original ASA 5500 firewalls offer powerful user and program policy support, mutlivector attack defense, and secure access services. The enhanced intelligence sharing of integrated security features in a stand-alone platform offers customers deploying these aggregated firewalls the advantages of enhanced security, lower TCO, and smaller maintenance expense.

PIX firewalls and Cisco's ASA 5500 product line join IOS Firewall, the Firewall Services Module for Catalyst 6500 Series switches, and Cisco 7600 Series routers as parts of Cisco's versatile, self-contained firewall line. Engineered with an expandable, building-block approach, each offering is designed with a specific array of options to deliver more efficient security to different network environments. These products can be individually deployed to secure certain facets of the connectivity infrastructure, or can be combined for a layered, defense-in-depth strategy following the architecture leading practices outlined in Cisco's SAFE framework. Completing the integrated firewall solutions, Cisco provides a complete security management portfolio, spanning Cisco security appliance and IOS Software security components and built-in appliance managers, to self-contained management programs, helping to make sure that businesses can productively use their Cisco security solution purchases.

Cisco PIX Security Appliance Series
Cisco PIX Security Appliance Series deliver reliable user and application policy support, multi-source invasion defense, and safe networking services in affordable, easy-to-deploy modules. These purpose-built appliances offer a broad range of built-in protection and networking services including process-aware firewall features, VoIP and multimedia security, reliable site-to-site and remote-connectivity IP Security Virtual Private Network connectivity, high availability, smart networking services, and versatile administration solutions. The Cisco PIX firewall product line spans small plug-and-go devices for small and at home offices to modular high-bandwidth products with ROI for large business and service-provider customers, Cisco PIX firewalls deliver high levels of security, performance, and availability for network environments of any size.

Cisco PIX Security Help

Built upon a hardened, specialized operating system that delivers a wealth of protection services, PIX firewalls provide a high level of security and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IPsec qualification. Cisco PIX firewall appliances provide protection for a broad array of Voice over IP and other mixed-media conventions such as H.323 v. 4, SIP, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol, and MGCP, helping businesses to safeguard installations of a broad range of current and upcoming Voice over IP and multimedia applications.

Cisco PIX firewall appliances feature a wealth of configuration, monitoring, and troubleshooting features, giving IT managers the versatility to utilize the techniques that best match their needs. Administrative options include centralized, policy-based management tools, integrated web-based management, and support for remote-monitoring standards like Simple Network Management Protocol and syslog. The integrated Adaptive Security Device Manager system offers a world-class web-based control solution that greatly simplifies the deployment, ongoing modification, and monitoring of a single PIX firewall without the need of any additional utility other than a standard browser and Java plug-in to be running on a manager's computer.

Administrators can also remotely configure, monitor, and analyze Cisco PIX firewalls using a command-line interface. Secure CLI interface communication is possible through several techniques including Secure Shell Protocol, Telnet through IPsec, and out-of-band via a console port. Cisco PIX firewall appliances also have dependable automatic-update features, a set advanced secure remote-administration options that ensure security settings and software images are kept up to date.

Cisco Adaptive Security Appliances Firewalls
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls are specially engineered devices that bring together market-proven, industry-leading protection and VPN support with an adaptive architecture. The result is a powerful, multifunction network protection appliance better suited to protect small and midsize business and enterprise networks and, simultaneously, lower the overall deployment and operations expenses formerly required for this high degree of security.

>Cisco Adaptive Security Appliances 5500 Series Firewalls Consulting
Cisco Adaptive Security Appliances 5500 Series Firewalls leverage technology developed for Cisco's PIX 500 Series Security Appliance, Cisco's IPS 4200 family Intrusion Prevention System, and the VPN 3000 family concentrator. These solutions converge on the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall product line to offer a firewall that defends against a broad range of attacks. Cisco Adaptive Security Appliances Firewalls deliver application security, local containment and control, and safe Virtual Private Network functionality throughout the entire product portfolio. This breadth of protection enables defense of any network area, which includes the most common attack conduits such as remote locations, locally-connected inside users, and remote access Virtual Private Networks.

Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls deliver strong application security via smart, application-sensitive inspection engines that examine traffic at Layers 4-7. The result is a more secure environment including web, voice, and mobile wireless services. To protect networks against application-layer attacks and to give organizations greater control over the programs and protocols utilized in their environments, these inspection engines incorporate extensive application and protocol knowledge and employ security enforcement technologies such as protocol anomaly detection and state monitoring. Also included are attack sensing and remediation techniques such as application and protocol command filters and content verification. Cisco ASA firewall inspection engines also provide management of IM and peer-to-peer file sharing, allowing organizations to enforce usage policies and preserve network bandwidth for important business applications.

At the same time as increasing security, Cisco ASA firewalls also lower installation and support costs. By offering extensive Virtual Private Network and protection functions, the Cisco ASA firewall can be a the only platform for a multitude of environments, enabling product standardization. The Cisco Adaptive Security Appliances firewall can be deployed as a converged threat-protection device at a central location by leveraging its access control, application inspection, and worm, virus, and other malware remediation technologies. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can also be used as a specialized remote connectivity solution utilizing its VPN capabilities. As another option, the Cisco Adaptive Security Appliances (ASA) firewall operates capably inside the network for inter-office access control and to defend against malicious assaults inside workers may unwittingly release into the environment. For small business and branch office networks, the Cisco Adaptive Security Appliances firewall serves as an all-in-one platform providing comprehensive intrusion defense and Virtual Private Network functionality while fitting within the cost structure and operational models of these situations.

This versatile one-platform, many-use approach reduces the total number of devices that must be deployed and managed while offering a common operating and management environment throughout all deployments. This approach simplifies the training of setup, tracking, troubleshooting, and protection staff. To further minimize maintenance expenses, Cisco ASA firewalls are also highly network aware, enabling them to insert gracefully into the environment without disrupting legitimate traffic and processes.

How Progent's Consultants Can Assist You with Cisco PIX and ASA Security Appliances
Cisco ASA Series adaptive security appliances and PIX firewalls incorporate a wealth of setup, monitoring, and troubleshooting features which offer you the flexibility to configure these firewalls to align optimally with your company's requirements. Progent's CCIE certified network consultants can assist you to maintain your current network infrastructure that incorporates Cisco ASA and/or PIX firewall technology and that provides security, resilience, throughput, and manageability. Progent can also help you to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISSP-ISSP-qualified information security experts can assist you to create a security strategy that makes sense for your environment and can configure your security appliance to support your security strategy. Progent's risk assessment consultants can assess the effectiveness of your existing firewall solution and validate the security of your whole IT environment. Progentís Help Desk Call Center can deliver urgent remote troubleshooting for Cisco technology and can give you fast access to a Cisco CCIE expert.

To see more details about Progent's engineering expertise for Cisco networking products, pick a topic:

To get in touch with Progent about engineering help for Cisco products, call 1-800-993-9400 or go to Contact Progent.
















© 2002- 2017 Progent Corporation. All rights reserved.