Cisco PIX family firewalls and Cisco ASA 5500 Series firewalls integrate comprehensive firewall, intrusion defense, and Virtual Private Network (VPN) functionality in an economical, single-box package. Both product families have been replaced by Cisco's ASA 5500-X series of firewalls with Firepower Services. (Refer to configuration and debugging expertise for Cisco AA 5500-X firewalls with Firepower Services.) Still, PIX and earlier-generation Cisco ASA 5500 model adaptive security appliances are extensively deployed and continue to offer small and mid-size organizations a viable security environment.

PIX and legacy ASA 5500 firewalls deliver powerful client and application policy support, mutlivector assault protection, and safe access features. The enhanced knowledge sharing of consolidated protection services in a single platform offers customers implementing these aggregated firewalls the advantages of advanced protection, lower cost of ownership, and smaller management costs.

Cisco PIX firewalls and the ASA 5500 Series combine with Cisco IOS Firewall, the FWSM for Cisco Catalyst 6500 family switches, and Cisco 7600 routers as components of Cisco's versatile, self-contained firewall product. Engineered with a scalable, building-block platform, every offering is equipped with a specific array of options to deliver more efficient security to different networking environments. These solutions can be individually installed to secure certain facets of the network environment, or can be combined for a layered, protection-in-depth strategy following the design best practices outlined in the Cisco SAFE Blueprint. Rounding out the modular firewall product line, Cisco has developed a comprehensive security management product portfolio, ranging from Cisco security device and Cisco IOS security features and embedded appliance managers, to self-contained management utilities, moving to ensure that businesses can productively manage their Cisco protection infrastructure purchases.

PIX Firewall Appliances
Cisco PIX Security Appliance Series offer robust user and application policy enforcement, multivector attack defense, and secure networking services in cost-effective, out-of-the-box modules. These purpose-built appliances provide a broad range of built-in protection and networking services including process-aware firewall services, Voice over IP (VoIP) and multimedia protection, robust multi-site and remote-access IP Security VPN networking, excellent resiliency, smart networking services, and flexible management solutions. The PIX Security Appliance Series product line ranges from small plug-and-go devices for small offices or at home offices to modular gigabit appliances with investment protection for enterprise and service-provider environments, PIX firewall appliances provide high levels of protection, speed, and availability for network environments of all sizes.

Cisco PIX Firewalls Consulting

Based around a hardened, specialized operating system that delivers rich security services, Cisco PIX firewalls offer a high level of security and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IPsec certification. PIX security appliances provide protection for a wide array of VoIP and other multimedia conventions such as H.323 Version 4, SIP, SCCP, RTSP, and Media Gateway Control Protocol, helping businesses to protect installations of a broad range of contemporary and upcoming Voice over IP and video applications.

PIX security appliances feature a wealth of setup, monitoring, and troubleshooting features, providing businesses the flexibility to use the methods that most closely match their requirements. Management options include common, policy-based administration tools, integrated web-accessible administration, and support for remote-tracking standards like SNMP and syslog. The integrated Adaptive Security Device Manager interface provides a world-class web-based control solution that significantly streamlines the installation, in-place configuration, and tracking of a specific PIX firewall appliance without the need of any additional utility beyond an ordinary web browser and Java applet to be installed on an administrator's computer.

Administrators can also remotely set up, monitor, and analyze Cisco PIX firewalls using a command-line interface. Secure CLI interface access is possible using several methods including SSHv2 Protocol, Telnet through IPsec, and out-of-band through a console port. PIX firewalls also have dependable auto-update features, a collection of protected remote-administration options that make sure that firewall settings and software images are kept up to date.

Cisco Adaptive Security Appliances Firewalls
Cisco ASA 5500 Series Firewalls are specially engineered solutions that bring together advanced, industry-leading protection and Virtual Private Network services plus a flexible architecture. The result is a powerful, versatile network security solution better suited to protect small and midsize business (SMB) and enterprise networks and, at the same time, reduce the overall deployment and operations costs formerly required for this high level of protection.

>Cisco ASA 5500 Series Firewalls Consulting Firm
Cisco ASA 5500 Series Firewalls leverage engineering behind the Cisco PIX 500 Series firewall, the IPS 4200 sensor, and the Cisco VPN 3000 family concentrator. These technologies converge on the Cisco ASA Firewall product line to offer a firewall that defends against a broad range of attacks. Cisco Adaptive Security Appliances 5500 Series Firewalls provide application security, local containment and control, and safe Virtual Private Network functionality throughout the entire product portfolio. This breadth of protection enables the guarding of any network section, which includes the most common attack vectors like remote locations, locally-attached inside users, and off-site connected VPNs.

Cisco ASA 5500 Series firewalls deliver strong application security through smart, application-aware inspection processes that examine network flows at Layers 4-7. The result is a more secure environment covering web, voice, and mobile wireless connectivity. To defend environments from application-layer assaults and to give businesses more policing of the programs and protocols used in their environments, these inspection engines incorporate extensive application and protocol knowledgebases and rely on protection enforcement technologies such as protocol anomaly detection and application and protocol state monitoring. Also incorporated are attack sensing and mitigation technology such as application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide control over instant messaging and tunneling applications, allowing organizations to police usage policies and conserve bandwidth for vital business processes.

While improving network protection, Cisco Adaptive Security Appliances 5500 Series firewalls also decrease deployment and support expenses. By providing broad Virtual Private Network and protection functions, the Cisco Adaptive Security Appliances 5500 Series firewall can be a the only platform for a multitude of uses, allowing platform commonality. The Cisco ASA 5500 Series firewall can be used as a consolidated threat-prevention appliance at the datacenter by leveraging its connectivity control, application inspection, and malicious assault mitigation capabilities. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can also be deployed as a dedicated remote connectivity device utilizing its VPN features. As an alternative, the Cisco Adaptive Security Appliances (ASA) firewall performs capably in the network interior for interdepartmental connectivity control and to guard against worms, viruses, and other malicious code inside users might unknowingly introduce into the environment. In small company and branch office networks, the Cisco Adaptive Security Appliances (ASA) firewall serves as a total solution platform providing comprehensive intrusion prevention and VPN services while fitting within the cost structure and performance demands of such deployments.

This adaptive single-platform, many-use design minimizes the total number of devices that must be installed and managed while providing a standard operating and administrative system throughout all those deployments. This approach streamlines the education of configuration, monitoring, support, and security staff. To further reduce maintenance costs, Cisco Adaptive Security Appliances (ASA) firewalls are also exceptionally network aware, enabling them to insert gracefully into the environment without interfering with legitimate data flow and processes.

How Progent Can Assist You with Cisco PIX and ASA Security Appliances
Cisco ASA Series firewalls and PIX security appliances incorporate an array of setup, monitoring, and troubleshooting features which offer you the flexibility to set up these firewalls to align optimally with your company's needs. Progent's CCIE authorized network professionals can assist you to maintain your current infrastructure that includes Cisco ASA or PIX firewall technology and that provides protection, resilience, performance, and manageability. Progent's firewall experts can also assist you to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISM-qualified information security engineers can help you to develop a security strategy appropriate for your business and can set up your firewall to support your security strategy. Progent's risk assessment professionals can assess the strength of your existing firewall deployment and audit the overall security of your entire IT network. Progentís Technical Response Center (TRC) can deliver urgent remote technical support for Cisco products and offer quick access to a Cisco expert.

For additional details concerning Progent's engineering help for Cisco solutions, choose a topic:

If you wish to contact Progent about technical assistance for Cisco networking, phone 1-800-993-9400 or visit Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.