Cisco PIX security appliances and ASA 5500 Series firewalls combine comprehensive firewall, intrusion defense, and Virtual Private Network features in an affordable, one-box package. Both product families have been superseded by Cisco's ASA 5500-X family of firewalls with Firepower. (See integration and debugging help with Cisco AA 5500-X firewalls with Firepower Services.) Still, PIX and earlier-generation ASA 5500 Series firewalls are extensively deployed and continue to provide small and mid-size organizations a reliable security environment.

PIX and legacy ASA 5500 firewalls offer robust user and program policy support, mutlivector attack defense, and safe connectivity features. The enhanced intelligence sharing of integrated security services in a single platform offers customers deploying these integrated solutions the benefits of advanced security, reduced TCO, and smaller maintenance expense.

PIX security appliances and Cisco's ASA 5500 product line combine with IOS Firewall, the Firewall Services Module (FWSM) for Cisco Catalyst 6500 switches, and 7600 family routers as components of Cisco's flexible, self-contained firewall product. Based on a scalable, building-block platform, each offering is equipped with a particular array of options to deliver better protection to a variety of networking situations. These products can be independently installed to secure specific facets of the network infrastructure, or can be grouped for a layered, protection-in-depth strategy based on the design best practices outlined in the Cisco SAFE Blueprint. Rounding out the modular firewall solutions, Cisco has developed a comprehensive security management product portfolio, ranging from Cisco security appliance and Cisco IOS security components and built-in device controllers, to standalone management applications, moving to ensure that customers can productively manage their Cisco security solution purchases.

Cisco PIX Security Appliance Series
Cisco PIX Security Appliance Series deliver robust policy enforcement, multi-source invasion protection, and safe connectivity services in economical, easy-to-deploy solutions. These specialized devices provide a wealth of integrated protection and connectivity services including process-aware firewall features, Voice over IP and multimedia security, reliable site-to-site and remote-connectivity IPcec Virtual Private Network connectivity, fault tolerance, smart networking services, and versatile administration solutions. The PIX firewall Appliance family ranges from compact plug-and-go devices for small offices and at home offices to modular gigabit appliances with ROI for large business and service-provider customers, Cisco PIX firewalls provide high levels of security, performance, and availability for environments of all sizes.

PIX Security Help

Based upon a hardened, specialized operating system that delivers rich security features, PIX firewalls provide a high level of protection and have been awarded Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IP Security qualification. Cisco PIX security appliances provide security for a broad range of Voice over IP and additional mixed-media standards such as H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol (MGCP), enabling businesses to safeguard deployments of a broad array of contemporary and next-generation Voice over IP and multimedia applications.

Cisco PIX firewall appliances feature a wealth of configuration, monitoring, and troubleshooting features, giving businesses the versatility to use the techniques that best match their needs. Management solutions include common, policy-based administration tools, integrated web-accessible administration, and compatibility with remote-tracking standards like Simple Network Management Protocol and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) interface offers a powerful web-based management solution that significantly simplifies the deployment, in-place modification, and tracking of a specific PIX security appliance without the need of any extra utility beyond an ordinary web browser and Java plug-in to be installed on a manager's PC.

IT managers can also remotely configure, track, and troubleshoot Cisco PIX firewalls via a command-line interface. Secure CLI interface communication is available through several methods such as Secure Shell Protocol, Telnet through IP Security, and out-of-band via a console port. Cisco PIX firewall appliances also have robust auto-update capabilities, a set advanced protected remote-management services that ensure firewall configurations and software images are always up to date.

Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances (ASA) Firewalls are specially engineered devices that bring together advanced, best-of-breed security and Virtual Private Network services plus a flexible architecture. The end product is a robust, versatile network security appliance better suited to protect small and midsize business (SMB) and larger networks and, at the same time, lower the total installation and operations expenses previously associated with this high level of protection.

>Cisco Adaptive Security Appliances 5500 Series Firewalls Consulting
Cisco Adaptive Security Appliances Firewalls build on engineering developed for the Cisco PIX 500 Series firewall, Cisco's IPS 4200 sensor, and the VPN 3000 family concentrator. These solutions converge on the Cisco Adaptive Security Appliances (ASA) Firewall product line to deliver a firewall that defends against a broad range of attacks. Cisco ASA 5500 Series Firewalls provide program security, network containment and control, and clean Virtual Private Network functionality across Cisco's product line. This breadth of security enables defense of any network segment, including the most common threat conduits like remote sites, LAN-connected inside users, and off-site access VPNs.

Cisco ASA firewalls provide strong application protection via smart, application-aware inspection processes that examine network flows at Layers 4-7. The result is a more secure network including web, voice, and mobile wireless services. To protect environments from application-layer attacks and to offer organizations more control over the applications and protocols utilized in their environments, Cisco's inspection engines incorporate extensive application and protocol knowledge and rely on security enforcement solutions that include anomaly sensing and application and protocol state monitoring. Also included are attack sensing and remediation techniques such as application/protocol command filtering and content verification. Cisco ASA firewall inspection engines also provide control over instant messaging and peer-to-peer file sharing, enabling businesses to police usage policies and recover network bandwidth for vital business processes.

While improving network security, Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls also decrease deployment and support expenses. By providing extensive Virtual Private Network and protection services, the Cisco Adaptive Security Appliances (ASA) firewall can be used as the the only platform for many uses, allowing platform standardization. The Cisco Adaptive Security Appliances 5500 Series firewall can be used as a converged attack-protection device at a central location by leveraging its connectivity control, application inspection, and worm, virus, and other malware mitigation technologies. The Cisco Adaptive Security Appliances (ASA) firewall can also be used as a dedicated remote access solution utilizing its VPN features. Alternatively, the Cisco Adaptive Security Appliances 5500 Series firewall performs equally well in the network interior for inter-office connectivity control and to defend against worms, viruses, and other malicious code internal users might unknowingly release into the environment. In small business and branch office environments, the Cisco Adaptive Security Appliances (ASA) firewall acts as an all-in-one device providing comprehensive threat defense and VPN functionality while suiting the cost structure and operational demands of such deployments.

This adaptive one-device, multiple-solution approach reduces the total number of appliances that need to be installed and managed while offering a standard functional and management environment across all deployments. This architecture simplifies the training of setup, monitoring, troubleshooting, and security staff. To further minimize operations costs, Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls are also exceptionally network conscious, allowing these devices to integrate seamlessly into the network without disrupting legitimate traffic and processes.

How Progent's Cisco Certified Experts Can Assist You with Cisco PIX and ASA Firewalls
Cisco ASA Series adaptive security appliances and PIX firewalls provide a wealth of configuration, tracking, and troubleshooting features which offer you the flexibility to configure these security appliances to match your business needs. Progent's CCIE certified network professionals can help you to maintain your existing network infrastructure that includes Cisco ASA or PIX firewalls and that offers protection, resilience, performance, and manageability. Progent's firewall experts can also assist your organization to upgrade to ASA 5500-X firewalls with Firepower Services.

Progent's GISA and CISM-qualified information security engineers can help your business to create a security policy that makes sense for your business and can configure your security appliance to enforce your security policies. Progent's security assessment engineers can evaluate the effectiveness of your current firewall deployment and validate the overall security of your whole information system network. Progentís Help Desk support team can deliver emergency online technical support for Cisco products and offer fast access to a Cisco expert.

To learn more details concerning Progent's engineering assistance for Cisco technology, select a topic:

In order to contact Progent about engineering expertise for Cisco technology, phone 1-800-993-9400 or see Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.