Cisco PIX firewalls and ASA Series adaptive security appliances combine comprehensive firewall, intrusion defense, and Virtual Private Network functionality in an affordable, one-box package. Both of these product lines have been superseded by the ASA 5500-X line of firewalls with Firepower Services. (See configuration and troubleshooting expertise for ASA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and previous-generation Cisco ASA 5500 model adaptive security appliances are widely deployed and continue to provide small and mid-size companies a viable firewall solution.

Cisco PIC and legacy ASA 5500 firewalls offer powerful client and application policy support, mutlivector assault defense, and safe access services. The enhanced knowledge sharing of integrated security services in a stand-alone platform provides customers implementing these aggregated solutions the benefits of enhanced security, reduced TCO, and smaller management costs.

PIX firewalls and Cisco's ASA 5500 product line join IOS Firewall, the FWSM for Catalyst 6500 switches, and Cisco 7600 family routers as components of Cisco's versatile, self-contained firewall product. Engineered with a scalable, modular approach, each offering is designed with a specific feature set to deliver more efficient protection to a variety of network situations. These solutions can be individually installed to protect specific areas of a network infrastructure, or can be grouped for a systematic, defense-in-depth strategy following the architecture best practices outlined in the Cisco SAFE framework. Completing the integrated firewall solutions, Cisco provides a comprehensive security management product portfolio, ranging from Cisco security device and IOS security components and built-in appliance controllers, to standalone management utilities, helping to make sure that businesses can productively manage their Cisco protection solution purchases.

Cisco PIX Firewalls
PIX Security Appliance Series deliver reliable policy enforcement, multivector attack protection, and secure connectivity services in affordable, out-of-the-box modules. These specialized appliances provide a broad range of integrated security and connectivity capabilities including application-aware firewall features, Voice over IP (VoIP) and multimedia security, robust site-to-site and remote-access IPcec Virtual Private Network networking, excellent resiliency, intelligent networking services, and flexible administration options. The PIX Security Appliance Series product line ranges from small plug-and-play devices for small offices or at home offices to stackable high-bandwidth appliances with ROI for large business and ISP environments, Cisco PIX firewalls deliver high levels of protection, performance, and reliability for network environments of any size.

PIX Firewalls Experts

Based upon a tested, specialized operating system that offers rich security services, PIX firewall appliances provide a high level of security and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IP Security certification. PIX security appliances provide security for a wide array of Voice over IP and other mixed-media standards including H.323 Version 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), enabling organizations to protect deployments of a wide range of contemporary and upcoming VoIP and multimedia applications.

Cisco PIX security appliances offer a wealth of configuration, monitoring, and analysis features, providing businesses the flexibility to utilize the methods that best match their needs. Administrative options include common, policy-based administration tools, integrated web-based management, and compatibility with remote-tracking protocols like Simple Network Management Protocol (SNMP) and syslog. The integrated Adaptive Security Device Manager system offers a world-class web-based control platform that greatly streamlines the installation, ongoing configuration, and tracking of a single PIX security appliance without the need of any extra software beyond an ordinary web browser and Java plug-in to be running on an administrator's computer.

Administrators can also remotely configure, monitor, and analyze Cisco PIX security appliances via a command-line interface. Secure CLI interface communication is available using several methods such as SSHv2 Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. PIX security appliances also include robust auto-update features, a collection advanced protected remote-administration services that ensure security configurations and software images are kept up to date.

Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances (ASA) Firewalls are specially engineered devices that bring together market-proven, industry-leading security and VPN support with a flexible design. The end product is a powerful, multifunction network security solution better able to protect small and medium business (SMB) and enterprise networks and, simultaneously, reduce the total installation and operations expenses previously required for this enhanced degree of security.

>Cisco Adaptive Security Appliances Firewalls Support
Cisco Adaptive Security Appliances 5500 Series Firewalls build on technology behind Cisco's PIX 500 family Security Appliance, the IPS 4200 sensor, and Cisco's VPN 3000 Series concentrator. These technologies converge on the Cisco Adaptive Security Appliances 5500 Series Firewall family to deliver a firewall that defends against a broad range of threats. Cisco ASA Firewalls deliver application security, network containment and control, and safe VPN functionality across the entire product portfolio. This broad scope of protection allows the guarding of any network section, which includes the most typical attack conduits such as remote sites, locally-connected inside users, and remote connected VPNs.

Cisco Adaptive Security Appliances 5500 Series firewalls deliver strong application protection through smart, application-sensitive inspection processes that examine network flows at Layers 4-7. The result is a more secure network including web, voice, and mobile wireless access. To protect environments against application-layer attacks and to offer businesses more control over the programs and protocols used in their environments, these inspection engines integrate broad application and protocol knowledgebases and rely on protection enforcement technologies such as anomaly sensing and state tracking. Also incorporated are attack sensing and remediation techniques such as application/protocol command filtering and content verification. Cisco Adaptive Security Appliances firewall inspection engines also deliver control over instant messaging and tunneling applications, enabling businesses to police usage policies and conserve network bandwidth for critical business applications.

While improving security, Cisco Adaptive Security Appliances 5500 Series firewalls also lower deployment and support expenses. By offering broad Virtual Private Network and protection services, the Cisco ASA 5500 Series firewall can be used as the single device for many uses, enabling product commonality. The Cisco ASA firewall can be used as a consolidated threat-prevention appliance at the datacenter by taking advantage of its connectivity control, application inspection, and worm, virus, and other malware mitigation capabilities. The Cisco ASA 5500 Series firewall can also be used as a specialized remote connectivity device utilizing its Virtual Private Network features. As an alternative, the Cisco Adaptive Security Appliances 5500 Series firewall performs capably in the network interior for interdepartmental connectivity management and to defend against malware internal users may unknowingly release into the network. For small company and satellite office environments, the Cisco Adaptive Security Appliances firewall acts as a total solution device providing complete threat defense and Virtual Private Network functionality while fitting within the cost structure and operational demands of these deployments.

This adaptive single-platform, many-use design reduces the number of appliances that need to be installed and maintained while offering a common functional and management environment throughout all those deployments. This architecture streamlines the training of setup, tracking, troubleshooting, and protection staff. To further minimize operations expenses, Cisco ASA 5500 Series firewalls are also highly network aware, allowing these devices to insert gracefully into the network without disrupting legitimate data flow and processes.

How Progent's Cisco Certified Experts Can Assist Your Business with Cisco PIX and ASA Firewalls
Cisco ASA Series adaptive security appliances and PIX family firewalls incorporate an array of configuration, monitoring, and analysis options that offer you the ability to deploy these security appliances to match your company's needs. Progent's CCIE certified network professionals can assist you to maintain your existing network infrastructure that incorporates Cisco ASA and/or PIX security appliances and that offers security, resilience, performance, and recoverability. Progent can also help your organization to upgrade to ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISSP-ISSP-certified information security professionals can help your business to create a security policy that makes sense for your environment and can configure your PIX or ASA firewall to enforce your security strategy. Progent's risk evaluation consultants can assess the strength of your existing firewall solution and audit the overall security of your entire information system network. Progentís Help Desk support team can deliver urgent online troubleshooting for Cisco products and offer quick access to a Cisco network engineer.

To see additional information concerning Progent's professional help for Cisco solutions, select a subject:

In order to contact Progent about consulting assistance for Cisco networking, phone 1-800-993-9400 or go to Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.