Cisco's PIX security appliances and Cisco ASA Series adaptive security appliances integrate comprehensive firewall, intrusion defense, and Virtual Private Network (VPN) technologies in an affordable, one-cabinet package. Both product families offer robust user and program policy enforcement, mutlivector attack defense, and secure connectivity features. The increased knowledge sharing of consolidated protection features in a single package offers users deploying these integrated solutions the advantages of enhanced security, reduced TCO, and minimal management costs.
PIX security appliances and Cisco's ASA 5500 family join Cisco IOS Firewall, the FWSM for Cisco Catalyst 6500 family switches, and Cisco 7600 family routers as components of Cisco's flexible, self-contained firewall product. Engineered with a scalable, modular approach, each offering is equipped with a specific array of options to provide more efficient protection to different network situations. These solutions can be individually deployed to secure specific facets of the connectivity infrastructure, or can be combined for a layered, defense-in-depth strategy based on the architecture best practices described in the Cisco SAFE framework. Rounding out the integrated firewall product line, Cisco has developed a complete security management offering, spanning Cisco security appliance and IOS Software security features and built-in device controllers, to standalone management applications, moving to make sure that businesses can productively manage their Cisco security solution investments.
PIX Firewall Appliances
The popular Cisco PIX firewall appliances deliver robust policy enforcement, multi-source attack defense, and safe connectivity services in cost-effective, easy-to-deploy solutions. These specialized devices offer a wealth of integrated protection and networking capabilities such as state-of-the-art process-aware firewall services, market-leading VoIP and multimedia protection, reliable site-to-site and remote-access IPSec VPN networking, excellent resiliency, smart networking features, and versatile management options. The Cisco PIX Security Appliance Series family ranges from compact plug-and-play desktop units for small or home offices to modular gigabit appliances with superior investment protection for large business and service-provider environments, PIX Security Appliance Series deliver high levels of security, performance, and reliability for environments of all sizes.
Based around a hardened, purpose-built software platform that delivers a wealth of security features, Cisco PIX security appliances offer excellent security and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IP Security (IPSec) qualification. Cisco PIX firewall appliances offer protection for a wide array of VoIP and other mixed-media standards such as H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol, RTSP, and MGCP, helping businesses to protect deployments of a broad array of current and next-generation Voice over IP and multimedia applications.
PIX firewalls feature a wealth of setup, monitoring, and troubleshooting features, providing IT managers the flexibility to utilize the techniques that most closely meet their requirements. Administrative options include centralized, policy-based management utilities, integrated web-accessible management, and compatibility with remote-monitoring standards like Simple Network Management Protocol (SNMP) and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system offers a world-class Web-accessible control platform that greatly simplifies the deployment, in-place modification, and tracking of a specific Cisco PIX firewall without the need of any additional software beyond a standard browser and Java applet to be running on a manager's PC.
Administrators can also remotely configure, track, and analyze Cisco PIX firewall appliances using a command-line interface (CLI). Secure command-line interface (CLI) access is possible through several techniques such as Secure Shell Protocol, Telnet through IPSec, and out-of-band through a console port. PIX firewalls also have robust automatic-update features, a collection of revolutionary secure remote-administration options that make sure that firewall settings and software images are always current.
Cisco Adaptive Security Appliances (ASA) Firewalls
Cisco ASA Firewalls are purpose-built devices that bring together advanced, industry-leading security and VPN support plus a new generation, adaptive architecture. The result is a robust, versatile network protection solution better suited to defend small and medium business and larger networks and, simultaneously, lower the overall installation and maintenance expenses associated with this unprecedented level of security.
Cisco Adaptive Security Appliances 5500 Series Firewalls leverage technology behind the PIX 500 Series firewall, the IPS 4200 sensor, and the Cisco VPN 3000 model concentrator. These solutions enable the Cisco Adaptive Security Appliances (ASA) Firewall product line to deliver a firewall that stops the widest variety of threats. Cisco Adaptive Security Appliances (ASA) Firewalls deliver program security, network containment, and clean Virtual Private Network functionality throughout the entire product line. This breadth of protection enables defense of any network section, including the most typical attack vectors like remote locations, locally-connected internal users, and remote connected VPNs.
Cisco ASA 5500 Series firewalls deliver robust application security through intelligent, application-sensitive inspection engines that examine network flows at Layers 4-7. This results in a better protected environment covering Web, voice, and 3G-mobile wireless services. To defend environments from application-layer attacks and to give businesses more control over the applications and protocols used in their networks, these inspection engines incorporate extensive application and protocol knowledge and rely on security enforcement solutions that include anomaly detection and application and protocol state monitoring. Also included are attack sensing and mitigation techniques such as application/protocol command filtering and content verification. Cisco ASA 5500 Series firewall inspection engines also deliver management of IM and peer-to-peer file sharing, enabling organizations to police usage policies and recover bandwidth for crucial business processes.
While improving network security, Cisco Adaptive Security Appliances firewalls also decrease installation and support expenses. By providing broad VPN and protection functions, the Cisco Adaptive Security Appliances 5500 Series firewall can be used as the single device for many uses, allowing platform standardization. The Cisco Adaptive Security Appliances (ASA) firewall can be used as a consolidated attack-protection device at the datacenter by taking advantage of its connectivity control, application inspection, and worm, virus, and other malware mitigation capabilities. The Cisco ASA 5500 Series firewall can also be deployed as a specialized remote access device utilizing its VPN features. As an alternative, the Cisco ASA 5500 Series firewall operates equally well inside the network for interdepartmental access management and to guard against malware internal users might inadvertently release into the environment. For small company and branch office networks, the Cisco ASA 5500 Series firewall serves as an all-in-one platform offering comprehensive threat prevention and VPN functionality while fitting within the cost structure and performance demands of such deployments. This versatile one-device, multiple-solution design minimizes the total number of appliances that must be installed and maintained while providing a common operating and management environment throughout all those installations. This architecture streamlines the training of setup, tracking, troubleshooting, and protection staff. To further reduce maintenance expenses, Cisco ASA firewalls are also exceptionally network aware, allowing them to insert gracefully into the network without interfering with authorized traffic and processes.
How Progent's Cisco Certified Experts Can Help You with Cisco PIX and ASA Security Appliances
Cisco Cisco ASA Series firewalls and PIX family firewalls provide a wealth of configuration, monitoring, and troubleshooting options which offer you the flexibility to deploy these firewalls to match your company's needs. Progent's CCIE authorized network professionals can assist you to and support a cost-effective network infrastructure that includes Cisco ASA and/or PIX security appliances and that provides advanced protection, fault tolerance, performance, and recoverability. Progent's CISA and CISM-certified IS security experts can assist you to create a security policy that makes sense for your situation and can set up your PIX or ASA firewall to support your security policies. Progent's security evaluation experts can evaluate the strength of your existing firewall deployment and help determine the overall security of your entire IT environment. Progent’s Technical Response Center can provide emergency online troubleshooting for Cisco products and offer quick access to a Cisco CCIE network engineer.
To find out more information concerning Progent's professional assistance for Cisco products, select a subject:
In order to get in touch with Progent about engineering help for Cisco technology, call 1-800-993-9400 or send email to cisco-help@progent.com.
