Cisco is a long-time leader in developing cutting-edge firewalls for the broadest possible range of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) represent an advanced cybersecurity solution that combines dedicated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to anticipate, discover, and respond to cyber attacks without manual intervention. Progent's Cisco-certified CCIE firewall consultants can assist you to plan and carry out a smooth upgrade to Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX appliances and help you enhance Firepower firewalls with Cisco's cloud-based services to build and centrally control IT ecosystems that span branch offices, data centers, and cloud resources. Progent can also assist you to manage and debug legacy Cisco security appliances. Progent's certified network security experts can assist you with policy creation driven by leading best practices in order to build a consistent cybersecurity posture across all your networked endpoints anywhere.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower Next Generation Firewalls deliver a significant performance boost compared to Cisco's previous-generation ASA 5500-X security appliances and include centralized control of advanced cybersecurity capabilities such as application visibility and control, next-generation intrusion protection with risk prioritization, advanced malware protection, DDoS mitigation, and sandboxing. For more information about Cisco's Firepower family of Next Generation Firewalls (NGFWs), see Firepower firewalls integration experts.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500 Series, and PIX firewalls provide integrated firewall, VPN, and intrusion prevention system capabilities in compact single-box packages, delivering a broad range of features to meet the security and compliance requirements of companies from small and mid-size businesses to enterprises and Internet service providers. Cisco's ASA 5500-X, ASA 5500, and PIX 500 firewall appliances allow network security teams to defend their network edge and provide safe offsite and mobile access while utilizing advanced management mechanisms based on Cisco's industry-leading firewall products.
Cisco's ASA 5500 and PIX 500 firewalls have arrived at end-of-life but are still widely used in smaller businesses and in a few larger data centers. The ASA 5500-X Series Next-Generation Firewalls deliver significantly more value and have supplanted the ASA 5500 and PIX families of firewalls for new deployments. However, Cisco's older model firewall appliances, if properly managed, continue to deliver a high degree of protection by providing a variety of security functions such as firewall, IPsec VPN, and IPS.
Following Cisco's purchase of Sourcefire, the entire family of ASA 5500-X devices can be provisioned to enable Firepower Services, based on Sourcefire's Snort product, which is the market's most popular network intrusion protection system (IPS). Firepower services provide powerful new capabilities such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-certified infrastructure consultants can help your organization to support and debug older ASA 5500 Series and PIX firewalls and can also assist you to plan and implement an efficient upgrade to Cisco's ASA 5500-X Series firewalls with Firepower Services. Progent can also assist you to plan, deploy, tune, administer and debug new firewall solutions based on Cisco's latest ASA 5500-X models with Firepower Services. Progent's firewall consultants can also help you to migrate from your Cisco ASA 5500-X deployment to Cisco's Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Firewall Product Family
Cisco's comprehensive family of ASA 5500-X firewalls features an improved replacement for each rack-mountable model in the previous ASA 5500 series of devices. Each ASA 5500-X model targets the same environment as the corresponding previous models, which gives small and midsize businesses plenty of choice for picking a firewall that aligns with their security needs and IT budgets. All ASA 5500-X firewalls build on Cisco's proven stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and are capable of running Cisco's powerful security services. All models in Cisco's ASA 5500-X family deliver consistent security across any mix of physical, virtual, and cloud environments.
For more information about ASA 5500-X firewalls, Cisco Firepower services, and Progent's consulting for Cisco ASA 5500-X security appliances, go to Firepower integration and debugging consulting
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls accept either software or hardware modules that enable Cisco's Firepower Services, which offer layered defense against advanced threats. Cisco's Firepower Services are based on technology acquired by Cisco from Sourcefire. Key features of Firepower Services for ASA firewalls include:
Smaller implementations of Cisco ASA 5500-X firewalls can be efficiently administered using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility included with all ASA 5500-X models. ASDM provides a convenient web console for deploying, administering, and debugging ASA 5500-X appliances and modules.
For multi-device and multi-site environments, ASA 5500-X appliances with Firepower Services can be managed with Firepower Management Center, available as one or several physical units or virtual appliances. Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Due to frequent rebranding after Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been delivered under various names that include Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Firepower Management Center offers features unavailable with Cisco's on-box Adaptive Security Device Manager utility. Extra features include expanded context awareness, Cisco's Advanced Malware Protection (AMP) with mitigation for user devices, a dashboard that provides real-time network visualization, automated policy optimization based on impact evaluation of attacks, comprehensive IPS, custom app detectors for Application Visibility and Control (AVC), customized health notifications, improved reporting features, and application interfaces for host input and database access. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be managed using either the on-box ASDM or the ASA command line interface.
Cisco ASA 5500 Family of Firewalls
Cisco Adaptive Security Appliances (ASA) Firewalls leverage technology developed for the PIX 500 family Security Appliance, the IPS 4200 Series sensor, and the Cisco VPN 3000 Series concentrator. These technologies converge on the Cisco Adaptive Security Appliances Firewall family to offer a firewall that stops the broadest variety of threats. Cisco Adaptive Security Appliances (ASA) Firewalls provide application protection, local containment and control, and safe VPN functionality across Cisco's product portfolio. This breadth of security enables the guarding of any network section, including the most typical threat vectors such as remote sites, LAN-connected inside users, and off-site access Virtual Private Networks.
Cisco ASA firewalls provide robust application security via intelligent, application-aware inspection engines that analyze traffic at Layers 4-7. This results in a safer environment including Web, voice, and mobile wireless services. To protect networks against application-layer assaults and to provide stronger policing of the programs and protocols used in their environments, these inspection engines integrate broad application and protocol knowledgebases and rely on protection enforcement technologies that include protocol anomaly sensing and application and protocol state tracking. Also included are assault sensing and remediation techniques including application/protocol command filtering and content verification. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide management of IM and peer-to-peer file sharing, allowing businesses to enforce usage policies and conserve bandwidth for vital business applications.
For additional details about Progent's consulting services for ASA 5500 security appliances, visit Cisco ASA 5500 firewalls integration and troubleshooting consulting.
Cisco PIX Security Appliance Series
Built upon a tested, specialized OS that delivers rich protection features, PIX firewall appliances offer a high level of security and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IPsec certification. Cisco PIX firewalls provide security for a broad range of VoIP and additional mixed-media conventions such as H.323 Version 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol (RTSP), and MGCP, helping businesses to safeguard installations of a wide array of contemporary and next-generation Voice over IP and multimedia applications.
Administrators can furthermore remotely set up, track, and analyze Cisco PIX firewalls via a command-line interface (CLI). Secure CLI interface access is available using several methods such as SSHv2 Protocol, Telnet through IP Security, and out-of-band through a console port. Cisco PIX firewalls also include dependable automatic-update features, a collection of advanced protected remote-management options that make sure that security settings and software images are kept up to date.
For additional information about Progent's support services for Cisco PIX firewalls, go to PIX 500 firewalls configuration and troubleshooting services.
Progent's Migration Consulting Support for Cisco Firewalls
Because Cisco has stopped offering the PIX and ASA 5500 families of firewalls, many companies are concerned about depending on a critical security component that may no longer be supported. ASA 5500-X and Firepower NGFW Series security appliances offer the advantage of being new devices and also offer several functions and economic benefits in comparison to PIX firewalls. These benefits include substantially higher throughput, optional Secure Sockets Layer VPN support, and an expandable design that protects your investment by allowing you to self-install more security features when and if you require them. Progent's Cisco experts can help your company to determine the business value of for upgrading from PIX 500 or ASA 5500 firewalls, design a migration plan that permits a quick and seamless changeover, assist your IT staff to install new ASA 5500-x Series or Firepower NGFW Series appliances, and provide remote training, consulting, and technical support services.
Other Ways Progent Can Assist You with Cisco ASA and PIX Firewalls
Cisco's Firepower NGFW Series, ASA Series, and PIX security appliances provide a wealth of setup, tracking, and troubleshooting options which give you the flexibility to configure these firewalls to align optimally with your business needs. Progent's CCIE authorized network consultants can show you how to configure and support a cost-effective network infrastructure that incorporates Cisco firewalls and that offers world-class security, resilience, performance, and manageability. Progent's CISA and CISM-premier information security consultants can help you to develop a security policy that makes sense for your situation and can set up your PIX or ASA firewall to enforce your security policies. Progent's risk assessment professionals can assess the effectiveness of your existing firewall deployment and validate the overall security of your whole IS environment. Progent's Technical Response Center (TRC) can provide urgent remote troubleshooting for Cisco technology and offer fast access to a Cisco CCIE network engineer.
To find out more information concerning Progent's engineering help for Cisco technology, pick a topic:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
If you wish to contact Progent about professional help for Cisco technology, phone