Ciscoís ASA 5500-X Series, ASA 5500 Series, and PIX firewall appliances provide integrated firewall, VPN, and intrusion prevention system capabilities in single-box devices, delivering a wide range of features to match the security and compliance requirements of organizations ranging from small and mid-size businesses to enterprises and ISPs. Ciscoís ASA 5500-X, ASA 5500, and PIX 500 firewalls enable network security staffs to protect their network perimeter and offer safe remote connectivity while utilizing powerful management mechanisms built on Cisco's industry-leading firewall technology.
Ciscoís ASA 5500 and PIX firewalls have arrived at end-of-life (EOL) status but are still widely deployed in small and mid-size organizations and in a few larger networks. The ASA 5500-X Next-Generation Firewalls deliver substantially more value and have supplanted Cisco's ASA 5500 and PIX 500 families of firewalls for new installations. Still, Cisco's older model firewalls, if properly managed, continue to offer a high degree of security by supplying multiple features including stateful firewall, IPsec VPN, and IPS.
After Cisco's acquisition of Sourcefire, the whole line of Cisco ASA 5500-X firewalls can be configured to enable Firepower Services, built on Sourcefire's Snort product, which is the market's most deployed network intrusion protection system. Firepower services provide enhanced capabilities including advanced malware protection (AMP), URL filtering, dynamic threat analytics, and security automation.
Progent's Cisco CCIE-premier network engineers can assist your organization to support and debug older ASA 5500 and PIX 500 firewall appliances and can also assist you to design and implement a smooth upgrade to Ciscoís ASA 5500-X Series firewalls with Firepower Services. Progent can also assist you to plan, configure, optimize, administer and troubleshoot new firewall solutions built on Cisco's current ASA 5500-X models with Firepower.
Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive family of ASA 5500-X security appliances includes an improved replacement for every rack-mountable unit in the older ASA 5500 series of firewalls. Each ASA 5500-X firewall is suited for the same environment as the corresponding previous models, which gives most plenty of room for picking a firewall that meets their security requirements and IT budgets. All ASA 5500-X products build on Cisco's proven stateful-inspection firewall technology and all include 64-bit hardware with multicore processors and are capable of running Cisco's powerful security services. All models in Cisco's ASA 5500-X family deliver consistent security across any mix of physical, virtual, and cloud environments.
For more information about Cisco's ASA 5500-X security appliances, Firepower services, and Progent's consulting for Cisco ASA 5500-X firewalls, visit Firepower configuration and troubleshooting consulting
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls accept software or physical modules that enable Firepower Services, which offer layered defense against advanced threats. Cisco's Firepower Services are powered by technology acquired by Cisco from Sourcefire. Major capabilities of Firepower Services for ASA security appliances include:
- Multi-layer protection against both familiar and new attacks
- Advanced Malware Protection (AMP) that utilizes big data to find and mitigate intrusions
- A Next-Generation Intrusion Prevention System (NGIPS) that performs contextual analysis that looks at users, infrastructure, apps, and content to detect attacks that incorporate simultaneous vectors
- High-resolution Application Visibility and Control (AVC that is aware of thousands of apps and can automatically activate standard and customized IPS policies depending on the severity of risk
Firepower Services for Cisco ASA 5500-X firewalls provide multi-layered protection
Simpler deployments of ASA 5500-X firewalls can be effectively managed using Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility provided with all ASA 5500-X models. ASDM provides an easy-to-use web dashboard for configuring, managing, and troubleshooting ASA 5500-X firewalls and service modules.
For more complex deployments, ASA 5500-X firewalls with Firepower can be administered with Cisco's Firepower Management Center, available as one or more physical or virtual appliances. Firepower Management Center offers centralized firewall management, Application Visibility and Control, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Due to frequent rebranding since Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under various names including Defense Center, FireSIGHT Defense Center, and Cisco Firesight Management Center.
Cisco's Firepower Management Center provides capabilities unavailable with Cisco's on-box ASDM utility. Additional features include expanded context awareness, Cisco's Advanced Malware Protection with remediation for user devices, a console that offers real-time network visualization, automated policy tuning based on impact evaluation of threats, advanced IPS, custom application discovery for Application Visibility and Control, customized health notifications, enhanced reporting features, and application interfaces for host input and database access. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be managed via Cisco's ASA 5500-X on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls leverage engineering developed for Cisco's PIX 500 Series firewall, the IPS 4200 Intrusion Prevention System, and the VPN 3000 family concentrator. These solutions enable the Cisco Adaptive Security Appliances 5500 Series Firewall family to offer a firewall that defends against the widest variety of threats. Cisco Adaptive Security Appliances 5500 Series Firewalls deliver application protection, network containment, and safe Virtual Private Network connectivity throughout Cisco's product portfolio. This breadth of security enables defense of any network area, including the most common threat conduits like remote sites, locally-attached internal users, and off-site connected VPNs.
The scalable design of the Cisco ASA 5500 family enables you to add features via service modules and cards. These user-installable enhancements provide the option of adding Intrusion Protection and content protection services like blocking virus, worms, and phishing attacks and executing data and URL screening. In addition to enabling you to respond quickly to new threat environments, the expandable design of the Cisco ASA 5500 Series also leverages your capital investment by prolonging the life of your firewalls. The Cisco ASA 5500 Series also protects your investment in IT staff training by utilizing the familiar set of PIX 500 management utilities and protocols such as the Cisco Adaptive Security Device Manager (ASDM) platform, protected command-line interface access, verbose syslog, and Simple Network Management Protocol (SNMP).
Cisco ASA firewalls provide robust application security via intelligent, application-sensitive inspection processes that analyze traffic at Layers 4-7. This results in a better protected network covering Web, voice, and 3G-mobile wireless access. To protect against application-layer assaults and to offer stronger control over the applications and protocols utilized in their networks, these inspection engines integrate broad application and protocol knowledge and rely on protection enforcement solutions such as protocol anomaly sensing and state monitoring. Also included are assault sensing and mitigation techniques such as application and protocol command filters and content verification. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide control over IM and tunneling applications, enabling organizations to police usage policies and recover bandwidth for important business applications.
For more details about Progent's support services for Cisco's ASA 5500 security appliances, see Cisco ASA 5500 firewalls configuration and troubleshooting consulting.
Cisco PIX Firewall Appliances
Built around a tested, purpose-built software platform that offers rich security features, PIX security appliances offer a high level of security and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IP Security (IPsec) qualification. PIX firewall appliances provide security for a broad array of VoIP and additional mixed-media conventions including H.323 Version 4, SIP, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol, and Media Gateway Control Protocol, enabling businesses to safeguard installations of a wide array of current and next-generation IP voice and mixed-media applications.
Cisco PIX firewall appliances offer a variety of setup, monitoring, and troubleshooting features, giving businesses the versatility to use the methods that best meet their needs. Administrative solutions include common, policy-based administration tools, integrated web-based administration, and compatibility with remote-monitoring standards such as Simple Network Management Protocol and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system provides a powerful Web-based management solution that greatly simplifies the deployment, ongoing modification, and monitoring of a single PIX firewall appliance without the need of any additional utility beyond an ordinary browser and Java applet to be running on a manager's computer.
IT managers can also remotely configure, track, and analyze Cisco PIX firewalls using a command-line interface (CLI). Safe CLI interface access is possible using a number of techniques such as Secure Shell Protocol, Telnet over IP Security (IPsec), and out-of-band via a console port. PIX firewalls also include robust auto-update capabilities, a collection of advanced protected remote-administration options that make sure that security configurations and software images are kept up to date.
For more information about Progent's support services for PIX firewalls, visit Cisco PIX 500 firewalls integration and troubleshooting consulting.
Progent's PIX to ASA Migration Consulting Support
Because Cisco has discontinued selling the PIX product line, many businesses are concerned about relying on a critical infrastructure component that might stop being supported by Cisco. Cisco ASA 5500 security appliances have the advantage of being new devices and also bring several technical and budgetary benefits in comparison to PIX 500 devices. These advantages include significantly better performance, optional Secure Sockets Layer tunneling support, and a modular architecture that guards your investment by enabling you to self-install more security services when and if you need them. Progent's Cisco certified experts can assist your company to assess the strategic case for upgrading from PIX 500 to Cisco ASA 5500 security appliances, design a migration plan that permits a fast and non-disruptive changeover, assist you to deploy new ASA 5500 firewalls, and offer online, consulting, and technical support services.
Other Ways Progent Can Assist Your Business with Cisco ASA and PIX Security Appliances
Cisco's Cisco ASA 5500 Series adaptive security appliances and PIX family security appliances incorporate an array of configuration, monitoring, and troubleshooting options that give you the flexibility to set up these security appliances to match your company's requirements. Progent's CCIE authorized network professionals can assist you to install a cost-effective infrastructure that incorporates Cisco ASA and/or PIX firewall technology and that provides advanced security, fault tolerance, performance, and recoverability. Progent's GISA and CISSP-ISSP-certified information security professionals can assist you to create a security policy that makes sense for your situation and can set up your firewall to support your security policies. Progent's risk evaluation professionals can assess the effectiveness of your existing firewall deployment and help determine the overall security of your whole IS environment. Progentís Help Desk support team can provide emergency online technical support for Cisco products and can give you fast access to a Cisco network engineer.
To see additional information concerning Progent's consulting support for Cisco technology, select a topic:
To see additional information about Progent's consulting assistance for Cisco products, choose a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To get in touch with Progent about professional support for Cisco networking, call 1-800-993-9400 or refer to Contact Progent.