Cisco is a long-time leader in delivering cutting-edge firewall appliances for the widest possible variety of deployments. Cisco's Firepower Next Generation Firewalls represent an advanced cybersecurity platform that combines sophisticated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to block, identify, and respond to cyber attacks automatically. Progent's Cisco-certified CCIE-certified firewall consultants can assist your organization to design and execute an efficient upgrade to Cisco Firepower firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and show you how to enhance Firepower appliances with Cisco's security services to create and centrally control IT environments that span branch offices, data centers, private clouds and public clouds. Progent can also help you to manage and debug older-generation Cisco security appliances. Progent's certified cybersecurity experts can assist you with policy creation driven by leading best practices so you can establish a consistent security posture that applies to all your networked devices anywhere.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower Next Generation Firewalls provide a significant performance improvement compared to Cisco's popular ASA 5500-X firewalls and include centralized management and automation of modern security features like application visibility and control, next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection, DDoS mitigation, and multi-node sandboxing. For more information about Cisco's Firepower portfolio of Next Generation Firewalls, refer to Firepower firewalls consulting expertise.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco’s ASA 5500-X Series, ASA 5500 Series, and PIX 500 firewalls offer integrated firewall, VPN, and intrusion prevention system capabilities in single-box devices, delivering a wide array of features to match the security and compliance requirements of organizations ranging from small businesses to enterprises and Internet service providers. Cisco’s ASA 5500-X Series, ASA 5500 Series, and PIX firewalls enable network security teams to defend their network perimeter and offer safe remote access while utilizing advanced management mechanisms based on Cisco's world-class firewall technology.
Cisco’s ASA 5500 and PIX firewall appliances have reached end-of-life status but remain widely used in small and mid-size businesses and in a few enterprise networks. Cisco’s ASA 5500-X Next-Generation Firewalls deliver significantly more value and have supplanted Cisco's ASA 5500 and PIX 500 families of firewalls for new deployments. However, Cisco's older model firewall appliances, if carefully maintained, can deliver a high level of protection by supplying multiple features such as firewall, VPN, and IPS.
After Cisco's purchase of Sourcefire, the whole family of Cisco ASA 5500-X devices can be provisioned to support Firepower Services, built on Sourcefire's Snort technology, which is the world's most deployed intrusion protection system. Firepower services bring enhanced capabilities including advanced malware protection (AMP), URL filtering, real-time threat analytics, and automation.
Progent's Cisco CCIE-premier infrastructure engineers can help you to maintain and debug older ASA 5500 Series and PIX 500 firewalls and can also assist you to plan and implement an efficient upgrade to Cisco’s ASA 5500-X Series firewalls with Firepower. Progent can also assist you to plan, integrate, optimize, manage and troubleshoot new firewall ecosystems built on Cisco's current ASA 5500-X firewalls with Firepower Services. Progent's firewall consultants can also help you to upgrade from your Cisco ASA 5500-X solution to Cisco's Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive line of ASA 5500-X security appliances includes an enhanced replacement for each rack-mountable unit in the previous ASA 5500 line of firewalls. Each ASA 5500-X model is suited for the same environment as the corresponding previous models, which gives most plenty of choice for selecting a solution that meets their security requirements and budgets. All ASA 5500-X products are based on Cisco's proven stateful-inspection firewall technology and all include 64-bit hardware with multicore CPUs and are capable of running Cisco's advanced security services. All models in Cisco's ASA 5500-X product line deliver consistent protection across any combination of physical, virtual, and cloud environments.
For additional information about Cisco's ASA 5500-X firewalls, Firepower services, and Progent's consulting for ASA firewalls, see Cisco Firepower integration and debugging expertise
Cisco's Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X security appliances accept either software or hardware modules that support Firepower Services, which provide layered defense against sophisticated threats. Cisco's Firepower Services are powered by technology acquired by Cisco from Sourcefire. Major features of Firepower Services for ASA 5500-X security appliances include:
Simpler implementations of Cisco ASA 5500-X firewalls can be effectively managed using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool included with all ASA 5500-X versions. ASDM includes a convenient web dashboard for deploying, managing, and troubleshooting ASA 5500-X firewalls and modules.
For more complex environments, ASA 5500-X appliances with Firepower can be administered with Firepower Management Center, implemented as one or several physical or virtual devices. Firepower Management Center provides centralized firewall management, Application Visibility and Control (AVC, advanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Because of frequent rebranding since Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been offered under several names including Cisco Defense Center, FireSIGHT Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center provides features unavailable with Cisco's on-device Adaptive Security Device Manager utility. Extra capabilities include expanded context awareness, Advanced Malware Protection with mitigation for user devices, a dashboard that provides dynamic network visualization, automated policy tuning based on impact assessment of attacks, comprehensive IPS, custom application discovery for Application Visibility and Control, customized health notifications, improved reporting features, and APIs for host input and database access. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be managed using the on-device ASDM or the ASA 5500-X command line interface.
Cisco ASA 5500 Adaptive Security Appliances
Cisco Adaptive Security Appliances (ASA) Firewalls leverage technology developed for Cisco's PIX 500 Series Security Appliance, the Cisco IPS 4200 family sensor, and the Cisco VPN 3000 family concentrator. These solutions enable the Cisco Adaptive Security Appliances (ASA) Firewall family to offer a platform that defends against the broadest range of threats. Cisco Adaptive Security Appliances 5500 Series Firewalls deliver program security, network containment, and clean VPN connectivity across Cisco's product line. This breadth of security allows defense of any network section, which includes the most common attack conduits such as remote locations, LAN-connected inside users, and remote access VPNs.
Cisco Adaptive Security Appliances firewalls deliver a high-level of application protection through smart, application-sensitive inspection processes that analyze network flows at Layers 4-7. The result is a more secure environment including Web, voice, and mobile wireless services. To protect networks against application-layer attacks and to offer better policing of the programs and protocols used in their networks, Cisco's inspection engines incorporate extensive application and protocol knowledge and rely on security enforcement technologies such as anomaly sensing and state tracking. Also incorporated are assault sensing and remediation technology including application/protocol command filtering and content verification. Cisco Adaptive Security Appliances firewall inspection engines also deliver control over IM and peer-to-peer file sharing, enabling organizations to police usage policies and free up network bandwidth for vital business processes.
For additional details about Progent's consulting services for ASA 5500 firewalls, visit ASA 5500 firewalls integration and troubleshooting services.
PIX Firewall Appliances
Based around a tested, specialized operating system that delivers a wealth of protection features, PIX firewall appliances offer excellent protection and have received Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IP Security qualification. PIX firewall appliances offer security for a broad range of Voice over IP and other multimedia standards including H.323 Version 4, SIP, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol, and Media Gateway Control Protocol, helping businesses to protect installations of a wide range of current and next-generation Voice over IP and mixed-media applications.
IT managers can furthermore remotely set up, monitor, and troubleshoot Cisco PIX firewall appliances using a CLI interface. Safe command-line interface (CLI) access is available through several techniques including Secure Shell Protocol, Telnet through IP Security, and out-of-band via a console port. Cisco PIX firewalls also have dependable automatic-update capabilities, a set of revolutionary protected remote-management options that make sure that security configurations and software images are always current.
For more details about Progent's support services for Cisco PIX firewalls, see Cisco PIX 500 firewalls integration and debugging support.
Progent's Migration Support for Cisco Firewalls
Because Cisco has stopped offering the PIX and ASA 5500 families of firewalls, many companies are concerned about relying on a critical infrastructure mechanism that might no longer be supported by Cisco. Cisco ASA 5500-X and Firepower NGFW Series security appliances have the advantage of being new devices and also bring a number of technical and budgetary benefits in comparison to PIX firewalls. These advantages include significantly better throughput, optional SSL VPN capability, and a modular architecture that guards your investment by allowing you to self-install more security services when and if you need them. Progent's CCIE-certified experts can assist you to assess the strategic value of for upgrading from PIX or ASA 5500 security appliances, create a migration process that allows for a fast and seamless upgrade, help your IT staff to set up new ASA 5500-x or Firepower NGFW Series appliances, and offer online, consulting, and troubleshooting services.
Additional Ways Progent Can Assist Your Business with Cisco ASA and PIX Security Appliances
Cisco's Firepower NGFW Series, ASA 5500 Series, and PIX family security appliances incorporate an array of configuration, monitoring, and analysis features which offer you the ability to configure these security appliances to match your company's needs. Progent's CCIE certified network experts can assist you to build an efficient infrastructure that incorporates Cisco firewall technology and that offers advanced protection, resilience, throughput, and manageability. Progent's CISA and CISSP-ISSP-premier IS security engineers can help your business to develop a security policy appropriate for your business and can set up your firewall to support your security strategy. Progent's risk evaluation professionals can evaluate the effectiveness of your current firewall deployment and audit the overall security of your whole information system environment. Progent’s Help Desk Call Center can deliver emergency online troubleshooting for Cisco technology and can give you fast access to a Cisco expert.
To find out more information about Progent's professional assistance for Cisco products, choose a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To get in touch with Progent about consulting help for Cisco networking, phone