Cisco Firewall ConsultingCisco's Firepower Next Generation Firewalls (NGFWs) provide a major performance boost over Cisco's popular ASA 5500-X firewalls and offer unified management and automation of modern security features and services such as application visibility and control (AVC), next-generation intrusion protection system (NGIPS) with intelligent prioritization of risks, advanced malware protection (AMP), URL filtering, distributed denial of service (DDoS) mitigation, and sandboxing. Progent's Cisco-certified CCIE firewall experts can help you plan and carry out an efficient migration to Firepower Series firewalls from ASA 5500-X, ASA 5500, or PIX appliances and show you how to integrate Firepower firewalls with Cisco's subscription-based security services to build and centrally manage environments that span branch offices, data centers, private clouds and public clouds. Progent can also help you manage and troubleshoot legacy Cisco firewalls so they deliver maximum business value. Progent's certified cybersecurity experts can help you with policy creation and tuning based on industry best practices in order to establish a consistent and effective security profile across all devices anywhere that access your IT ecosystem.

Cisco's Firepower NGFW Firewall Appliances
Cisco's family of Firepower NGFW firewalls include the 1000 Series, 2100 Series, 4100 Series, and 9300 Series of security appliances. This portfolio offers advanced protection and unified management at price points, performance levels, and scale suitable for environments ranging from home offices and small businesses to major enterprises and service providers. All Firepower NGFW firewalls have a single-pass architecture and support continuous analysis and retrospective detection, which makes it possible to provide outbreak controls and to pinpoint patient zero. Firepower NGFW firewalls also offer URL Filtering and subscription-free sandboxing for detecting evasive and sandbox-aware malware, actionable event correlations, behavioral indicators of compromise (IoCs), and malware artifacts. NGIPS rule tuning and network firewall policy are automated, requiring no manual intervention. All Firepower NGFW firewalls give you the option of running either Cisco Firepower Threat Defense (FTD) or Cisco Adaptive Security Appliance (ASA) software. Centralized configuration, logging, monitoring, and reporting functions can be controlled either by Cisco's Management Center or in the cloud with Cisco Defense Orchestrator.

Cisco Firepower 1000 Series Firewalls
Cisco Firepower 1000 Series Firewalls ConsultingFirepower 1000 Series Firewalls are intended for small businesses, home offices, or branch offices. Firewalls in this series offer better price/performance than comparable Cisco ASA 5506-X to ASA 5525-X firewalls, delivering 4-6X higher firewall throughput. Local management can be performed with Cisco Firepower Device Manager. These appliances include an integrated 10M/100M/1GBASE-T RJ-45 Ethernet port for network management, an RJ-45 console port, a USB 3.0 Type-A port, and 200 GB of storage. Active/active and Active/standby high availability is supported along with VPN load balancing.

Cisco's Firepower 1010 firewall is a desktop, fanless device that offers 890 Mbps throughput for Firewall (FW), Application Visibility/Control (AVC), and Next Generation Intrusion Prevention System (NGIPS). The appliance comes with 8 RJ45 integrated I/O ports, two of them POE+ capable. IPsec VPN throughput is 500 Mbps and the appliance supports 100K simultaneous sessions, 6,000 new connections per second, and a maximum of 75 VPN peers. The Firepower 1120 firewall is a 1RU rack device that delivers firewall throughput of 2.3 Gbps. The appliance comes with 8 integrated RJ45 I/O ports and four SFP interface ports. IPsec VPN throughput is 1.2 Gbps and the firewall supports 200K concurrent sessions, 15,000 new connections per second with AVC, and a maximum of 150 VPN peers.

The Firepower 1140 firewall is a 1RU rack appliance with firewall throughput of 3.3 Gbps. The firewall comes with 8 RJ45 I/O ports and four SFP interface ports. IPsec VPN throughput is 1.4 Gbps and the firewall supports 400K concurrent sessions, 22,000 new connections per second with AVC, and a maximum of 400 VPN peers. The Firepower 1150 firewall is a 1RU rack device that delivers firewall throughput of 5.3 Gbps. The appliance includes with 8 integrated RJ45 I/O ports, two SFP ports, and two 10G SFP+ ports. IPsec VPN throughput is 2.4 Gbps and the unit can handle 600K concurrent sessions, 28,000 new connections per second, and up to 800 VPN peers.

Cisco Firepower 2100 Series Firewalls
Cisco Firepower 2100 Series Firewalls ConsultingCisco's Firepower 2100 Series Firewalls are 1RU rack units intended for deployment at the Internet edge or the data center. These firewalls have a dual multicore CPU architecture that allows them to deliver 3-6X faster performance than the Cisco ASA 5545-X to ASA 5555-X firewalls they are designed to replace. Local management can be performed with Cisco Firepower Device Manager. All Firepower 2100 Series Firewalls include 12 RJ45 and four SFP interfaces. These firewalls include one integrated 10M/100M/1GBASE-T RJ-45 Ethernet port for network management, an RJ-45 console port, and one USB 2.0 Type-A interface. Active/standby high availability is supported along with VPN load balancing.

Cisco's Firepower 2110 firewall includes four integrated 1 Gigabit SFP Ethernet interfaces and 100 GB of storage. The 2110 delivers 2.6 Gbps firewall throughput and 800 Mbps IPsec VPN throughput and allows 1 million concurrent sessions, 18,000 new connections per second, and up to 1,500 VPN peers. Cisco's Firepower 2120 firewall has 12 integrated 10M/100M/1GBASE-T Ethernet RJ-45 interfaces, four integrated 1G SFP Ethernet interfaces, and 100 GB of storage. The 2120 delivers 3.4 Gbps firewall throughput and 1 Gbps IPsec VPN throughput and allows 1.5 million concurrent sessions, 28,000 new connections per second and up to 3,500 VPN peers.

Cisco's Firepower 2130 firewall includes four integrated 10 Gigabit SFP+ interfaces and 200 GB of storage. The unit also accepts a network module with 8 additional interfaces. The 2130 offers 5.4 Gbps firewall throughput and 1.9 Gbps IPsec VPN throughput and allows 2 million concurrent sessions, 30,000 new connections per second, and up to 7,500 VPN peers. Cisco's high-end Firepower 2140 firewall includes four integrated 10 Gigabit SFP+ interfaces and 200 GB of storage. The unit also accepts a network module with 8 additional interfaces for a maximum of 24 Ethernet ports. The 2140 delivers 10.4 Gbps firewall throughput and 3.6 1Gbps IPsec VPN throughput and allows 3 million concurrent sessions, 57,000 new connections per second, and up to 10,000 VPN peers. Both the 2130 and 2140 model firewalls have the option of dual AC or DC power supplies.

Cisco Secure Firewall 3100 Series
Cisco Secure Firewall 3100 Series ConsultingCisco's Secure Firewall 3100 Series are 1RU modular appliances intended for enterprises who need performance, high port density, and zero-trust security at the Internet edge, the data center, or a private cloud. For high availability, all Secure Firewall 3100 Series models support 8-chassis clustering and operate in Active/active or Active/standby mode. The appliances can run Cisco's ASA or Firewall Threat Defense (FTD) software. Integrated I/O for each model includes eight 10M/100M/1GBASE-T Ethernet ports (RJ-45) and eight 1/10 Gigabit (SFP) Ethernet interfaces. Available network modules support 1/10/25/40G options and all models come with 900 GB of storage plus a spare storage expansion slot.

Cisco's Secure Firewall 3110 device delivers 18 Gbps firewall throughput and 8 Gbps IPsec VPN throughput. The 3110 allows 2 million concurrent sessions, 64K new connections per second, and up to 3,000 VPN peers. Cisco's Secure Firewall 3120 model provides 22 Gbps firewall throughput and up to 10 Gbps IPsec VPN performance. The 3120 allows 4 million concurrent sessions, 98K new connections per second, and as many as 7,000 VPN peers. Cisco's Secure Firewall 3130 unit supports 42 Gbps firewall performance and 14 Gbps IPsec VPN throughput. The 3130 allows 6 million concurrent sessions, 200K new connections per second, and 15,000 VPN peers. Cisco's Secure Firewall 3140 firewall supports 49 Gbps firewall traffic and 17 Gbps IPsec VPN throughput. The 3140 firewall can handle 10 million concurrent sessions, 200K new connections per second, and 20,000 VPN peers.

Cisco Firepower 4100 Series Firewalls
Cisco Firepower 4100 Series Firewalls ConsultingCisco's Firepower 4100 Series Firewalls are 1RU rack appliances intended for deployment at the Internet edge or high-performance data centers. These firewalls deliver 5-10X faster throughput than the Cisco ASA 5585-X firewall they are designed to replace. Local management can be performed with Cisco Firepower Device Manager. All Firepower 4100 Series Firewalls include 8 integrated SFP+ interfaces and all accept a selection of add-in network modules for a maximum of 24 interfaces. All Firepower 4100 Series Firewalls support VPN load balancing, Active/Standby high availability, and clustering of up to 6 chassis. These firewalls include an integrated 1 Gigabit Ethernet port for network management, an RJ-45 console port, and one USB 2.0 interface.

Cisco's Firepower 4110 firewall includes 200 GB of storage and delivers 13 Gbps firewall throughput and 6 Gbps IPsec VPN throughput. The 4110 allows 10 million concurrent sessions, 64K new connections per second, and up to 10,000 VPN peers. Cisco's Firepower 4112 firewall includes 400 GB of storage and delivers 19 Gbps firewall throughput and 8.5 Gbps IPsec VPN throughput. The 4112 allows 10 million concurrent sessions, 98K new connections per second, and up to 10,000 VPN peers. Cisco's newer Firepower 4115 firewall has 400 GB of storage and delivers 33 Gbps firewall throughput and 12.5 Gbps IPsec VPN throughput. The 4115 allows 15 million concurrent sessions, 210K new connections per second, and up to 15,000 VPN peers. Cisco's Firepower 4120 firewall includes 200 GB of storage and delivers 22 Gbps firewall throughput and 19 Gbps IPsec VPN throughput. The 4120 allows 15 million concurrent sessions, 118K new connections per second, and up to 15,000 VPN peers. Cisco's newer Firepower 4125 firewall has 800 GB of storage and delivers 45 Gbps firewall throughput and 19 Gbps IPsec VPN throughput. The 4125 allows 25 million concurrent sessions, 269K new connections per second, and up to 20,000 VPN peers.

Cisco's Firepower 4140 firewall includes 400 GB of storage and delivers 32 Gbps firewall throughput and 13 Gbps IPsec VPN throughput. The 4140 allows 25 million concurrent sessions, 172K new connections per second, and up to 20,000 VPN peers. Cisco's newer Firepower 4145 firewall has 800 GB of storage and delivers 53 Gbps firewall throughput and 24 Gbps IPsec VPN throughput. The 4145 allows 30 million concurrent sessions, 365K new connections per second, and up to 20,000 VPN peers. Cisco's Firepower 4150 firewall includes 400 GB of storage and delivers 45 Gbps firewall throughput and 14 Gbps IPsec VPN throughput. The 4150 allows 30 million concurrent sessions, 263K new connections per second, and up to 20,000 VPN peers.

Cisco Secure Firewall 4200 Series
Cisco 4200 Series Firewalls ConsultingCisco's Secure 4200 Series Firewalls are modular, single rack units designed for deployment at large enterprise campuses and data centers that require best-in-class performance, visibility, and scalability. Secure 4200 Series Firewalls deliver over twice the throughput of previous generation firewalls and offer high port density. Up to 8 chassis can be clustered for high availability and future expansion. Crypto accelerator allows traffic decryption in real time, and zero trust application access (ZTAA) permits complete threat inspection for applications. 4200 Series appliances can be managed by the Firewall Management Center or in the cloud with Cisco Defense Orchestrator. Each 4200 model comes with 8x 1/10/25 Gigabit Ethernet ports (SFP28) on-chassis interfaces and features two interface module bays for easy expansion. Up to 24 total Ethernet interfaces are supported. Each firewall unit includes 1.8 TB x 2 storage.

Cisco's Secure Firewall 4215 model is intended for large enterprise campuses with strong growth potential. The device delivers 90 Gbps firewall throughput and 45 Gbps IPsec VPN throughput. The 4215 allows 15 million concurrent firewall connections, 350 K new connections per second, and up to 20,000 VPN peers. Cisco's Secure Firewall 4225 model is designed for enterprise data centers. The appliance delivers 95 Gbps firewall throughput and 80 Gbps IPsec VPN throughput. The 4225 allows 30 million concurrent firewall connections, 600 K new connections per second, and up to 25,000 VPN peers. Cisco's Secure Firewall 4245 model is built for service providers who support a high volume of traffic. The 4245 delivers 180 Gbps firewall throughput and 140 Gbps IPsec VPN throughput. The 4245 allows 60 million concurrent firewall connections, 800 K new connections per second, and up to 30,000 VPN peers.

Cisco Firepower 9300 Series Firewalls
Cisco Firepower 9300 Series Firewalls ConsultingCisco's Firepower 9300 Series Firewalls are highly scalable and ultra-high performing carrier-grade security appliances. The 3 Rack Units (3RU) form factor of Firepower 9300 Series firewalls accepts two add-in network modules and three security modules. Fully loaded, the Firepower 9300 can support 24 10-Gigabit Ethernet Enhanced Small Form-Factor Pluggable (SFP+) network interfaces or eight 100 Gigabit Ethernet interfaces. Intrachassis clustering of up to 5 chassis allows up to 1.2 Tbps of firewall throughput. The high-end Cisco Firepower 9300 SM-56 x 3 delivers 235 Gbps firewall throughput and 27 Gbps IPsec VPN throughput. The unit allows 195 million concurrent sessions, 4.75 M new connections per second, and up to 60,000 VPN peers.

Legacy Firewalls from Cisco
Cisco's earlier-generation ASA 5500-X, ASA 5500, and PIX 500 firewalls provide integrated firewall, VPN, and intrusion prevention system (IPS) services in compact single-box packages, delivering a broad range of capabilities to meet the security needs of organizations ranging from small and mid-size businesses to enterprises and Internet service providers. Cisco's ASA and PIX firewalls allow IT groups to protect their network perimeter and provide secure remote access while utilizing powerful management tools based on Cisco's industry-leading firewall technology.

Cisco's PIX and ASA 5500 firewalls have reached end-of-life (EOL) status but remain widely used by small and mid-size businesses as well as by many enterprise data centers. The ASA 5500-X Series Next-Generation Firewalls deliver significantly more bang for the buck and have superseded the ASA 5500 and PIX firewalls for new deployments. The ASA 5500-X Series has in turn been replaced by Cisco's Next-Generation Firepower Firewalls. Still, Cisco's legacy firewalls, if properly managed, continue to deliver a high level of protection by supplying multiple security functions including firewall, VPN, and IPS.

Following Cisco's purchase of Sourcefire, the entire family of Cisco ASA 5500-X firewalls can be provisioned to support Firepower Services, built on Sourcefire's Snort technology, which is the world's most deployed network intrusion protection system. Firepower services bring enhanced features including advanced malware protection (AMP), URL filtering, dynamic threat analytics, and security automation.

Progent's Cisco certified network engineers can help you maintain and debug legacy PIX and ASA 5500 series firewalls and can also help you plan and implement a smooth migration to ASA 5500-X firewalls with Firepower Services. Progent can also help you plan, deploy, tune, manage and troubleshoot firewall solutions based on Cisco ASA 5500-X firewalls with Firepower Services.

Firepower Services for Cisco ASA 5500-X Firewalls and Firepower NGFW Firewalls
Cisco ASA 5500-X firewalls and Firepower NGFW Firewalls accept software or hardware modules that support Cisco's Firepower Services, which offer multi-layer defense against sophisticated threats. Firepower Services are based on technology acquired by Cisco from Sourcefire. Key features of Firepower Services include:

  • Layered defense against both familiar and zero-day threats
  • Advanced Malware Protection (AMP) that utilizes big data to discover and mitigate security breaches
  • Cisco's Next-Generation Intrusion Prevention System (NGIPS) that provides contextual analysis that covers clients, network infrastructure, apps, and content to detect attacks that incorporate multiple vectors
  • Fine-grained Application Visibility and Control, or AVC, that is aware of thousands of applications and can automatically launch both standard and custom IPS policies based on the severity of risk
Cisco Firepower Consultants

Firepower Services for Cisco ASA 5500-X and NGFW firewalls offer advanced multi-layered security

Simpler deployments of ASA 5500-X and NGFW firewalls can be efficiently managed via Cisco's on-box Adaptive Security Device Manager (ASDM), which is provided with all ASA 5500-X models. ASDM includes an easy-to-use web console that provides a convenient mechanism for deploying, managing, and debugging ASA 5500-X and NGFW devices and service modules.

For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower Services and NGFW firewalls can be managed with Firepower Management Center, available as one or more physical or virtual devices. Firepower Management Center provides centralized firewall management, visibility and control over applications, advanced IPS, URL filtering, and AMP. Due to frequent rebranding since Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been delivered under various names including Defense Center, FireSIGHT Defense Center, and FireSIGHT Management Center.

Cisco Firepower Management Center Consulting

Firepower Management Center provides features unavailable with the ASDM on-device manager. These include context awareness capabilities such as file trajectory, advanced malware protection (AMP) with mitigation for user devices, a console that offers real-time network visualization, automated policy tuning based on impact assessment of threats, comprehensive IPS, custom application detectors for AVC, customized health notifications, enhanced reporting features, and application interfaces for host input and database access. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be managed via Cisco's ASA 5500-X on-box ASDM and the ASA command line interface.

Cisco's ASA 5500-X Product Family
Cisco's extensive family of ASA 5500-X series firewalls includes an enhanced replacement for each rack-mountable model in the older ASA 5500 family of firewalls. Each ASA 5500-X device targets the same environment as the corresponding earlier models, which gives small offices and branch offices, midsize businesses, and large enterprises plenty of options in choosing a firewall that fits their performance requirements and budgets. All ASA 5500-X products build on Cisco's proven and widely deployed stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore CPUs and are capable of running Cisco's advanced security services. All models in Cisco's ASA 5500-X family provide consistent security across any mix of physical, virtual, and cloud environments.

Cisco ASA 5500-X with Firepower Consulting

Cisco ASA 5506-X and ASA 5508-X Firewalls
Cisco ASA 5506-X with Firepower Services Integration ConsultingCisco's ASA 5506-X firewall is a value-priced desktop device for entry-level firewall applications. Cisco offers a Wi-Fi enabled model as well as a hardened version for rugged environments. The ASA 5506-X offers 300 Mbps of multiprotocol firewall throughput, 100 Mbps 3DEAS/AES VPN throughput, and 250 Mbps Application Visibility and Control (AVC) performance. The ASA 5506-X can handle 10 IPsec VPN peers (or 50 with a Cisco Security Plus license), 20,000 simultaneous sessions (or 50,000 with Security Plus), 5,000 new connections per second, and 5 VLANs (or 30 VLANs with Security Plus). The appliance comes with eight integrated 1 GE ports and does not have an expansion I/O slot.

Cisco ASA 5508-X with Firepower Integration ConsultantsCisco's ASA 5508-X firewall is a value-priced 1RU firewall designed for smaller deployments. The ASA 5508-X supports up to 500 Mbps of multiprotocol throughput, 100 IPsec VPN peers, 175 Mbps 3DEAS/AES VPN performance, and AVC throughput of 450 Mbps. The ASA 5508-X can handle 100,000 concurrent sessions, 10,000 new connections per second, and up to 50 VLANs. The firewall includes eight integrated 1 GE ports and no slot for I/O expansion.

Cisco ASA 5512-X, ASA 5515-X and ASA 5516-X Firewalls
Cisco ASA 5512-X Firewall with Firepower Services IntegrationCisco's ASA 5512-X firewall is designed for small offices or branch offices and is packaged in a 1RU rack-mountable form factor. The ASA 5512-X delivers multiprotocol firewall throughput of 500 Mbps, 3DEAS/AES VPN throughput of up to 200 Mbps, and Application Visibility and Control (AVC) throughput of 300 Mbps. The ASA 5512-X supports 250 IPsec site-to-site VPN peers, 100,000 concurrent sessions, 10,000 new connections per second, and up to 50 VLANs (or 100 VLANs with Cisco's Security Plus license). The device has six integrated 10/100/1000 Ethernet ports and has one expansion slot for six 10/100/1000 ports or six SFP GE ports.

Cisco's ASA 5515-X firewall is a high-performance 1RU firewall for small offices and branch offices. The ASA 5515-X supports 600 Mbps of firewall throughput, 250 Mbps 3DEAS/AES VPN throughput, and AVC throughput of 500 Mbps. In addition, the ASA 5515-X can handle 250 IPsec VPN peers, 250,000 concurrent sessions, 15,000 new connections per second, and up to 100 VLANs. The firewall includes six integrated 10/100/1000 Ethernet ports or six SFP GE ports and has a single expansion slot for six 10/100/1000 ports or six SFP GE ports.

Cisco's ASA 5516-X firewall is a 1RU device designed for deployments in small or mid-size organizations. The unit offers up to 900 Mbps of firewall throughput, 250 Mbps of 3DEAS/AES VPN throughput, and AVC performance of 850 Mbps. The ASA 5516-X supports 300 IPsec VPN peers, 250,000 simultaneous sessions, 20,000 new connections per second, and up to 100 VLANs. The ASA 5516-X incorporates eight built-in 1 GE ports and has no I/O expansion slot.

Cisco ASA 5525-X, ASA 5545-X and ASA 5555-X Firewalls
Cisco ASA 5525-X Firewall with Firepower Services Integration Cisco's ASA 5525-X firewall replaces the discontinued ASA 5520 firewall and offers midsize businesses next-generation security at the Internet Edge. The 1RU appliance offers 1 Gbps of multiprotocol firewall throughput, 300 Mbps 3DES/AES VPN throughput, and Application Visibility and Control throughput of 1.1 Gbps. The ASA 5525-X can handle 300 VPN IPsec peers, up to 500,000 concurrent sessions, 20,000 new connections per second, and as many as 200 VLANs. The device includes eight integrated 10/100/1000 ports and has an expansion slot that can support either six 10/100/1000 ports or six SFP GE ports.

Cisco's ASA 5545-X firewall is designed as an upgrade for the legacy ASA 5540 security appliance and delivers mid-range performance for edge security. The 1RU ASA 5545-X provides 1.5 Gbps firewall throughput, 400 Mbps 3DES/AES VPN performance, and 1.5 Gbps AVC performance. The ASA 5545-X can support 400 site-to-site VPN IPsec peers, 750,000 concurrent sessions, 30,000 new connections per second, and 300 VLANs. The ASA 5545-X has eight built-in 10/100/1000 Ethernet ports and includes an expansion slot for six additional 10/100/1000 ports or for six SFP GE ports.

The Cisco ASA 5555-X firewall is designed as an upgrade for Cisco's earlier ASA 5550, now at end-of-life, and provides midsize organizations with high throughput and advanced security at the Internet edge. The ASA 5555-X delivers 2 Gbps of firewall performance, 700 Mbps 3DES/AES VPN performance, and AVC throughput of 1.75 Gbps. The ASA 5555-X handles up to 700 VPN IPsec peers, 1,000,000 simultaneous sessions, 50,000 new connections per second, and up to 500 VLANs. Eight 10/100/1000 ports are integrated with the ASA 5555-X and an expansion slot allows you to add six 10/100/1000 ports or six SFP GE ports.

Cisco ASA 5585-X Firewalls
Cisco ASA 5585-X with Firepower ConsultingThe top of the line of Cisco's ASA 5500-X firewall family is the ASA 5585-X, which is the only version with a 2RU dual-slot chassis. Intended as an upgrade for the discontinued ASA 5580 firewall, the ASA 5585-X is designed for enterprise data centers, ISPs, and other environments that need to deliver high performance and handle high traffic density.

The lower slot of the Cisco ASA 5585-X chassis is for the firewall/VPN Security Services Processor (SSP), and the upper slot is for the IPS SSP. Cisco offers four different SSPs and four IPS SSPs. Based on the SSP selected, the ASA 5585-X's multi-protocol firewall performance can be from 2 to 20 Gbps, 3DES/AES VPN throughput from 2 to 10 Gbps, and Application Visibility and Control from 4.5 Gbps to 15 Gbps. The ASA 5585-X can manage 5,000 to 10,000 VPN IPsec site-to-site peers, 500,000 to 4,000,000 simultaneous sessions, 40,000 to 160,000 new connections per second, and 1024 VLANs. Integrated I/O can be configured to support eight 10/100/1000 ports and 2x10 GE SFP+ ports or six 10/100/1000 ports and four 10 GE SFP+ ports. Expansion I/O options include eight 10 GE SFP/SFP+ ports, four 10 GE SFP/SFP+ ports, or twelve 1 GE SFP ports plus eight 10/100/1000 ports.

For more information about Progent's support for Cisco ASA 5500-X firewalls, Firepower Services, and Firepower Management Center, visit Cisco ASA 5500-X firewalls with Firepower Services consulting.

Cisco ASA 5500 Series Firewalls
Cisco's ASA 5500 Series multi-function firewalls improve on the discontinued PIX 500 family they are designed to replace by introducing a modular hardware and software architecture for easy expansion and investment protection, offering optional Secure Sockets Layer (SSL) VPN support in addition to the standard IPsec VPN included with all models, and delivering substantially higher performance. Unlike the ASA 5500-X line of firewalls that replace them, ASA 5500 firewalls cannot be upgraded to support Cisco's Firepower Services.

Cisco ASA 5500 Consulting Support and Troubleshooting
The expandable design of the ASA 5500 Series allows you to add services by installing security service modules (SSMs) and security service cards (SSCs). These user-installable enhancements give you the option of adding IPS and content protection services such as blocking viruses, spyware, and phishing attacks and performing file and URL filtering. In addition to allowing you to respond quickly to new threat environments, the expandable design of the ASA 5500 Series also protects your capital investment by increasing the useful life of your security appliances. The ASA 5500 Series also protects your investment in IT staff training by supporting the rich set of PIX 500 management tools and protocols including the Cisco Adaptive Security Device Manager (ASDM) system for web-based management, secure command-line interface (CLI) access, verbose syslog, and SNMP.

Cisco ASA 5500 firewalls provide enhanced application protection via application-aware inspection processes that analyze network flows at Layers 4-7 and covers web, voice, and mobile wireless connectivity. Cisco's inspection engines integrate extensive application and protocol databases and employ advanced security enforcement technologies such as anomaly detection and application and protocol state monitoring. Cisco ASA firewall inspection engines also let you control IM and peer-to-peer file sharing so you can police usage policies and free up bandwidth for key business applications.

Cisco ASA 5505 Firewalls
Cisco ASA 5505 Firewall ConsultantsCisco's ASA 5505 firewall is designed for small businesses, branch offices, and enterprise teleworkers. These devices offer maximum firewall throughput of 150 Mbps and can handle up to 25 SSL VPN sessions plus 10,000 connections in the Base version and up to 25,000 connections in the Security Plus version. The ASA 5505 includes 256 MB of memory and can support up to three VLANs with trunking disabled. GTP/GPRS inspection, VPN clustering, and load balancing are not available in this entry-level firewall. High availability support is an option with the Security Plus version.

The ASA 5505 has a single expansion slot for a Security Services Card (SSC) that supports Advanced Inspection and Prevention. Maximum IPS throughput with this card installed is 75 Mbps.

Cisco ASA 5510, 5520, and 5540 Firewalls
Cisco ASA 5510, 5520, and 5540 Firewalls Integration HelpCisco's ASA 5510 firewall is designed for small and mid-sized businesses and small enterprises. The ASA 5510 offers maximum firewall throughput of 300 Mbps and can handle up to 250 SSL VPN sessions. In the Base version, the ASA 5510 supports 50,000 connections in the Base version and up to 130,000 connections in the Security Plus version. The ASA 5510 includes 256 MB of memory and can support up to 50 VLANs in the base version and 100 VLANs with the Security Plus version. Load balancing, VPN clustering, and high availability support are available only in the Security Plus version.

Cisco's ASA 5520 security appliance is designed for small enterprises. The 5510 offers maximum firewall throughput of 450 Mbps and can handle up to 750 SSL VPN sessions and 280,000 connections. The ASA 5520 includes 512 MB of memory and can support up to 150 VLANs. GTP/GPRS inspection, VPN clustering, plus support for load balancing and high availability are included.

Cisco's ASA 5540 is made for medium-sized enterprises, offers maximum firewall throughput of 650 Mbps, and can handle up to 2,500 SSL VPN sessions along with 400,000 connections. The ASA 5540 includes 1 GB of memory and can support up to 200 VLANs. GTP/GPRS inspection, VPN clustering, load balancing, and high availability support are included.

Cisco ASA 5510, 5520, and 5540 firewalls can each accept a single Security Services Module (SSM) that can support Content Security and Control Security, Advanced Inspection and Prevention (AIP), or 4 Gigabit Ethernet security. Maximum IPS throughput, depending on the AIP Security Services Module used, can be up to 300 Mbps on the ASA 5510, 450 Mbps on the ASA 5520, and 650 Mbps on the ASA 5540.

Cisco ASA 5550 Firewalls
Cisco ASA 5550 Consulting FirmCisco's ASA 5550 firewall is designed for large enterprises and delivers top firewall throughput of 1,200 Mbps. The ASA 5550 can handle up to 5,000 SSL VPN sessions and 650,000 connections. The Cisco ASA 5550 includes 4 GB of memory and supports up to 250 VLANs. GTP/GPRS inspection, VPN clustering, load balancing, and high availability support are included.

The ASA 5550 does not have expansion slots but has four integrated small form pluggable (SFP) fiber optic Ethernet ports.

Cisco ASA 5580 Firewalls
Cisco ASA 5550 Firewall ConsultingCisco's ASA 5580-20 and 5580-40 firewalls are designed for large enterprise data centers. The ASA 5580-20 has firewall throughput of 5 Gbps, supports 1,000,000 connections, and has 8 GB of memory. The ASA 5580-40 has firewall throughput of 10 Gbps, supports 2,000,000 connections, and has 12 GB of memory. Both versions can handle up to 10,000 SSL VPN sessions and support up to 250 VLANs. Both models include GTP/GPRS inspection, VPN clustering, load balancing, and high availability support, and both have six slots for Interface Expansion Cards (IECs) that allow the addition of Ethernet ports.

To find out how Progent can help you maintain or upgrade your Cisco ASA 5500 firewalls, see Cisco ASA 5500 firewall consulting services.

Cisco PIX Security Appliance Series
Cisco's older generation PIX 500 Series firewalls established the standard for dedicated firewall appliances and were the mostly widely deployed firewall devices in the industry. The PIX 500 series has a purpose-built operating system that offers a wealth of security services, PIX firewalls offer a high level of protection and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Firewall and IPsec certification. PIX firewalls provide security for a wide range of VoIP and other mixed-media protocols including H.323 v. 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol (RTSP), and MGCP. This enables businesses to provide security for a wide range of current and future IP voice and video applications. Because PIX firewalls are no longer sold and may not be supported by Cisco, IT managers should be thinking seriously about upgrading to the corresponding ASA 5500-X firewall. Progent can help with developing and implementing an upgrade strategy and can also provide affordable online support to help companies manage and maintain legacy PIX firewalls.

PIX Firewalls Consulting Firm
PIX firewalls feature a variety of configuration, monitoring, and troubleshooting features, providing businesses the versatility to use the tools that best meet their needs. Management solutions include common, policy-based administration utilities, integrated Web-based administration, and compatibility with remote-monitoring protocols such as SNMP and syslog. The integrated ASDM interface provides a world-class web-accessible management solution that greatly simplifies the deployment, updating, and monitoring of individual PIX firewalls without requiring any extra software other than an ordinary browser and Java applet to be running on a manager's computer.

IT managers can also remotely configure, track, and troubleshoot PIX firewalls using a command-line interface. Secure command-line interface communication is available using a number of methods such as SSHv2 Protocol, Telnet through IP Security (IPsec), and out-of-band via a console port. Cisco PIX security appliances also have robust automatic-update capabilities, a collection of advanced secure remote-management services that ensure firewall settings and software images can be kept current.

For a description of Progent's technical support and migration services for Cisco PIX 500 firewalls, see Cisco PIX 500 firewall migration and support services.

Progent's Migration Support for Cisco Firewalls
Because Cisco has stopped offering the ASA 5500 and PIX product lines, many businesses are concerned about relying on a critical infrastructure component that may no longer be supported. ASA 5500-X and Firepower NGFW firewalls have the advantage of being current products and also offer a number of technical and economic benefits in comparison to older ASA 5500 and PIX devices. These benefits include higher throughput, connection capacity and connection speed plus the ability to run Cisco's Firepower security services. Progent's Cisco experts can help you determine the business case for migrating from PIX or ASA 5500 firewalls to ASA 5500-X or Firepower NGFW devices, create a migration plan that allows for a fast and seamless upgrade, help you deploy and configure modern firewalls, and provide remote training, consulting, and troubleshooting services.

How Progent Can Support Your Cisco Firewalls
Cisco Firepower NGFW Series, ASA 5500-X with Firepower Services, ASA 5500, and PIX 500 family firewalls incorporate a broad array of configuration, management, and expansion options that offer you the ability to set up these security appliances to match your company's specific requirements. Progent's CCIE authorized network engineers can help you to design and manage an efficient network infrastructure that includes Cisco firewalls and offers world-class security, availability, throughput, and manageability. Progent's GISA and CISSP-ISSP-qualified information security professionals can help you to create a security policy appropriate for your environment and can configure your security appliance to support your security policies. Progent's security evaluation consultants can assess the strength of your current firewall solution and validate the overall security of your entire IT environment. Progent's Technical Response Center can provide emergency online technical support for Cisco products and can give you quick access to a Cisco CCIE network engineer.

Progent offers a range of additional consulting services to help businesses of any size create a complete, company-wide security solution. Progent's project management services can help you define and implement an efficient plan to migrate from legacy Cisco appliances to the latest generation of devices. Progent's vulnerability testing and mitigation services for network devices and applications can help you validate the security and compliance of your IT environment. Progent's certified information security engineers can help you develop and test a comprehensive security strategy that addresses the complex data theft and privacy issues associated with cloud computing. Progent can help you use Cisco's AnyConnect to provide secure VPN connections for a broad range of platforms such as Windows, Mac, Linux, iOS, and Android. Progent's BYOD consulting experts can help you manage smartphones and tablets by offering services that include iPhone and iPad integration and Android phone and tablet consulting. Progent's ProSight WAN Watch 24x7 remote network monitoring and reporting services provide round-the-clock protection for your information system. Progent's disaster recovery planning consultants can help you create and validate a DR/BC plan that is based on industry best practices. Progent's QTS Data Center Test Lab is available to prototype new firewall solutions and verify that they provide the performance and security your business requires.

For more details concerning Progent's consulting services for Cisco technology, select a topic:

Contact Progent for Cisco Firewall Solutions
To ask Progent about consulting help with Cisco Firepower NGFW, ASA 5500-X, ASA 5500, or PIX firewalls, call 1-800-993-9400 or visit Contact Progent.



An index of content::

  • Barueri-Alphaville NotPetya Crypto-Ransomware Forensics Analysis Alphaville Remote Barueri-Alphaville Snatch Ransomware Forensics Investigation
  • Best Network Consulting Services Oakland Microsoft and Cisco Certified Expert Oakland Upgrading

  • Online Help System Center 2012 Operations Manager
    SCOM Management Packs Computer Consultants

    Progent's Microsoft-certified consulting experts have over a decade of experience planning, implementing, optimizing and fixing SCOM environments and can provide organizations of any size advanced remote or on-premises consulting services for Microsoft SCOM 2012. Progent can help you to design an architecture for System Center 2012 Operations Manager servers that provides the responsiveness and availability required to watch over your datacenter effectively, whether your infrastructure are on-premises, cloud-based, or a mixed environment. Progent can also help you to install and set up Microsoft SCOM 2012 management packs according to best practices for monitoring network fabric as well as Microsoft and 3rd-party apps and services. In addition, Progent can deliver fast online or onsite technical support to assist you to fix serious issues detected by SCOM 2012.

  • Boise MS Dynamics GP Customization Support Boise Eagle Microsoft Dynamics GP Boise Vender - Upgrades Consultants Boise Idaho
  • Chandler Dynamics GP-Great Plains Training Expert Chandler, America Chandler Dynamics GP Customization Consultants Chandler, Maricopa County
  • Duo Multi-factor Authentication Specialists Duo Two-factor Authentication (2FA) Support and Integration
  • Exchange Server 2013 Assessment Napa County Exchange Server 2016 IT Solution Providers Napa
  • Fedora Linux, Solaris, UNIX Troubleshooting Mandrake Linux, Solaris, UNIX Consulting Durham, NC, United States
  • Maine Solaris Technology Consulting Solaris Online Support Services Maine
  • Miami Remote Workers Integration Consulting Coconut Grove Work at Home Employees Miami Assistance - Setup Consulting Miami Beach, USA
  • Microsoft Dynamics Business Central Help and Support 24/7/365 Support Services Dynamics Business Central
  • Cisco Firepower Firewalls On-site Technical Support
  • Microsoft Exchange Configuration Exchange 2007 Online Support

  • Duo Multi-factor Authentication Onsite Technical Support
    ProSight Duo MFA Consultants

    Progent's Duo managed services utilize Cisco's Duo cloud technology to protect against password theft through the use of two-factor authentication (2FA). Duo enables single-tap identity confirmation with Apple iOS, Android, and other personal devices.

  • CCIE Certified On-site Technical Support ASA 5500-X Firewall with Firepower
  • Microsoft SharePoint Server 2013 Network Consulting Orlando, FL Orlando Florida Emergency Microsoft SharePoint 2013 Consultants

  • SQL Server 2017 Always Encrypted Remote Consulting
    SQL Server 2017 Migration Remote Support Services

    Progent's Microsoft-certified SQL Server 2017 experts can assist your business to evaluate the business benefits of migrating to SQL Server 2017 and can help you to plan and implement an efficient migration of your current SQL Server environment to any network model including local, cloud-hosted, or hybrid. Progent's SQL Server experts can provide online or onsite support services ranging from as-needed architecture assessment or troubleshooting to comprehensive project management to ensure your SQL Server 2017 project is carried out on schedule and within budget.

  • Netwalker Ransomware Hot Line Porto Alegre-Gravataí Conti Ransomware Hot Line Rio Grande do Sul

  • Mobile Connectivity Online Support Services
    Professionals Wireless LAN

    Progent's Wireless Consulting Services offer a convenient, affordable way for companies of all sizes to deploy, manage, monitor and repair cutting edge wireless connectivity solutions. For 802.11n and the latest 802.11ac Wi-Fi environments, Progent can show you how to plan and deploy hardware like Cisco's Aironet and Meraki access points and wireless controllers. For mobile messaging and online business applications, Progent can help with Apple IOS iPhones, Apple iPads, Google Android smartphones, and Windows phones and tablets.

  • New Orleans Lockbit Ransomware Mitigation Port of New Orleans New Orleans Ransomware Remediation and Data Restore New Orleans, LA, United States
  • Open Now Tacoma Conti Crypto-Ransomware Forensics Investigation Olympia, Washington Tacoma, Pierce County Tacoma Crypto-Ransomware Forensics Investigation

  • ProSight Reporting ConnectWise Manage Ticketing Online Troubleshooting
    Immediate ProSight Reporting Infrastructure Management Technology Consulting Services

    ProSight Reporting is a growing family of real-time reporting tools designed to work with the industry's leading ticketing and network monitoring applications such as ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne.

  • Remote Workers Assistance near San Mateo - Endpoint Management Systems Guidance San Mateo County, United States San Mateo San Mateo Work from Home Employees Management Systems Consultants

  • Specialists Snatch ransomware hot line
    Engineer ransomware rebuild

    Progent's Ransomware Hot Line provides 24x7 access to a experienced ransomware recovery expert who can help you to halt the spread of an active ransomware breach. Call 800-462-8800

  • Remote Workforce VoIP IT Services On-site Support Remote Workers IP Voice

  • Zero Trust Security Support and Help
    Award Winning Identity Authentication Computer Consultant

    Progent's Duo managed services incorporate Cisco's Duo cloud technology to protect against password theft by using two-factor authentication (2FA). Duo supports one-tap identity verification with Apple iOS, Google Android, and other personal devices.

  • Santa Monica-Venice, CA, America Work at Home Employees Santa Monica Consultants - IP Voice Solutions Consulting Santa Monica Santa Monica Telecommuters VoIP Technology Guidance
  • Security Consultants Microsoft SQL Server Development Firm SQL
  • Specialists for IT Service Providers nearby Corpus Christi - Seamless Temporary Support Staff Help Corpus Christi Texas Corpus Christi Consulting Experts for IT Support Companies Corpus Christi, TX

  • Remote Desktop Connection for Apple Mac Remote Consulting
    Windows Virtual Desktop for Apple Mac Remote Troubleshooting

    For companies that have a combination of Mac and Microsoft Windows computers, there are two basic alternatives for using Microsoft Windows-only software on an Apple Mac: remote access to an actual Windows computer or local simulation of a Microsoft Windows operating system on a macOS or Mac OS X desktop. Microsoft's Remote Desktop Connection Client for Apple Mac allows you to connect an Apple Mac to a remote Microsoft Windows-powered computer to run Windows software and access system resources. Microsoft's Virtual PC for Mac simulates Windows on an Apple Mac computer so you are able to use Microsoft Windows applications locally. Progent's Mac technology support experts can help your company to maintain these products for using Microsoft Windows programs on your Apple Macs and can in addition help your business to evaluate and install third-party products for Microsoft Windows platform simulation.

  • Telecommuters Fargo Guidance - Connectivity Solutions Assistance Fargo-Grand Forks, North Dakota Work from Home Employees Consultants near me in Fargo - Connectivity Solutions Consultants Fargo-Williston
  • Teleworkers Manaus Consulting and Support Services - Video Conferencing Technology Consulting Amazonas Work at Home Employees Manaus Consulting Services - Video Conferencing Solutions Consulting and Support Services Manaus

  • Certified Cybersecurity Management Consult
    Network Security Testing CISM

    Progent offers the services of CISM Certified security professionals. The Certified Information Security Manager (CISM) committee defines the basic capabilities and worldwide standards of skill that information security professionals are expected to learn. CISM gives business management the assurance that those who have qualified for their CISM credential possess the experience and capability to provide effective security management and support services.

  • Teleworkers Ontario Expertise - Endpoint Security Systems Assistance Remote Workers Ontario Consulting and Support Services - Network Security Solutions Consulting Experts Ontario
  • Top Ranked Spokane Avaddon Ransomware Forensics Spokane Washington, US Spokane County Washington Spokane Egregor Crypto-Ransomware Forensics Investigation
  • Top Rated Morgan Hill Migrations Morgan Hill, California Information Technology Outsourcing Companies
  • Windows 2008 Server Consulting Services Company Largest Windows Server 2019 Small Office Network Consulting Sorocaba

  • Specialists Microsoft Denali
    24-7 Microsoft SQL Server 2012 Outsourcing

    Progent can provide the support of certified consultants as well as seasoned software developers, database administrators, project managers, network infrastructure engineers, business continuity specialists, and data security consultants to help your business to assess the likely benefits of SQL Server 2012 for your business, install pilot systems at your datacenter or at Progent's lab, plan and execute out an efficient migration to SQL Server 2012 from previous releases of SQL Server or from legacy RDBMS platforms, and define an efficient and secure IT infrastructure that helps you maximize the business benefit of Microsoft SQL Server 2012.

  • Windows Computer Consultants Virginia Remote Consulting Windows
  • Work at Home Employees Consultants near me in Melbourne - Voice/Video Conferencing Systems Expertise Melbourne Work from Home Employees Melbourne Consulting Services - Conferencing Systems Consulting Melbourne
  • network piloting Lab Specialists Consulting Services Herakles Colocation Center Test Lab

  • © 2002-2024 Progent Corporation. All rights reserved.