Cisco Firewall ConsultingCisco's Firepower Next Generation Firewalls (NGFWs) provide a major performance boost over Cisco's popular ASA 5500-X firewalls and offer unified management and automation of modern security features and services such as application visibility and control (AVC), next-generation intrusion protection system (NGIPS) with intelligent prioritization of risks, advanced malware protection (AMP), URL filtering, distributed denial of service (DDoS) mitigation, and sandboxing. Progent's Cisco-certified CCIE firewall experts can help you plan and carry out an efficient migration to Firepower Series firewalls from ASA 5500-X, ASA 5500, or PIX appliances and show you how to integrate Firepower firewalls with Cisco's subscription-based security services to build and centrally manage environments that span branch offices, data centers, private clouds and public clouds. Progent can also help you manage and troubleshoot legacy Cisco firewalls so they deliver maximum business value. Progent's certified cybersecurity experts can help you with policy creation and tuning based on industry best practices in order to establish a consistent and effective security profile across all devices anywhere that access your IT ecosystem.

Cisco's Firepower NGFW Firewall Appliances
Cisco's family of Firepower NGFW firewalls include the 1000 Series, 2100 Series, 4100 Series, and 9300 Series of security appliances. This portfolio offers advanced protection and unified management at price points, performance levels, and scale suitable for environments ranging from home offices and small businesses to major enterprises and service providers. All Firepower NGFW firewalls have a single-pass architecture and support continuous analysis and retrospective detection, which makes it possible to provide outbreak controls and to pinpoint patient zero. Firepower NGFW firewalls also offer URL Filtering and subscription-free sandboxing for detecting evasive and sandbox-aware malware, actionable event correlations, behavioral indicators of compromise (IoCs), and malware artifacts. NGIPS rule tuning and network firewall policy are automated, requiring no manual intervention. All Firepower NGFW firewalls give you the option of running either Cisco Firepower Threat Defense (FTD) or Cisco Adaptive Security Appliance (ASA) software. Centralized configuration, logging, monitoring, and reporting functions can be controlled either by Cisco's Management Center or in the cloud with Cisco Defense Orchestrator.

Cisco Firepower 1000 Series Firewalls
Cisco Firepower 1000 Series Firewalls ConsultingFirepower 1000 Series Firewalls are intended for small businesses, home offices, or branch offices. Firewalls in this series offer better price/performance than comparable Cisco ASA 5506-X to ASA 5525-X firewalls, delivering 4-6X higher firewall throughput. Local management can be performed with Cisco Firepower Device Manager. These appliances include an integrated 10M/100M/1GBASE-T RJ-45 Ethernet port for network management, an RJ-45 console port, a USB 3.0 Type-A port, and 200 GB of storage. Active/active and Active/standby high availability is supported along with VPN load balancing.

Cisco's Firepower 1010 firewall is a desktop, fanless device that offers 650 Mbps throughput for Firewall (FW), Application Visibility/Control (AVC), and Next Generation Intrusion Prevention System (NGIPS). The appliance comes with 8 RJ45 integrated I/O ports, two of them POE+ capable. IPsec VPN throughput is 300 Mbps and the appliance supports 100K simultaneous sessions, 6,000 new connections per second, and a maximum of 75 VPN peers. The Firepower 1120 firewall is a 1RU rack device that delivers firewall throughput of 1.5 Gbps. The appliance comes with 8 integrated RJ45 I/O ports and four SFP interface ports. IPsec VPN throughput is 1 Gbps and the firewall supports 200K concurrent sessions, 15,000 new connections per second with AVC, and a maximum of 150 VPN peers.

The Firepower 1140 firewall is a 1RU rack appliance with firewall throughput of 2.2 Gbps. The firewall comes with 8 RJ45 I/O ports and four SFP interface ports. IPsec VPN throughput is 1.2 Gbps and the firewall supports 400K concurrent sessions, 22,000 new connections per second with AVC, and a maximum of 400 VPN peers. The Firepower 1150 firewall is a 1RU rack device that delivers firewall throughput of 3 Gbps. The appliance includes with 8 integrated RJ45 I/O ports, two SFP ports, and two 10G SFP+ ports. IPsec VPN throughput is 1.4 Gbps and the unit can handle 600K concurrent sessions, 28,000 new connections per second, and up to 800 VPN peers.

Cisco Firepower 2100 Series Firewalls
Cisco Firepower 2100 Series Firewalls ConsultingCisco's Firepower 2100 Series Firewalls are 1RU rack units intended for deployment at the Internet edge or the data center. These firewalls have a dual multicore CPU architecture that allows them to deliver 3-6X faster performance than the Cisco ASA 5545-X to ASA 5555-X firewalls they are designed to replace. Local management can be performed with Cisco Firepower Device Manager. All Firepower 2100 Series Firewalls include 12 RJ45 and four SFP interfaces. These firewalls include one integrated 10M/100M/1GBASE-T RJ-45 Ethernet port for network management, an RJ-45 console port, and one USB 2.0 Type-A interface. Active/standby high availability is supported along with VPN load balancing.

Cisco's Firepower 2110 firewall includes four integrated 1 Gigabit SFP Ethernet interfaces and 100 GB of storage. The 2110 delivers 2.3 Gbps firewall throughput and 800 Mbps IPsec VPN throughput and allows 1 million concurrent sessions, 14,000 new connections per second, and up to 75 VPN peers. The Firepower 1120 firewall is a 1RU rack device that delivers firewall throughput of 1.5 Gbps. The appliance includes four 1G SFP interface ports. IPsec VPN throughput is 1 Gbps and the firewall supports 200K concurrent sessions, 15,000 new connections per second with AVC, and a maximum of 1,500 VPN peers. Cisco's Firepower 2120 firewall has 12 integrated 10M/100M/1GBASE-T Ethernet RJ-45 interfaces, four integrated 1G SFP Ethernet interfaces, and 100 GB of storage. The 2120 delivers 3 Gbps firewall throughput and 1 Gbps IPsec VPN throughput and allows 1.5 million concurrent sessions, 17,000 new connections per second and up to 3,500 VPN peers.

Cisco's Firepower 2130 firewall includes four integrated 10 Gigabit SFP+ interfaces, and 200 GB of storage. The unit also accepts a network module with 8 additional interfaces. The 2130 offers 5 Gbps firewall throughput and 1.6 Gbps IPsec VPN throughput and allows 2 million concurrent sessions, 27,000 new connections per second, and up to 7,500 VPN peers. Cisco's high-end Firepower 2140 firewall includes four integrated 10 Gigabit SFP+ interfaces and 200 GB of storage. The unit also accepts a network module with 8 additional interfaces for a maximum of 24 Ethernet ports. The 2140 offers 9 Gbps firewall throughput and 3.2 1Gbps IPsec VPN throughput and allows 3 million concurrent sessions, 57,000 new connections per second, and up to 10,000 VPN peers. Both the 2130 and 2140 model firewalls have the option of dual AC or DC power supplies.

Cisco Firepower 4100 Series Firewalls
Cisco Firepower 4100 Series Firewalls ConsultingCisco's Firepower 4100 Series Firewalls are 1RU rack appliances intended for deployment at the Internet edge or high-performance data centers. These firewalls deliver 5-10X faster throughput than the Cisco ASA 5585-X firewall they are designed to replace. Local management can be performed with Cisco Firepower Device Manager. All Firepower 4100 Series Firewalls include 8 integrated SFP+ interfaces and all accept a selection of add-in network modules for a maximum of 24 interfaces. All Firepower 4100 Series Firewalls support VPN load balancing, Active/standby high availability, and clustering of up to 6 chassis. These firewalls include an integrated 1 Gigabit Ethernet port for network management, an RJ-45 console port, and one USB 2.0 interface.

Cisco's Firepower 4110 firewall includes 200 GB of storage and delivers 13 Gbps firewall throughput and 6 Gbps IPsec VPN throughput. The 4110 allows 10 million concurrent sessions, 64K new connections per second, and up to 10,000 VPN peers. Cisco's newer Firepower 4115 firewall has 400 GB of storage and delivers 27 Gbps firewall throughput and 8 Gbps IPsec VPN throughput. The 4115 allows 15 million concurrent sessions, 200K new connections per second, and up to 15,000 VPN peers. Cisco's Firepower 4120 firewall includes 200 GB of storage and delivers 22 Gbps firewall throughput and 19 Gbps IPsec VPN throughput. The 4120 allows 15 million concurrent sessions, 118K new connections per second, and up to 15,000 VPN peers. Cisco's newer Firepower 4125 firewall has 800 GB of storage and delivers 40 Gbps firewall throughput and 14 Gbps IPsec VPN throughput. The 4125 allows 25 million concurrent sessions, 265K new connections per second, and up to 20,000 VPN peers.

Cisco's Firepower 4140 firewall includes 400 GB of storage and delivers 32 Gbps firewall throughput and 13 Gbps IPsec VPN throughput. The 4140 allows 25 million concurrent sessions, 172K new connections per second, and up to 20,000 VPN peers. Cisco's newer Firepower 4145 firewall has 800 GB of storage and delivers 53 Gbps firewall throughput and 18 Gbps IPsec VPN throughput. The 4145 allows 30 million concurrent sessions, 350K new connections per second, and up to 20,000 VPN peers. Cisco's Firepower 4150 firewall includes 400 GB of storage and delivers 45 Gbps firewall throughput and 14 Gbps IPsec VPN throughput. The 4150 allows 30 million concurrent sessions, 263K new connections per second, and up to 20,000 VPN peers.

Cisco Firepower 9300 Series Firewalls
Cisco Firepower 9300 Series Firewalls ConsultingCisco's Firepower 9300 Series Firewalls are highly scalable and ultra-high performing carrier-grade security appliances. The 3 Rack Units (3RU) form factor of Firepower 9300 Series firewalls accepts two add-in network modules and three security modules. Fully loaded, the Firepower 9300 can support 24 10-Gigabit Ethernet Enhanced Small Form-Factor Pluggable (SFP+) network interfaces or eight 100 Gigabit Ethernet interfaces. Intrachassis clustering of up to 5 chassis allows up to 1.2 Tbps of firewall throughput. The high-end Cisco Firepower 9300 SM-56 delivers 70 Gbps firewall throughput and 27 Gbps IPsec VPN throughput. The unit allows 35 million concurrent sessions, 490K new connections per second, and up to 20,000 VPN peers.

Legacy Firewalls from Cisco
Cisco's earlier-generation ASA 5500-X, ASA 5500, and PIX 500 firewalls provide integrated firewall, VPN, and intrusion prevention system (IPS) services in compact single-box packages, delivering a broad range of capabilities to meet the security needs of organizations ranging from small and mid-size businesses to enterprises and Internet service providers. Cisco's ASA and PIX firewalls allow IT groups to protect their network perimeter and provide secure remote access while utilizing powerful management tools based on Cisco's industry-leading firewall technology.

Cisco's PIX and ASA 5500 firewalls have reached end-of-life (EOL) status but remain widely used by small and mid-size businesses as well as by many enterprise data centers. The ASA 5500-X Series Next-Generation Firewalls deliver significantly more bang for the buck and have superseded the ASA 5500 and PIX firewalls for new deployments. The ASA 5500-X Series has in turn been replaced by Cisco's Next-Generation Firepower Firewalls. Still, Cisco's legacy firewalls, if properly managed, continue to deliver a high level of protection by supplying multiple security functions including firewall, VPN, and IPS.

Following Cisco's purchase of Sourcefire, the entire family of Cisco ASA 5500-X firewalls can be provisioned to support Firepower Services, built on Sourcefire's Snort technology, which is the world's most deployed network intrusion protection system. Firepower services bring enhanced features including advanced malware protection (AMP), URL filtering, dynamic threat analytics, and security automation.

Progent's Cisco certified network engineers can help you maintain and debug legacy PIX and ASA 5500 series firewalls and can also help you plan and implement a smooth migration to ASA 5500-X firewalls with Firepower Services. Progent can also help you plan, deploy, tune, manage and troubleshoot firewall solutions based on Cisco ASA 5500-X firewalls with Firepower Services.

Firepower Services for Cisco ASA 5500-X Firewalls and Firepower NGFW Firewalls
Cisco ASA 5500-X firewalls and Firepower NGFW Firewalls accept software or hardware modules that support Cisco's Firepower Services, which offer multi-layer defense against sophisticated threats. Firepower Services are based on technology acquired by Cisco from Sourcefire. Key features of Firepower Services include:

  • Layered defense against both familiar and zero-day threats
  • Advanced Malware Protection (AMP) that utilizes big data to discover and mitigate security breaches
  • Cisco's Next-Generation Intrusion Prevention System (NGIPS) that provides contextual analysis that covers clients, network infrastructure, apps, and content to detect attacks that incorporate multiple vectors
  • Fine-grained Application Visibility and Control, or AVC, that is aware of thousands of applications and can automatically launch both standard and custom IPS policies based on the severity of risk
Cisco Firepower Consultants

Firepower Services for Cisco ASA 5500-X and NGFW firewalls offer advanced multi-layered security

Simpler deployments of ASA 5500-X and NGFW firewalls can be efficiently managed via Cisco's on-box Adaptive Security Device Manager (ASDM), which is provided with all ASA 5500-X models. ASDM includes an easy-to-use web console that provides a convenient mechanism for deploying, managing, and debugging ASA 5500-X and NGFW devices and service modules.

For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower Services and NGFW firewalls can be managed with Firepower Management Center, available as one or more physical or virtual devices. Firepower Management Center provides centralized firewall management, visibility and control over applications, advanced IPS, URL filtering, and AMP. Due to frequent rebranding since Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been delivered under various names including Defense Center, FireSIGHT Defense Center, and FireSIGHT Management Center.

Cisco Firepower Management Center Consulting

Firepower Management Center provides features unavailable with the ASDM on-device manager. These include context awareness capabilities such as file trajectory, advanced malware protection (AMP) with mitigation for user devices, a console that offers real-time network visualization, automated policy tuning based on impact assessment of threats, comprehensive IPS, custom application detectors for AVC, customized health notifications, enhanced reporting features, and application interfaces for host input and database access. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be managed via Cisco's ASA 5500-X on-box ASDM and the ASA command line interface.

Cisco's ASA 5500-X Product Family
Cisco's extensive family of ASA 5500-X series firewalls includes an enhanced replacement for each rack-mountable model in the older ASA 5500 family of firewalls. Each ASA 5500-X device targets the same environment as the corresponding earlier models, which gives small offices and branch offices, midsize businesses, and large enterprises plenty of options in choosing a firewall that fits their performance requirements and budgets. All ASA 5500-X products build on Cisco's proven and widely deployed stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore CPUs and are capable of running Cisco's advanced security services. All models in Cisco's ASA 5500-X family provide consistent security across any mix of physical, virtual, and cloud environments.

Cisco ASA 5500-X with Firepower Consulting

Cisco ASA 5506-X and ASA 5508-X Firewalls
Cisco ASA 5506-X with Firepower Services Integration ConsultingCisco's ASA 5506-X firewall is a value-priced desktop device for entry-level firewall applications. Cisco offers a Wi-Fi enabled model as well as a hardened version for rugged environments. The ASA 5506-X offers 300 Mbps of multiprotocol firewall throughput, 100 Mbps 3DEAS/AES VPN throughput, and 250 Mbps Application Visibility and Control (AVC) performance. The ASA 5506-X can handle 10 IPsec VPN peers (or 50 with a Cisco Security Plus license), 20,000 simultaneous sessions (or 50,000 with Security Plus), 5,000 new connections per second, and 5 VLANs (or 30 VLANs with Security Plus). The appliance comes with eight integrated 1 GE ports and does not have an expansion I/O slot.

Cisco ASA 5508-X with Firepower Integration ConsultantsCisco's ASA 5508-X firewall is a value-priced 1RU firewall designed for smaller deployments. The ASA 5508-X supports up to 500 Mbps of multiprotocol throughput, 100 IPsec VPN peers, 175 Mbps 3DEAS/AES VPN performance, and AVC throughput of 450 Mbps. The ASA 5508-X can handle 100,000 concurrent sessions, 10,000 new connections per second, and up to 50 VLANs. The firewall includes eight integrated 1 GE ports and no slot for I/O expansion.

Cisco ASA 5512-X, ASA 5515-X and ASA 5516-X Firewalls
Cisco ASA 5512-X Firewall with Firepower Services IntegrationCisco's ASA 5512-X firewall is designed for small offices or branch offices and is packaged in a 1RU rack-mountable form factor. The ASA 5512-X delivers multiprotocol firewall throughput of 500 Mbps, 3DEAS/AES VPN throughput of up to 200 Mbps, and Application Visibility and Control (AVC) throughput of 300 Mbps. The ASA 5512-X supports 250 IPsec site-to-site VPN peers, 100,000 concurrent sessions, 10,000 new connections per second, and up to 50 VLANs (or 100 VLANs with Cisco's Security Plus license). The device has six integrated 10/100/1000 Ethernet ports and has one expansion slot for six 10/100/1000 ports or six SFP GE ports.

Cisco's ASA 5515-X firewall is a high-performance 1RU firewall for small offices and branch offices. The ASA 5515-X supports 600 Mbps of firewall throughput, 250 Mbps 3DEAS/AES VPN throughput, and AVC throughput of 500 Mbps. In addition, the ASA 5515-X can handle 250 IPsec VPN peers, 250,000 concurrent sessions, 15,000 new connections per second, and up to 100 VLANs. The firewall includes six integrated 10/100/1000 Ethernet ports or six SFP GE ports and has a single expansion slot for six 10/100/1000 ports or six SFP GE ports.

Cisco's ASA 5516-X firewall is a 1RU device designed for deployments in small or mid-size organizations. The unit offers up to 900 Mbps of firewall throughput, 250 Mbps of 3DEAS/AES VPN throughput, and AVC performance of 850 Mbps. The ASA 5516-X supports 300 IPsec VPN peers, 250,000 simultaneous sessions, 20,000 new connections per second, and up to 100 VLANs. The ASA 5516-X incorporates eight built-in 1 GE ports and has no I/O expansion slot.

Cisco ASA 5525-X, ASA 5545-X and ASA 5555-X Firewalls
Cisco ASA 5525-X Firewall with Firepower Services Integration Cisco's ASA 5525-X firewall replaces the discontinued ASA 5520 firewall and offers midsize businesses next-generation security at the Internet Edge. The 1RU appliance offers 1 Gbps of multiprotocol firewall throughput, 300 Mbps 3DES/AES VPN throughput, and Application Visibility and Control throughput of 1.1 Gbps. The ASA 5525-X can handle 300 VPN IPsec peers, up to 500,000 concurrent sessions, 20,000 new connections per second, and as many as 200 VLANs. The device includes eight integrated 10/100/1000 ports and has an expansion slot that can support either six 10/100/1000 ports or six SFP GE ports.

Cisco's ASA 5545-X firewall is designed as an upgrade for the legacy ASA 5540 security appliance and delivers mid-range performance for edge security. The 1RU ASA 5545-X provides 1.5 Gbps firewall throughput, 400 Mbps 3DES/AES VPN performance, and 1.5 Gbps AVC performance. The ASA 5545-X can support 400 site-to-site VPN IPsec peers, 750,000 concurrent sessions, 30,000 new connections per second, and 300 VLANs. The ASA 5545-X has eight built-in 10/100/1000 Ethernet ports and includes an expansion slot for six additional 10/100/1000 ports or for six SFP GE ports.

The Cisco ASA 5555-X firewall is designed as an upgrade for Cisco's earlier ASA 5550, now at end-of-life, and provides midsize organizations with high throughput and advanced security at the Internet edge. The ASA 5555-X delivers 2 Gbps of firewall performance, 700 Mbps 3DES/AES VPN performance, and AVC throughput of 1.75 Gbps. The ASA 5555-X handles up to 700 VPN IPsec peers, 1,000,000 simultaneous sessions, 50,000 new connections per second, and up to 500 VLANs. Eight 10/100/1000 ports are integrated with the ASA 5555-X and an expansion slot allows you to add six 10/100/1000 ports or six SFP GE ports.

Cisco ASA 5585-X Firewalls
Cisco ASA 5585-X with Firepower ConsultingThe top of the line of Cisco's ASA 5500-X firewall family is the ASA 5585-X, which is the only version with a 2RU dual-slot chassis. Intended as an upgrade for the discontinued ASA 5580 firewall, the ASA 5585-X is designed for enterprise data centers, ISPs, and other environments that need to deliver high performance and handle high traffic density.

The lower slot of the Cisco ASA 5585-X chassis is for the firewall/VPN Security Services Processor (SSP), and the upper slot is for the IPS SSP. Cisco offers four different SSPs and four IPS SSPs. Based on the SSP selected, the ASA 5585-X's multi-protocol firewall performance can be from 2 to 20 Gbps, 3DES/AES VPN throughput from 2 to 10 Gbps, and Application Visibility and Control from 4.5 Gbps to 15 Gbps. The ASA 5585-X can manage 5,000 to 10,000 VPN IPsec site-to-site peers, 500,000 to 4,000,000 simultaneous sessions, 40,000 to 160,000 new connections per second, and 1024 VLANs. Integrated I/O can be configured to support eight 10/100/1000 ports and 2x10 GE SFP+ ports or six 10/100/1000 ports and four 10 GE SFP+ ports. Expansion I/O options include eight 10 GE SFP/SFP+ ports, four 10 GE SFP/SFP+ ports, or twelve 1 GE SFP ports plus eight 10/100/1000 ports.

For more information about Progent's support for Cisco ASA 5500-X firewalls, Firepower Services, and Firepower Management Center, visit Cisco ASA 5500-X firewalls with Firepower Services consulting.

Cisco ASA 5500 Series Firewalls
Cisco's ASA 5500 Series multi-function firewalls improve on the discontinued PIX 500 family they are designed to replace by introducing a modular hardware and software architecture for easy expansion and investment protection, offering optional Secure Sockets Layer (SSL) VPN support in addition to the standard IPsec VPN included with all models, and delivering substantially higher performance. Unlike the ASA 5500-X line of firewalls that replace them, ASA 5500 firewalls can not be upgraded to support Cisco's Firepower Services.

Cisco ASA 5500 Consulting Support and Troubleshooting
The expandable design of the ASA 5500 Series allows you to add services by installing security service modules (SSMs) and security service cards (SSCs). These user-installable enhancements give you the option of adding IPS and content protection services such as blocking viruses, spyware, and phishing attacks and performing file and URL filtering. In addition to allowing you to respond quickly to new threat environments, the expandable design of the ASA 5500 Series also protects your capital investment by increasing the useful life of your security appliances. The ASA 5500 Series also protects your investment in IT staff training by supporting the rich set of PIX 500 management tools and protocols including the Cisco Adaptive Security Device Manager (ASDM) system for web-based management, secure command-line interface (CLI) access, verbose syslog, and SNMP.

Cisco ASA 5500 firewalls provide enhanced application protection via application-aware inspection processes that analyze network flows at Layers 4-7 and covers web, voice, and mobile wireless connectivity. Cisco's inspection engines integrate extensive application and protocol databases and employ advanced security enforcement technologies such as anomaly detection and application and protocol state monitoring. Cisco ASA firewall inspection engines also let you control IM and peer-to-peer file sharing so you can police usage policies and free up bandwidth for key business applications.

Cisco ASA 5505 Firewalls
Cisco ASA 5505 Firewall ConsultantsCisco's ASA 5505 firewall is designed for small businesses, branch offices, and enterprise teleworkers. These devices offer maximum firewall throughput of 150 Mbps and can handle up to 25 SSL VPN sessions plus 10,000 connections in the Base version and up to 25,000 connections in the Security Plus version. The ASA 5505 includes 256 MB of memory and can support up to three VLANs with trunking disabled. GTP/GPRS inspection, VPN clustering, and load balancing are not available in this entry-level firewall. High availability support is an option with the Security Plus version.

The ASA 5505 has a single expansion slot for a Security Services Card (SSC) that supports Advanced Inspection and Prevention. Maximum IPS throughput with this card installed is 75 Mbps.

Cisco ASA 5510, 5520, and 5540 Firewalls
Cisco ASA 5510, 5520, and 5540 Firewalls Integration HelpCisco's ASA 5510 firewall is designed for small and mid-sized businesses and small enterprises. The ASA 5510 offers maximum firewall throughput of 300 Mbps and can handle up to 250 SSL VPN sessions. In the Base version, the ASA 5510 supports 50,000 connections in the Base version and up to 130,000 connections in the Security Plus version. The ASA 5510 includes 256 MB of memory and can support up to 50 VLANs in the base version and 100 VLANs with the Security Plus version. Load balancing, VPN clustering, and high availability support are available only in the Security Plus version.

Cisco's ASA 5520 security appliance is designed for small enterprises. The 5510 offers maximum firewall throughput of 450 Mbps and can handle up to 750 SSL VPN sessions and 280,000 connections. The ASA 5520 includes 512 MB of memory and can support up to 150 VLANs. GTP/GPRS inspection, VPN clustering, plus support for load balancing and high availability are included.

Cisco's ASA 5540 is made for medium-sized enterprises, offers maximum firewall throughput of 650 Mbps, and can handle up to 2,500 SSL VPN sessions along with 400,000 connections. The ASA 5540 includes 1 GB of memory and can support up to 200 VLANs. GTP/GPRS inspection, VPN clustering, load balancing, and high availability support are included.

Cisco ASA 5510, 5520, and 5540 firewalls can each accept a single Security Services Module (SSM) that can support Content Security and Control Security, Advanced Inspection and Prevention (AIP), or 4 Gigabit Ethernet security. Maximum IPS throughput, depending on the AIP Security Services Module used, can be up to 300 Mbps on the ASA 5510, 450 Mbps on the ASA 5520, and 650 Mbps on the ASA 5540.

Cisco ASA 5550 Firewalls
Cisco ASA 5550 Consulting FirmCisco's ASA 5550 firewall is designed for large enterprises and delivers top firewall throughput of 1,200 Mbps. The ASA 5550 can handle up to 5,000 SSL VPN sessions and 650,000 connections. The Cisco ASA 5550 includes 4 GB of memory and supports up to 250 VLANs. GTP/GPRS inspection, VPN clustering, load balancing, and high availability support are included.

The ASA 5550 does not have expansion slots but has four integrated small form pluggable (SFP) fiber optic Ethernet ports.

Cisco ASA 5580 Firewalls
Cisco ASA 5550 Firewall ConsultingCisco's ASA 5580-20 and 5580-40 firewalls are designed for large enterprise data centers. The ASA 5580-20 has firewall throughput of 5 Gbps, supports 1,000,000 connections, and has 8 GB of memory. The ASA 5580-40 has firewall throughput of 10 Gbps, supports 2,000,000 connections, and has 12 GB of memory. Both versions can handle up to 10,000 SSL VPN sessions and support up to 250 VLANs. Both models include GTP/GPRS inspection, VPN clustering, load balancing, and high availability support, and both have six slots for Interface Expansion Cards (IECs) that allow the addition of Ethernet ports.

To find out how Progent can help you maintain or upgrade your Cisco ASA 5500 firewalls, see Cisco ASA 5500 firewall consulting services.

Cisco PIX Security Appliance Series
Cisco's older generation PIX 500 Series firewalls established the standard for dedicated firewall appliances and were the mostly widely deployed firewall devices in the industry. The PIX 500 series has a purpose-built operating system that offers a wealth of security services, PIX firewalls offer a high level of protection and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Firewall and IPsec certification. PIX firewalls provide security for a wide range of VoIP and other mixed-media protocols including H.323 v. 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol (RTSP), and MGCP. This enables businesses to provide security for a wide range of current and future IP voice and video applications. Because PIX firewalls are no longer sold and may not be supported by Cisco, IT managers should be thinking seriously about upgrading to the corresponding ASA 5500-X firewall. Progent can help with developing and implementing an upgrade strategy, and can also provide affordable online support to help companies manage and maintain legacy PIX firewalls.

PIX Firewalls Consulting Firm
PIX firewalls feature a variety of configuration, monitoring, and troubleshooting features, providing businesses the versatility to use the tools that best meet their needs. Management solutions include common, policy-based administration utilities, integrated Web-based administration, and compatibility with remote-monitoring protocols such as SNMP and syslog. The integrated ASDM interface provides a world-class web-accessible management solution that greatly simplifies the deployment, updating, and monitoring of individual PIX firewalls without requiring any extra software other than an ordinary browser and Java applet to be running on a manager's computer.

IT managers can also remotely configure, track, and troubleshoot PIX firewalls using a command-line interface. Secure command-line interface communication is available using a number of methods such as SSHv2 Protocol, Telnet through IP Security (IPsec), and out-of-band via a console port. Cisco PIX security appliances also have robust automatic-update capabilities, a collection of advanced secure remote-management services that ensure firewall settings and software images can be kept current.

For a description of Progent's technical support and migration services for Cisco PIX 500 firewalls, see Cisco PIX 500 firewall migration and support services.

Progent's Migration Support for Cisco Firewalls
Because Cisco has stopped offering the ASA 5500 and PIX product lines, many businesses are concerned about relying on a critical infrastructure component that may no longer be supported. ASA 5500-X and Firepower NGFW firewalls have the advantage of being current products and also offer a number of technical and economic benefits in comparison to older ASA 5500 and PIX devices. These benefits include higher throughput, connection capacity and connection speed plus the ability to run Cisco's Firepower security services. Progent's Cisco experts can help you determine the business case for migrating from PIX or ASA 5500 firewalls to ASA 5500-X or Firepower NGFW devices, create a migration plan that allows for a fast and seamless upgrade, help you deploy and configure modern firewalls, and provide remote training, consulting, and troubleshooting services.

How Progent Can Support Your Cisco Firewalls
Cisco Firepower NGFW Series, ASA 5500-X with Firepower Services, ASA 5500, and PIX 500 family firewalls incorporate a broad array of configuration, management, and expansion options that offer you the ability to set up these security appliances to match your company's specific requirements. Progent's CCIE authorized network engineers can help you to design and manage an efficient network infrastructure that includes Cisco firewalls and offers world-class security, availability, throughput, and manageability. Progent's GISA and CISSP-ISSP-qualified information security professionals can help you to create a security policy appropriate for your environment and can configure your security appliance to support your security policies. Progent's security evaluation consultants can assess the strength of your current firewall solution and validate the overall security of your entire IT environment. Progent's Technical Response Center can provide emergency online technical support for Cisco products and can give you quick access to a Cisco CCIE network engineer.

Progent offers a range of additional consulting services to help businesses of any size create a complete, company-wide security solution. Progent's project management services can help you define and implement an efficient plan to migrate from legacy Cisco appliances to the latest generation of devices. Progent's vulnerability testing and mitigation services for network devices and applications can help you validate the security and compliance of your IT environment. Progent's certified information security engineers can help you develop and test a comprehensive security strategy that addresses the complex data theft and privacy issues associated with cloud computing. Progent can help you use Cisco's AnyConnect to provide secure VPN connections for a broad range of platforms such as Windows, Mac, Linux, iOS, and Android. Progent's BYOD consulting experts can help you manage smartphones and tablets by offering services that include iPhone and iPad integration and Android phone and tablet consulting. Progent's ProSight WAN Watch 24x7 remote network monitoring and reporting services provide round-the-clock protection for your information system. Progent's disaster recovery planning consultants can help you create and validate a DR/BC plan that is based on industry best practices. Progent's QTS Data Center Test Lab is available to prototype new firewall solutions and verify that they provide the performance and security your business requires.

For more details concerning Progent's consulting services for Cisco technology, select a topic:

Contact Progent for Cisco Firewall Solutions
To ask Progent about consulting help with Cisco Firepower NGFW, ASA 5500-X, ASA 5500, or PIX firewalls, call 1-800-993-9400 or visit Contact Progent.



An index of content::

  • 24-7 Consulting Services Microsoft SharePoint Server 2013 St Paul-Maplewood Remote Support SharePoint Server 2019 Saint Paul-Eagan, MN
  • Android and Outlook integration Network Consulting Android printing Network Consultants
  • At Home Workforce Seattle Consulting Experts - Integration Assistance Seattle Redmond Bellevue After Hours At Home Workers Consulting Services near me in Seattle - Set up Consulting Experts King County Washington
  • At Home Workforce Skokie Assistance - Backup/Recovery Solutions Guidance Skokie IL At Home Workers Consulting nearby Skokie - Backup/Restore Technology Consulting and Support Services Skokie
  • Award Winning Small Business Network Consulting Group Kansas City, MO Missouri IT Specialist
  • BlackBerry BES Express Engineers BlackBerry BES Express Specialists
  • BlackBerry Exchange Integration Specialist Spokane Washington BlackBerry Email Troubleshoot Spokane, WA
  • BlackBerry Redirector Network Consulting Organization Los Angeles County BlackBerry Software Small Business Computer Consulting Services Long Beach California

  • Virtual Server Administration Website Integration Support
    Virtual Server Hyper-V Support and Integration

    Microsoft Windows Server 2012 R2 Hyper-V advances the power of server virtualization in important areas including secure multitenancy, agile infrastructure, cloud readiness, expandability and throughput, and high availability. Progent's Microsoft-certified consultants can assist your business to benefit from Hyper-V to install and manage virtual servers to cut IT costs and enhance availability.

  • BlackBerry Support Organization Migration Company BlackBerry Software

  • ProSight ESP Ransomware Protection Specialist
    Top Rated ProSight ESP Endpoint Protection Services Consultant Services

    Progent's ProSight Enhanced Security Protection (ESP) managed services offer affordable in-depth security for physical and virtual servers, desktops, smartphones, and Exchange email. ProSight ESP utilizes adaptive security and advanced machine learning for round-the-clock monitoring and responding to cyber threats from all attack vectors. ProSight ESP delivers firewall protection, penetration alerts, endpoint control, and web filtering via cutting-edge tools packaged within one agent accessible from a single control. Progent's data protection and virtualization consultants can help you to design and configure a ProSight ESP environment that meets your company's unique needs and that allows you demonstrate compliance with government and industry data security regulations. Progent will help you define and implement policies that ProSight ESP will manage, and Progent will monitor your network and respond to alerts that require urgent attention. Progent's consultants can also help your company to install and test a backup and disaster recovery solution such as ProSight Data Protection Services so you can get back in business quickly from a potentially disastrous security attack like ransomware.

  • CISSP-ISSAP Cybersecurity Services Immediate CISSP Certified Security Architect Consultant
  • Cisco Certified MS Office Communications Server Remote Support Services Microsoft Instant Messaging Consult

  • Award Winning Auditor Juniper Junos J-Web
    Juniper Junos Network and Security Manager Consulting

    Progent's Juniper-authorized network consultants can help your company to design and deploy Juniper Firewall and VPN technology, enhance and troubleshoot your network infrastructure, and upgrade smoothly from outdated products to the latest versions. Progent's Junos OS engineers can offer expertise with Juniper's premier network control software to help you to simplify the administration and improve the protection of your Juniper VPN devices and firewalls. Progent also has extensive experience maintaining Juniper's NetScreen OS and ScreenOS operating system productss and can help organizations manage environments that include a mix of Juniper's software platforms.

  • Columbus Teleworkers Call Desk Solutions Guidance Columbus Georgia Remote Workforce Expertise in Columbus - Help Desk Call Center Augmentation Consulting Experts Muscogee County Georgia
  • Consultancy desktop and application virtualization Citrix XenDesktop desktop virtualization Consult
  • Exchange 2019 Small Business Computer Consultants Atlanta Georgia Exchange 2016 Setup
  • Exchange Server 2010 Manage Petaluma Sonoma County Top Rated Exchange 2019 Computer Support For Small Offices Sonoma CA
  • Exchange Server 2019 Network Outsource Philadelphia Exchange Security Consulting Companies Philadelphia Pennsylvania

  • 24-7 Help and Support Cisco RADIUS Security
    Cisco Virtual Private Network Onsite Technical Support

    Cisco's security and remote connection products for small organizations offer a comprehensive range of easy-to-administer security solutions to help protect your wired and wireless network infrastructure. Cisco's VPN product family features switches, firewalls, intrusion detection devices and Virtual Private Network appliances. Progent's professional consulting staff includes experienced engineers with Cisco Certified Internetwork Expert and CCNP qualifications who can help your company to evaluate Cisco VPN, Cisco RADIUS Security, Cisco Aironet and Meraki wireless APs, and other Cisco security technologies that fit most closely with your company objectives.

  • Cisco Firepower 9300 Series Firewalls On-site Support
  • Fedora Linux, Sun Solaris, UNIX Technology Consulting Cincinnati Ohio CentOS Linux, Solaris, UNIX Remote Troubleshooting Cincinnati Ohio
  • Juniper Junos Configuration Cybersecurity Group Juniper Junos BGT Network Security Evaluation
  • Louisville, KY Redhat Network Engineer Professionals UNIX Louisville Kentucky
  • MS Certified Portland Assessment Portland Tech

  • Support and Help Great Plains
    Microsoft Certified Expert IT Consultant Dynamics GP

    Progent can show you how to plan and implement a smooth migration to Microsoft Dynamics GP so that you preserve your information, improve your protection, modernize your analytics, take full advantage of Microsoft Office support, and reduce business interruption by designing and executing a sensible migration strategy. Progent can also help train new Dynamics GP users so you don't lose productivity. Progent can enhance your financial reports and management analytics by providing Crystal Reports help, FRx assistance, and Microsoft Excel support. Progent's background with Microsoft .NET development, Microsoft SQL Server solutions, and designing with VBasic, XML and other platforms make it possible to create specialized business applications and eCommerce solutions that integrate transparently with Microsoft Dynamics GP 2010/Great Plains 2010.

  • MS Dynamics GP (Great Plains) Premier Partner nearby San Antonio - Customization Support Services Bexar County Texas Top Dynamics GP-Great Plains Premier Partner nearby San Antonio - Upgrade Help San Antonio
  • Marion County Oregon Windows Server 2016 Consulting Companies Windows Server 2012 R2 Small Business IT Consultants Salem
  • Memphis Bartlett Germantown Collierville BlackBerry Enterprise Server Outsource IT Shelby County Tennessee Computer Outsourcing Consultant BlackBerry Software
  • Microsoft Certified Consulting Job Opportunities San Jose Microsoft MCSA Consultant Job Opportunity Silicon Valley, California
  • Microsoft Exchange 2010 Network Consultants Microsoft Exchange Server 2013 Design Consultant Alpharetta-Johns Creek

  • Microsoft Certified Partner SCCM 2016 Configuration
    System Center 2016 Endpoint Protection IT Consultants

    Small to middle size companies can now enjoy all the benefits of System Center Operations Manager 2007 and in addition have quick access to Progentís Microsoft Premier network support experts. With Progent's affordably priced network support programs, small and midsize organizations can select a simple Microsoft System Center Operations Manager 2007-based co-sourcing package with network monitoring, reporting, Help Desk and remote troubleshooting or a complete round-the-clock outsourcing solution. Progent offers expertise in Operations Manager to offer small company information systems enterprise-class availability, security, and performance.

  • Microsoft SharePoint Server IT Consultants Top Rated Computer Consultant Microsoft SharePoint Server 2007

  • Best Services Private Clouds for Small Businesses
    Remote Engineers Virtual Server Private Cloud Hosting

    Progentís private cloud hosting service enables small and midsize organizations to run key applications such as Microsoft SQL and Exchange from a hardened Tier III data center facility on fully redundant hardware with geographically separate backup. Progent uses Microsoft's Hyper-V platform for server virtualization and Data Protection Manager (DPM) for backup and restoration. Smaller organizations can use Progentís private cloud to avoid major investments in the purchase, maintenance, and operation of computer equipment and facilities while benefiting the highest levels of network availability and physical security.

  • Microsoft and Cisco Migration Chandler Tempe Mesa Gilbert 24-7 Windows Security Small Office IT Consulting Services Chandler
  • Newark, CA After Hours Desktop Engineer Contract Job Opportunities Microsoft MCTS Consultant Part-Time Jobs Silicon Valley
  • Oklahoma Information Technology Outsourcing Group SharePoint SharePoint Small Business Computer Consulting Oklahoma
  • Open Now Remote Workers Consulting Experts in Tampa - IP Voice Systems Assistance Hillsborough County 24 Hour At Home Workers Tampa Consulting Services - IP Voice Solutions Guidance Tampa Bay
  • Professional remote Microsoft network troubleshooting Ontario Canada Professionals remote Microsoft network troubleshooting Ontario
  • Programmer Microsoft T-SQL MS SQL Server Contract Development
  • Questions about Recruit Cisco Consultant Full-Time Jobs FAQ about Cisco CCIE Telecommuting Jobs
  • Redhat Linux, Solaris, UNIX Integration Services Saddle Brook-Moonachie Saddle Brook-Moonachie Fedora Linux, Solaris, UNIX Professional
  • Remote Workforce Columbus Assistance - Management Tools Consultants Columbus Columbus Telecommuters Management Systems Consulting Experts Columbus, GA
  • Rochester New York CISSP Secure Rochester, NY Security Consultancies CISSP
  • SharePoint 2010 Remote Consulting Mission Viejo CA Technical Support Microsoft SharePoint Server 2013 Mission Viejo-Lake Forest
  • Skype for Business Specialists Microsoft Skype for Business IM Specialists
  • Small Business Network Consulting Group Microsoft Expert Migration Consulting Small Office
  • Software Consulting Services SQL New York City, Buffalo, Rochester, Syracuse, Yonkers, Albany SQL Outsourcing Services
  • Specialists Ubiquiti UniFi wireless LAN Ubiquiti XG Security Gateway Consultant Services
  • Support Services Macintosh Virus Recovery Online Support Services Mac Disaster Recovery
  • Support Team Indiana - Indianapolis, IN, Fort Wayne, IN, Gary, IN, Evansville, IN Network Recovery Indiana - Indianapolis, IN, Fort Wayne, IN, Gary, IN, Evansville, IN

  • Threat Management Gateway Integration Services
    Microsoft Forefront Threat Management Gateway 2010 Remote Consulting

    Forefront Threat Management Gateway 2010 is based on the proven security capabilities of Internet Security and Acceleration Server 2006 and provides a centrally administered Internet gateway that delivers a single-server solution for a variety of security functions including an application layer and network layer firewall, URL filtering, antimalware, intrusion protection, reputation services, VPN management, plus HTTP and HTTPS inspection. Microsoft Forefront TMG 2010 includes advanced web security logging and reporting capabilities, permits custom reporting powered by SQL Server, works with Active Directory to simplify policy enforcement, and can be operated as a virtual machine to lower costs and enhance recoverability. Progent's Microsoft-certified engineers can assist you to design and carry out test and production implementations; integrate Microsoft Forefront TMG 2010 with Windows 2008 R2, AD, Microsoft SQL Server, Microsoft Exchange Server 2010, and Microsoft SharePoint; set up Microsoft Forefront Threat Management Gateway to run on a virtual server with Windows Hyper-V; and provide continuing consulting and repair services. Progent can also assist your organization to upgrade economically to Forefront TMG 2010 from any version of ISA Server.

  • Support and Help Systems Management Server 2003 SMS 2003 Upgrade Network Consultant
  • Tech Support For Small Business Hialeah-Miami-Dade County Remote Support Services Hialeah
  • Teleworkers Consulting near Pleasanton - Support Consultants Livermore, CA Pleasanton At Home Workers Integration Expertise

  • Microsoft Experts Windows 8.1 Work Folders Technical Support
    Expert Microsoft Certified Network Setup Windows 8.1 Migration

    Progent's Microsoft-certified experts can provide a range of technical services to help companies of any size to install, manage, and support IT systems that include desktops, notebooks, tablets, or Windows phones based on Microsoft Windows 8.1. For larger organizations, Progent's experienced project managers can assist to design and configure testing labs to evaluate Microsoft Windows 8.1 and develop and execute Windows 8.1 migration projects based on leading practices.

  • Teleworkers San Jose Guidance - Video Conferencing Systems Expertise Remote Workers Assistance - San Jose - Conferencing Solutions Expertise Cupertino, CA
  • Temporary IT Support Staffing Help Consulting Services Union City, CA 24x7 Short-Term IT Staffing Help Consulting Specialist
  • Top Rated Remote Workforce Guidance nearby Milwaukee - Infrastructure Expertise Milwaukee Milwaukee Offsite Workforce Infrastructure Consulting Experts Milwaukee
  • Urgent Support Consultant SQL Honolulu Hawaii SQL Support Consultants Honolulu, Oahu, HI, Maui, HI, Kauai, HI
  • Washington Remote Workforce Integration Consulting Experts Washington District of Columbia 24/7 Remote Workforce Washington Consulting Experts - Integration Consulting Services City of Washington
  • Windows 7 64-bit Upgrade IT Outsourcing Company Computer Consultants Windows 7 Security
  • Windows Server 2016 Network Setup Fort Wayne, IN Windows 2019 Server Migration Help Fort Wayne
  • Firepower Firewalls Remote Consulting
  • Yolo County Outsourcing Technology Technical Services Yolo County
  • ASA 5500-X Firewall with Firepower Configuration

  • © 2002-2020 Progent Corporation. All rights reserved.