Cisco is a long-time leader in delivering state-of-the-art firewall appliances for the widest possible variety of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) represent a modern cybersecurity solution that combines sophisticated hardware, cloud services, and machine learning to anticipate, identify, and mitigate threats without manual intervention. Progent's Cisco-certified CCIE firewall experts can assist your organization to design and execute an efficient upgrade to Cisco Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX appliances and help you integrate Firepower appliances with Cisco's cloud-based services to create and centrally control network ecosystems that span local offices, data centers, private clouds and public clouds. Progent's firewall consultants can also help you to maintain and troubleshoot legacy Cisco security appliances. Progent's certified cybersecurity consultants can assist you with policy creation and tuning driven by industry best practices so you can establish a consistent and effective security profile across all your networked endpoints at any location.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower NGFWs Firewalls provide a significant performance boost over Cisco's previous-generation ASA 5500-X firewalls and include centralized control of modern security features such as application visibility and control (AVC), next-generation intrusion protection with intelligent prioritization of risks, advanced malware protection (AMP), DDoS mitigation, and multi-node sandboxing. For more information about Cisco's Firepower portfolio of Next Generation Firewalls (NGFWs), visit Cisco Firepower Series firewalls consulting services.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500, and PIX 500 firewall appliances provide combined firewall, VPN, and IPS services in compact single-box devices, delivering a broad range of features to meet the security needs of organizations ranging from small and mid-size businesses to enterprises and ISPs. Cisco's ASA 5500-X Series, ASA 5500 Series, and PIX firewalls enable network security staffs to protect their network edge and provide safe offsite and mobile connectivity while utilizing powerful administration mechanisms based on Cisco's industry-leading firewall technology.
Cisco's ASA 5500 Series and PIX 500 firewalls have arrived at end-of-life (EOL) but are still widely deployed in small and mid-size organizations and in some larger networks. Cisco's ASA 5500-X Series Next-Generation Firewalls deliver substantially more value and have supplanted the ASA 5500 and PIX lines of firewalls for new deployments. However, Cisco's legacy firewall appliances, if carefully managed, continue to offer a high degree of protection by supplying multiple services such as firewall, Virtual Private Network (VPN) connections, and IPS.
After Cisco's acquisition of Sourcefire, the entire family of ASA 5500-X firewalls can be provisioned to enable Firepower Services, based on Sourcefire's Snort technology, which is the market's most popular intrusion protection system (IPS). Firepower services bring powerful new features including advanced malware protection (AMP), URL filtering, real-time threat analytics, and automation.
Progent's Cisco-premier infrastructure engineers can assist you to maintain and troubleshoot legacy ASA 5500 and PIX firewall appliances and can also assist you to plan and carry out an efficient migration to Cisco's ASA 5500-X firewalls with Firepower Services. Progent can also help you to plan, configure, tune, manage and debug new firewall solutions built on Cisco's current ASA 5500-X models with Firepower Services. Progent's firewall consultants can also assist you to upgrade from your Cisco ASA 5500-X solution to Cisco's latest Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive line of ASA 5500-X security appliances features an improved replacement for every rack-mountable unit in the older ASA 5500 series of devices. Each ASA 5500-X model targets the identical market as the associated earlier models, which gives small and midsize businesses plenty of choice for selecting a firewall that meets their security needs and IT budgets. All ASA 5500-X firewalls build on Cisco's tested stateful-inspection firewall technology and all include 64-bit hardware with multicore CPUs and support Cisco's advanced security services. All devices in Cisco's ASA 5500-X product line deliver consistent protection across any combination of physical, virtual, and cloud environments.
For additional information about Cisco's ASA 5500-X firewalls, Firepower services, and Progent's support for ASA security appliances, visit Firepower integration and troubleshooting consulting
Cisco's Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X security appliances accept either software or physical modules that support Firepower Services, which offer layered defense against multi-vector threats. Cisco's Firepower Services are powered by innovative technology adopted by Cisco from Sourcefire. Major features of Firepower Services for ASA 5500-X security appliances include:
Smaller deployments of Cisco ASA 5500-X firewalls can be effectively administered via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web utility which is provided with all ASA 5500-X versions. ASDM includes an easy-to-use web dashboard for configuring, managing, and troubleshooting ASA 5500-X appliances and service modules.
For multi-device and multi-site environments, ASA 5500-X appliances with Firepower can be administered with Firepower Management Center, available as one or more physical or virtual appliances. Cisco's Firepower Management Center offers centralized firewall management, Application Visibility and Control, advanced IPS, URL filtering, and Advanced Malware Protection (AMP). Due to ongoing rebranding after Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names including Cisco Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center offers features unavailable with Cisco's on-device Adaptive Security Device Manager utility. Additional features include greater context awareness, Cisco's Advanced Malware Protection with mitigation for user devices, a dashboard that offers real-time network infrastructure visualization, automated policy tuning based on risk evaluation of threats, advanced IPS, custom application detectors for Application Visibility and Control, customized health alerts, enhanced reporting options, and APIs for host input and database access. Hardware-dependent options such as clustering, stacking, switching, routing, VPN, and NAT must be managed using either the on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Adaptive Security Appliances
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls build on engineering behind the Cisco PIX 500 family Security Appliance, Cisco's IPS 4200 family Intrusion Prevention System, and the Cisco VPN 3000 family concentrator. These technologies enable the Cisco ASA Firewall product line to offer a platform that defends against the broadest variety of attacks. Cisco ASA Firewalls deliver application protection, network containment and control, and clean Virtual Private Network connectivity across the entire product portfolio. This broad scope of protection allows defense of any network segment, which includes the most common attack conduits such as remote sites, locally-connected inside users, and remote access Virtual Private Networks.
Cisco ASA firewalls provide robust application protection through intelligent, application-sensitive inspection engines that examine traffic at Layers 4-7. This produces a better protected network covering Web, voice, and mobile wireless services. To defend against application-layer attacks and to offer better control over the programs and protocols utilized in their environments, these inspection engines integrate extensive application and protocol knowledgebases and employ protection enforcement solutions such as protocol anomaly sensing and state tracking. Also incorporated are assault sensing and mitigation techniques including application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide management of IM and tunneling applications, enabling businesses to enforce usage policies and free up bandwidth for vital business applications.
For additional information about Progent's support services for Cisco's ASA 5500 security appliances, go to ASA 5500 firewalls integration and troubleshooting consulting.
PIX Security Appliance Series
Built around a hardened, specialized operating system that offers a wealth of protection services, Cisco PIX firewall appliances provide excellent protection and have earned EAL 4 status and ICSA Labs Firewall and IPsec certification. PIX security appliances offer protection for a broad range of Voice over IP and additional mixed-media standards such as H.323 v. 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol (MGCP), helping businesses to protect deployments of a broad range of current and upcoming Voice over IP and video applications.
IT managers can also remotely configure, track, and analyze PIX firewalls via a command-line interface (CLI). Secure command-line interface (CLI) access is available using several techniques including Secure Shell (SSHv2) Protocol, Telnet over IP Security, and out-of-band through a console port. Cisco PIX security appliances also have robust auto-update features, a collection of advanced protected remote-management services that make sure that firewall configurations and software images are kept current.
For additional details about Progent's support services for Cisco PIX 500 security appliances, visit PIX firewalls integration and troubleshooting consulting.
Progent's Migration Consulting Support for Cisco Firewalls
Since Cisco has ceased offering the PIX and ASA 5500 families of firewalls, many companies are uncomfortable with relying on a key security component that may no longer be supported. Cisco ASA 5500-X and Firepower Series security appliances have the benefit of being new devices and also bring a number of technical and financial advantages in comparison to PIX firewalls. These advantages include substantially higher throughput, optional Secure Sockets Layer tunneling capability, and an expandable design that guards your investment by allowing you to self-install new security features when and if you need them. Progent's Cisco certified network engineers can help you to determine the strategic value of for moving from PIX 500 or ASA 5500 firewalls, create a migration plan that allows for a fast and seamless upgrade, assist you to set up new ASA 5500-x Series or Firepower NGFW Series firewalls, and provide remote training, consulting, and troubleshooting services.
Other Ways Progent Can Help You with Cisco ASA and PIX Security Appliances
Cisco's Firepower Series, ASA Series, and PIX family security appliances provide a wealth of setup, tracking, and analysis options that give you the flexibility to deploy these security appliances to align optimally with your business requirements. Progent's CCIE certified network consultants can show you how to design a cost-effective infrastructure that includes Cisco security appliances and that provides advanced protection, resilience, throughput, and manageability. Progent's GISA and CISM-certified IS security engineers can help you to create a security policy that makes sense for your environment and can set up your PIX or ASA firewall to support your security strategy. Progent's security assessment consultants can evaluate the effectiveness of your existing firewall solution and audit the security of your whole IS environment. Progent's Technical Response Center (TRC) can deliver urgent online technical support for Cisco products and offer fast access to a Cisco expert.
To see additional information about Progent's engineering support for Cisco technology, choose a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To ask Progent about consulting support for Cisco technology, call