Cisco is a long-time front-runner in delivering state-of-the-art firewalls for the widest possible range of environments. Cisco's Firepower Next Generation Firewalls represent a modern firewall solution that marshals sophisticated hardware, cloud services, and machine learning to block, identify, and respond to cyber attacks without manual intervention. Progent's Cisco-certified CCIE firewall consultants can help your organization to design and carry out an efficient migration to Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and show you how to integrate Firepower firewalls with Cisco's security services to build and centrally control IT ecosystems that include branch offices, data centers, and cloud resources. Progent can also help you to maintain and troubleshoot legacy Cisco security appliances. Progent's certified network security consultants can assist you with policy creation driven by leading best practices so you can establish a consistent cybersecurity profile that applies to all your networked endpoints at any location.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower Next Generation Firewalls deliver a major performance improvement over Cisco's popular ASA 5500-X security appliances and include unified control of advanced cybersecurity features like application visibility and control, next-generation intrusion protection (NGIPS) with intelligent prioritization of risks, advanced malware protection, distributed denial of service (DDoS) mitigation, and multi-node sandboxing. For details about Cisco's Firepower family of Next Generation Firewalls (NGFWs), see Firepower Series firewalls consulting expertise.
Cisco's ASA 5500-X Series and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500, and PIX 500 firewalls provide integrated firewall, VPN, and intrusion prevention system capabilities in single-box devices, delivering a broad range of features to match the security and compliance requirements of organizations ranging from small businesses to enterprises and ISPs. Cisco's ASA 5500-X, ASA 5500, and PIX 500 firewalls enable network security teams to protect their network perimeter and offer secure remote connectivity while using powerful management mechanisms based on Cisco's world-class firewall products.
Cisco's ASA 5500 and PIX 500 firewalls have reached end-of-life status but are still widely deployed in smaller businesses as well as in a few enterprise networks. Cisco's ASA 5500-X Next-Generation Firewalls deliver substantially more value and have supplanted Cisco's ASA 5500 and PIX lines of firewalls for new installations. However, Cisco's older model firewalls, if properly maintained, continue to offer a high degree of protection by supplying a variety of services including stateful firewall, Virtual Private Network (VPN) connections, and IPS.
After Cisco's acquisition of Sourcefire, the entire line of Cisco ASA 5500-X devices can be configured to support Firepower Services, built on Sourcefire's Snort technology, which is the world's most deployed network intrusion protection system. Firepower services provide enhanced capabilities such as advanced malware protection (AMP), URL filtering, dynamic threat analytics, and automation.
Progent's Cisco-premier network consultants can assist you to maintain and debug older ASA 5500 Series and PIX firewalls and can also help you to plan and carry out an efficient migration to Cisco's ASA 5500-X firewalls with Firepower. Progent can also assist you to plan, deploy, optimize, administer and debug new firewall solutions based on Cisco's current ASA 5500-X firewalls with Firepower Services. Progent can also assist you to upgrade from your Cisco ASA 5500-X Series deployment to Cisco's latest Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's extensive family of ASA 5500-X security appliances includes an enhanced substitute for each rack-mountable unit in the older ASA 5500 line of firewalls. Each ASA 5500-X firewall targets the same market as the corresponding previous models, which gives most plenty of room for selecting a solution that meets their security requirements and budgets. All ASA 5500-X products are based on Cisco's proven stateful-inspection firewall technology and all incorporate purpose-built 64-bit hardware with multicore processors and are capable of running Cisco's advanced protection services. All models in Cisco's ASA 5500-X product line provide consistent protection across any combination of physical, virtual, and cloud deployments.
For additional details about Cisco's ASA 5500-X firewalls, Cisco Firepower services, and Progent's consulting for Cisco ASA 5500-X security appliances, visit Cisco Firepower integration and debugging consulting
Cisco's Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X security appliances accept either software or physical modules that support Cisco's Firepower Services, which offer layered protection against multi-vector threats. Cisco's Firepower Services are powered by innovative technology acquired by Cisco from Sourcefire. Major features of Firepower Services for ASA security appliances include:
- Multi-layer protection against both familiar and zero-day threats
- Advanced Malware Protection (AMP) that uses big data to find and remediate intrusions
- Cisco's Next-Generation Intrusion Prevention System that performs contextual analysis that looks at users, network infrastructure, software applications, and content to discover threats that incorporate multiple approaches
- High-resolution Application Visibility and Control (AVC that is familiar with thousands of apps and can automatically launch both standard and customized IPS policies based on the degree of threats
Firepower Services for ASA 5500-X firewalls offer multi-layered threat protection
Simpler deployments of ASA 5500-X firewalls can be efficiently administered via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool which is provided with all ASA 5500-X versions. ASDM includes an easy-to-use web console for configuring, managing, and troubleshooting ASA 5500-X firewalls and modules.
For more complex deployments, ASA 5500-X appliances with Firepower can be administered with Cisco's Firepower Management Center, available as one or several physical or virtual devices. Cisco's Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Advanced Malware Protection. Because of ongoing rebranding after Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names that include Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Firepower Management Center unifies event and policy control for Cisco Firepower firewalls
Cisco's Firepower Management Center provides capabilities unavailable with Cisco's on-box ASDM utility. Extra capabilities include greater context awareness, Cisco's Advanced Malware Protection with remediation for user devices, a dashboard that offers real-time network infrastructure visualization, automated policy optimization driven by risk assessment of threats, advanced IPS, custom application detectors for Application Visibility and Control (AVC), customized health alerts, improved reporting features, and APIs for host input and database access. Hardware-dependent capabilities like clustering, stacking, switching, routing, VPN, and NAT must be managed using Cisco's ASA 5500-X on-box ASDM or the ASA CLI.
Cisco ASA 5500 Family of Adaptive Security Appliances
Cisco ASA 5500 Series Firewalls leverage technology behind the Cisco PIX 500 family Security Appliance, the Cisco IPS 4200 family sensor, and the VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances 5500 Series Firewall product line to deliver a platform that stops the widest variety of threats. Cisco Adaptive Security Appliances (ASA) Firewalls provide program security, network containment, and safe Virtual Private Network functionality throughout Cisco's product portfolio. This breadth of security allows defense of any network section, including the most typical attack vectors such as remote locations, LAN-attached inside users, and off-site connected VPNs.
The scalable architecture of the Cisco ASA 5500 family allows you to add more security services via security service modules and cards. These easy-to-install enhancements give you the ability to add Intrusion Protection and content protection services like blocking virus, worms, and phishing attacks and executing file and web filtering. In addition to allowing you to react quickly to new risk environments, the expandable design of the Cisco ASA 5500 family also leverages your capital investment by increasing the useful life of your firewalls. The ASA 5500 family also leverages your investment in administrative team education by supporting the familiar set of PIX management utilities and protocols including the Cisco ASDM system, secure command-line interface availability, verbose syslog, and Simple Network Management Protocol.
Cisco ASA 5500 Series firewalls deliver a high-level of application security via smart, application-sensitive inspection processes that examine network flows at Layers 4-7. The result is a better protected network covering Web, voice, and mobile wireless services. To defend against application-layer attacks and to provide better policing of the programs and protocols used in their networks, these inspection engines incorporate broad application and protocol knowledge and rely on security enforcement solutions that include protocol anomaly sensing and state monitoring. Also incorporated are assault sensing and mitigation techniques such as application/protocol command filters and content verification. Cisco ASA firewall inspection engines also deliver management of instant messaging and tunneling applications, enabling businesses to police usage policies and recover network bandwidth for crucial business processes.
For additional details about Progent's support services for Cisco's ASA 5500 firewalls, go to ASA 5500 series firewalls integration and troubleshooting support.
Cisco PIX Firewalls
Built around a hardened, specialized software platform that delivers a wealth of protection services, PIX security appliances offer excellent security and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Firewall and IP Security certification. Cisco PIX security appliances offer protection for a broad range of VoIP and additional mixed-media conventions including H.323 Version 4, Session Initiation Protocol, SCCP, Real-Time Streaming Protocol, and Media Gateway Control Protocol (MGCP), enabling organizations to safeguard installations of a broad range of contemporary and upcoming VoIP and multimedia applications.
PIX firewalls feature a wealth of setup, monitoring, and analysis options, providing businesses the flexibility to utilize the techniques that best meet their needs. Administrative solutions include centralized, policy-based administration utilities, integrated web-based management, and compatibility with remote-tracking standards such as Simple Network Management Protocol (SNMP) and syslog. The integrated ASDM system provides a powerful Web-based control platform that significantly streamlines the installation, ongoing configuration, and monitoring of a specific Cisco PIX firewall appliance without requiring any additional software other than a standard Web browser and Java plug-in to be installed on a manager's PC.
IT managers can furthermore remotely set up, monitor, and analyze PIX firewalls via a command-line interface. Safe command-line interface access is possible using a number of techniques such as Secure Shell (SSHv2) Protocol, Telnet over IP Security (IPsec), and out-of-band via a console port. PIX security appliances also have dependable automatic-update capabilities, a collection of advanced secure remote-management options that make sure that security settings and software images are kept up to date.
For more details about Progent's consulting services for Cisco PIX security appliances, go to PIX 500 firewalls configuration and troubleshooting services.
Progent's Migration Support Services for Cisco Firewalls
Since Cisco has ceased offering the PIX 500 and ASA 5500 families of firewalls, many companies are concerned about depending on a critical security component that might stop being supported by Cisco. Cisco ASA 5500-X and Firepower NGFW Series firewalls have the advantage of being current products and also bring several functions and budgetary benefits in comparison to PIX 500 devices. These benefits include significantly better throughput, optional SSL VPN capability, and a modular architecture that guards your investment by allowing you to add new security services whenever you need them. Progent's Cisco certified experts can assist your company to assess the business case for upgrading from PIX 500 or ASA 5500 firewalls, design a migration process that permits a quick and seamless upgrade, help you to install new ASA 5500-x or Firepower Series firewalls, and offer online, consulting, and troubleshooting services.
Other Ways Progent Can Help Your Business with Cisco Firewalls
Cisco's Firepower Series, ASA 5500 Series, and PIX security appliances provide an array of setup, tracking, and analysis options which offer you the flexibility to deploy these firewalls to match your company's needs. Progent's CCIE authorized network experts can help you to design an efficient infrastructure that incorporates Cisco firewalls and that provides world-class protection, resilience, performance, and manageability. Progent's GISA and CISM-certified information security professionals can assist your business to develop a security policy appropriate for your business and can configure your security appliance to enforce your security strategy. Progent's security evaluation consultants can assess the effectiveness of your current firewall deployment and validate the security of your whole IT network. Progent's Technical Response Center (TRC) can provide emergency online troubleshooting for Cisco products and offer quick access to a Cisco expert.
To learn more details about Progent's consulting help for Cisco networking products, pick a topic:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
If you wish to get in touch with Progent about technical support for Cisco networking, phone 1-800-993-9400 or visit Contact Progent.