Cisco is a long-time front-runner in delivering state-of-the-art firewall appliances for the broadest possible variety of environments. Cisco's Firepower Next Generation Firewalls provide an advanced firewall platform that marshals dedicated hardware, cloud-based services, and next-generation intrusion protection system (NGIPS) to anticipate, discover, and respond to threats automatically. Progent's Cisco-certified CCIE-certified firewall consultants can assist your organization to design and carry out an efficient migration to Firepower firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX firewalls and show you how to enhance Firepower appliances with Cisco's security services to build and centrally manage network environments that include local offices, data centers, private clouds and public clouds. Progent's firewall consultants can also help you to manage and troubleshoot older-generation Cisco firewalls. Progent's certified cybersecurity consultants can assist you with policy creation and tuning driven by industry best practices so you can build a consistent and effective security profile across all your devices anywhere.
Cisco's Firepower Next Generation Firewall Appliances
Cisco's Firepower Next Generation Firewalls deliver a major performance improvement compared to Cisco's popular ASA 5500-X firewalls and offer unified control of modern cybersecurity features like application visibility and control, next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection (AMP), URL filtering, and sandboxing. For more information about Cisco's Firepower portfolio of Next Generation Firewalls (NGFWs), see Firepower firewalls consulting experts.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500 Series, and PIX 500 firewall appliances offer integrated firewall, IPsec VPN, and intrusion prevention system (IPS) services in single-box packages, delivering a wide array of features to meet the security and compliance needs of companies from small businesses to enterprises and ISPs. Cisco's ASA 5500-X Series, ASA 5500 Series, and PIX firewalls enable network security teams to protect their network perimeter and offer secure offsite and mobile access while utilizing advanced administration mechanisms built on Cisco's industry-leading firewall technology.
Cisco's ASA 5500 and PIX 500 firewalls have arrived at end-of-life (EOL) status but remain widely deployed in smaller organizations and in a few enterprise networks. Cisco's ASA 5500-X Next-Generation Firewalls deliver substantially more value and have superseded Cisco's ASA 5500 and PIX 500 lines of firewalls for new installations. Still, Cisco's older model firewalls, if properly maintained, continue to offer a high degree of protection by providing a variety of features including firewall, VPN tunneling, and IPS.
After Cisco's purchase of Sourcefire, the entire family of Cisco ASA 5500-X devices can be provisioned to enable Firepower Services, built on Sourcefire's Snort technology, which is the market's most deployed intrusion protection system (IPS). Firepower services bring enhanced features such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-premier infrastructure consultants can assist you to support and troubleshoot legacy ASA 5500 Series and PIX firewall appliances and can also assist you to plan and carry out an efficient migration to Cisco's ASA 5500-X firewalls with Firepower Services. Progent can also assist you to plan, configure, optimize, administer and debug new firewall solutions based on Cisco's latest ASA 5500-X models with Firepower Services. Progent's firewall consultants can also assist you to migrate from your Cisco ASA 5500-X solution to Cisco's Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive family of ASA 5500-X security appliances features an enhanced substitute for each rack-mountable model in the previous ASA 5500 series of devices. Each ASA 5500-X model targets the identical environment as the corresponding previous models, which offers small and midsize businesses plenty of choice for picking a firewall that aligns with their security requirements and budgets. All ASA 5500-X products are based on Cisco's tested stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and are capable of running Cisco's powerful security services. All devices in Cisco's ASA 5500-X product line provide dependable protection across any combination of physical, virtual, and cloud deployments.
For additional information about ASA 5500-X security appliances, Firepower services, and Progent's support for Cisco ASA 5500-X security appliances, see Firepower configuration and debugging consulting
Cisco's Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls work with either software or physical modules that support Firepower Services, which provide layered protection against multi-vector attacks. Cisco's Firepower Services are powered by innovative technology adopted by Cisco from Sourcefire. Key capabilities of Firepower Services for ASA firewalls include:
Smaller deployments of Cisco ASA firewalls can be effectively managed via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility which is provided with all ASA 5500-X models. ASDM includes an easy-to-use web console for deploying, administering, and debugging ASA 5500-X devices and service modules.
For multi-device and multi-site environments, ASA 5500-X firewalls with Firepower can be administered with Cisco's Firepower Management Center, available as one or several physical units or virtual appliances. Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Advanced Malware Protection (AMP). Due to ongoing rebranding since Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under several names that include Cisco Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center provides capabilities beyond those available with Cisco's on-device ASDM tool. Additional features include expanded context awareness, Advanced Malware Protection with remediation for client devices, a dashboard that offers real-time network infrastructure visualization, automated policy optimization based on impact evaluation of threats, comprehensive IPS, custom application discovery for Application Visibility and Control (AVC), customized health alerts, enhanced reporting features, and APIs for host input and databases. Hardware-dependent features such as clustering, stacking, switching, routing, VPN, and NAT must be managed using either Cisco's ASA 5500-X on-device ASDM or the ASA command line interface.
Cisco ASA 5500 Family of Firewalls
Cisco Adaptive Security Appliances (ASA) Firewalls leverage engineering developed for the Cisco PIX 500 family firewall, Cisco's IPS 4200 family sensor, and Cisco's VPN 3000 model concentrator. These solutions enable the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall family to offer a firewall that defends against the broadest variety of attacks. Cisco Adaptive Security Appliances 5500 Series Firewalls provide program protection, local containment, and safe Virtual Private Network functionality across Cisco's product portfolio. This breadth of security allows the guarding of any network area, which includes the most typical threat vectors such as remote sites, locally-attached internal users, and off-site access Virtual Private Networks.
Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls deliver robust application protection via smart, application-aware inspection processes that examine network flows at Layers 4-7. This produces a more secure environment including Web, voice, and mobile wireless services. To protect against application-layer assaults and to provide stronger policing of the applications and protocols used in their networks, Cisco's inspection engines incorporate extensive application and protocol knowledge and employ protection enforcement solutions that include protocol anomaly sensing and application and protocol state monitoring. Also incorporated are assault detection and remediation techniques including application/protocol command filters and URL deobfuscation. Cisco ASA 5500 Series firewall inspection engines also deliver control over instant messaging and tunneling applications, allowing businesses to police usage policies and preserve network bandwidth for critical business applications.
For more details about Progent's support services for Cisco's ASA 5500 security appliances, visit ASA 5500 firewalls integration and debugging consulting.
Cisco PIX Firewalls
Built upon a hardened, purpose-built OS that offers rich protection features, PIX firewalls offer excellent security and have received EAL 4 status and ICSA Labs Firewall and IP Security certification. PIX firewall appliances offer security for a broad range of VoIP and additional mixed-media conventions such as H.323 v. 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol, enabling organizations to protect deployments of a broad array of current and upcoming IP voice and mixed-media applications.
Administrators can furthermore remotely configure, monitor, and analyze Cisco PIX firewall appliances via a command-line interface. Secure command-line interface (CLI) access is available using a number of techniques such as SSHv2 Protocol, Telnet over IPsec, and out-of-band via a console port. Cisco PIX firewall appliances also include robust auto-update features, a set of revolutionary protected remote-management options that ensure firewall configurations and software images are kept current.
For more details about Progent's consulting services for Cisco PIX 500 security appliances, see PIX 500 firewalls integration and troubleshooting support.
Progent's Migration Consulting Services for Cisco Firewalls
Because Cisco has ceased selling the PIX and ASA 5500 product lines, many businesses are uncomfortable with depending on a key infrastructure mechanism that may no longer be supported. ASA 5500-X and Firepower Series security appliances have the benefit of being current products and also bring several technical and economic benefits in comparison to PIX 500 devices. These advantages include substantially better performance, optional Secure Sockets Layer tunneling capability, and an expandable architecture that protects your investment by enabling you to add new security services when and if you require them. Progent's Cisco experts can help you to determine the strategic case for migrating from PIX 500 or ASA 5500 firewalls, design a migration plan that allows for a fast and non-disruptive changeover, assist your IT staff to configure new ASA 5500-x Series or Firepower NGFW Series firewalls, and provide remote training, consulting, and technical support services.
Additional Ways Progent Can Assist You with Cisco ASA and PIX Security Appliances
Cisco's Firepower Series, ASA 5500 Series, and PIX family security appliances provide an array of configuration, monitoring, and analysis options which give you the flexibility to deploy these security appliances to align optimally with your company's requirements. Progent's CCIE certified network experts can assist you to build an efficient network infrastructure that incorporates Cisco security appliances and that offers world-class security, fault tolerance, performance, and manageability. Progent's CISA and CISSP-ISSP-premier IS security professionals can help you to develop a security policy appropriate for your environment and can configure your security appliance to enforce your security strategy. Progent's security assessment consultants can evaluate the effectiveness of your current firewall deployment and audit the overall security of your entire IT environment. Progent's Help Desk support team can provide urgent remote technical support for Cisco products and can give you quick access to a Cisco network engineer.
For more information concerning Progent's consulting support for Cisco solutions, select a topic:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
If you wish to get in touch with Progent about technical expertise for Cisco networking, call