Cisco is a long-time front-runner in developing cutting-edge firewalls for the widest possible variety of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) provide a modern cybersecurity platform that combines sophisticated hardware, cloud services, and machine learning to anticipate, identify, and respond to cyber attacks automatically. Progent's Cisco-certified CCIE-certified firewall consultants can help your organization to plan and carry out an efficient upgrade to Cisco Firepower firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and help you enhance Firepower firewalls with Cisco's cloud-based services to create and centrally manage IT ecosystems that span branch offices, data centers, private clouds and public clouds. Progent can also help you to manage and debug legacy Cisco security appliances. Progent's certified network security consultants can assist you with policy creation based on leading best practices so you can build a consistent cybersecurity posture that applies to all your networked endpoints anywhere.
Cisco's Firepower NGFW Firewalls
Cisco's Firepower NGFWs Firewalls deliver a significant performance boost compared to Cisco's previous-generation ASA 5500-X security appliances and include centralized control of advanced cybersecurity features such as application visibility, next-generation intrusion protection with risk prioritization, advanced malware protection, DDoS mitigation, and sandboxing. For details about Cisco's Firepower portfolio of Next Generation Firewalls (NGFWs), visit Cisco Firepower Series firewalls consulting services.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500 Series, and PIX firewalls offer integrated firewall, IPsec VPN, and IPS services in single-box devices, delivering a broad array of features to match the security and compliance requirements of companies ranging from small and mid-size businesses to enterprises and ISPs. Cisco's ASA 5500-X Series, ASA 5500, and PIX 500 firewall appliances allow network security teams to defend their network edge and provide safe offsite and mobile access while utilizing powerful management mechanisms based on Cisco's industry-leading firewall products.
Cisco's ASA 5500 and PIX 500 firewall appliances have arrived at end-of-life (EOL) but remain commonly used in small and mid-size organizations and in a few larger networks. Cisco's ASA 5500-X Next-Generation Firewalls represent significantly more bang for the buck and have superseded Cisco's ASA 5500 and PIX families of firewalls for new installations. Still, Cisco's legacy firewall appliances, if properly managed, continue to offer a high level of security by providing a variety of features including firewall, IPsec VPN, and IPS.
After Cisco's acquisition of Sourcefire, the entire family of ASA 5500-X firewalls can be provisioned to enable Firepower Services, based on Sourcefire's Snort technology, which is the world's most deployed network intrusion protection system (IPS). Firepower services provide enhanced capabilities such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-certified infrastructure engineers can help your organization to support and troubleshoot older ASA 5500 Series and PIX 500 firewalls and can also help you to design and implement a smooth migration to Cisco's ASA 5500-X Series firewalls with Firepower. Progent can also help you to design, deploy, optimize, administer and debug new firewall solutions based on Cisco's latest ASA 5500-X firewalls with Firepower. Progent's firewall consultants can also help your organization to migrate from your Cisco ASA 5500-X deployment to Cisco's latest Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive line of ASA 5500-X firewalls features an improved replacement for every rack-mountable model in the previous ASA 5500 generation of devices. Each ASA 5500-X model is suited for the same market as the corresponding previous models, which gives small and midsize businesses plenty of room for selecting a solution that meets their security requirements and budgets. All ASA 5500-X products build on Cisco's tested stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore CPUs and support Cisco's powerful security services. All models in Cisco's ASA 5500-X family provide consistent security across any mix of physical, virtual, and cloud deployments.
For more information about ASA 5500-X security appliances, Cisco Firepower services, and Progent's support for ASA 5500-X firewalls, visit Firepower configuration and troubleshooting expertise
Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X firewalls work with either software or hardware modules that support Cisco's Firepower Services, which provide layered defense against sophisticated threats. Firepower Services are powered by technology acquired by Cisco from Sourcefire. Major capabilities of Firepower Services for ASA firewalls include:
Smaller deployments of Cisco ASA 5500-X firewalls can be efficiently managed via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool provided with all ASA 5500-X models. ASDM includes a simple web console for deploying, managing, and troubleshooting ASA 5500-X appliances and service modules.
For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower Services can be managed with Firepower Management Center, available as one or more physical units or virtual devices. Firepower Management Center provides unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection (AMP). Because of ongoing rebranding after Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names that include Cisco Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center offers capabilities unavailable with Cisco's on-device ASDM utility. Extra capabilities include expanded context awareness, Cisco's Advanced Malware Protection with remediation for client devices, a console that provides real-time network visualization, automated policy optimization based on risk evaluation of threats, advanced IPS, custom app discovery for Application Visibility and Control (AVC), customized health alerts, improved reporting options, and application interfaces for host input and databases. Hardware-dependent options like clustering, stacking, switching, routing, VPN, and NAT must be managed using Cisco's ASA 5500-X on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Series Firewalls
Cisco ASA Firewalls build on engineering behind the PIX 500 family firewall, Cisco's IPS 4200 sensor, and the VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances Firewall family to deliver a platform that defends against the broadest variety of threats. Cisco Adaptive Security Appliances (ASA) Firewalls deliver application security, local containment and control, and safe Virtual Private Network connectivity across Cisco's product line. This broad scope of protection enables the guarding of any network segment, which includes the most common threat vectors like remote sites, locally-attached internal users, and remote access Virtual Private Networks.
Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls provide a high-level of application security via intelligent, application-sensitive inspection processes that examine network flows at Layers 4-7. This produces a better protected environment including Web, voice, and mobile wireless access. To protect against application-layer assaults and to offer better policing of the programs and protocols utilized in their networks, Cisco's inspection engines integrate extensive application and protocol knowledge and rely on protection enforcement solutions that include protocol anomaly detection and state monitoring. Also incorporated are attack detection and mitigation techniques such as application and protocol command filters and content verification. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide management of IM and tunneling applications, allowing organizations to enforce usage policies and conserve network bandwidth for vital business applications.
For more details about Progent's support services for ASA 5500 firewalls, see Cisco ASA 5500 series firewalls integration and debugging services.
PIX Security Appliance Series
Built around a tested, specialized OS that delivers a wealth of security services, Cisco PIX firewalls provide excellent protection and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IP Security (IPsec) certification. Cisco PIX security appliances offer protection for a broad range of Voice over IP and additional mixed-media conventions including H.323 Version 4, Session Initiation Protocol (SIP), SCCP, RTSP, and Media Gateway Control Protocol (MGCP), enabling organizations to protect installations of a broad array of current and upcoming Voice over IP and mixed-media applications.
Administrators can furthermore remotely configure, monitor, and analyze Cisco PIX firewall appliances using a command-line interface. Secure command-line interface (CLI) access is possible using several techniques including Secure Shell Protocol, Telnet over IPsec, and out-of-band through a console port. Cisco PIX firewall appliances also include dependable automatic-update features, a collection of revolutionary protected remote-management services that ensure firewall settings and software images are kept current.
For additional details about Progent's support services for PIX 500 security appliances, visit Cisco PIX 500 firewalls integration and debugging support.
Progent's Migration Consulting Services for Cisco Firewalls
Since Cisco has stopped offering the PIX 500 and ASA 5500 families of firewalls, many companies are concerned about relying on a critical infrastructure mechanism that might stop being supported. Cisco ASA 5500-X and Firepower Series firewalls have the advantage of being new devices and also offer several functions and financial benefits in comparison to PIX firewalls. These benefits include significantly higher performance, optional Secure Sockets Layer VPN capability, and a modular architecture that guards your investment by enabling you to self-install new security features whenever you require them. Progent's Cisco certified network engineers can help you to determine the strategic case for moving from PIX or ASA 5500 firewalls, design a migration plan that allows for a quick and non-disruptive changeover, assist you to set up new ASA 5500-x or Firepower NGFW Series appliances, and provide remote training, consulting, and troubleshooting services.
Additional Ways Progent Can Assist Your Business with Cisco Firewalls
Cisco's Firepower NGFW Series, ASA 5500 Series, and PIX firewalls provide a wealth of setup, monitoring, and analysis options which offer you the flexibility to set up these firewalls to align optimally with your business needs. Progent's CCIE authorized network professionals can show you how to configure and support a cost-effective network infrastructure that includes Cisco firewalls and that offers world-class security, resilience, performance, and manageability. Progent's CISA and CISSP-ISSP-certified IS security professionals can assist your business to create a security policy that makes sense for your situation and can configure your firewall to enforce your security policies. Progent's security assessment consultants can assess the effectiveness of your existing firewall solution and help determine the security of your entire information system network. Progent's Technical Response Center (TRC) can provide emergency online technical support for Cisco technology and offer fast access to a Cisco network engineer.
To find out additional information about Progent's engineering assistance for Cisco solutions, choose a subject:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To get in touch with Progent about professional support for Cisco technology, call