Cisco IT Consultants

Cisco is a perennial leader in delivering state-of-the-art firewalls for the widest possible variety of deployments. Cisco's Firepower NGFWs Firewalls provide an advanced cybersecurity solution that marshals sophisticated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to block, discover, and respond to threats automatically. Progent's Cisco-certified CCIE-certified firewall consultants can help your organization to plan and execute a smooth upgrade to Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX appliances and show you how to enhance Firepower appliances with Cisco's subscription-based security services to create and centrally manage IT environments that span local offices, data centers, and cloud resources. Progent's firewall consultants can also assist you to maintain and debug legacy Cisco security appliances. Progent's certified network security consultants can assist you with policy creation based on leading best practices so you can establish a consistent cybersecurity profile that applies to all your networked endpoints anywhere.

Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower NGFWs Firewalls provide a major performance improvement over Cisco's popular ASA 5500-X security appliances and offer centralized control of advanced cybersecurity capabilities like application visibility and control, next-generation intrusion protection with risk prioritization, advanced malware protection (AMP), distributed denial of service (DDoS) mitigation, and multi-node sandboxing. For more information about Cisco's Firepower line of NGFWs Firewalls, see Firepower firewalls consulting expertise.

Cisco's ASA 5500-X Series and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500 Series, and PIX firewall appliances provide combined firewall, VPN, and IPS services in compact single-box devices, delivering a wide range of features to meet the security requirements of organizations from small businesses to enterprises and Internet service providers. Cisco's ASA 5500-X, ASA 5500, and PIX firewalls enable network security staffs to defend their network perimeter and provide secure offsite and mobile access while using advanced administration mechanisms based on Cisco's world-class firewall technology.

Cisco's ASA 5500 and PIX 500 firewall appliances have arrived at end-of-life but remain commonly used in small and mid-size organizations as well as in some enterprise data centers. The ASA 5500-X Series Next-Generation Firewalls represent substantially more value and have supplanted the ASA 5500 and PIX lines of firewalls for new deployments. However, Cisco's legacy firewalls, if carefully managed, continue to offer a high degree of security by providing a variety of security functions such as firewall, IPsec VPN, and IPS.

Following Cisco's acquisition of Sourcefire, the entire family of ASA 5500-X firewalls can be configured to support Firepower Services, built on Sourcefire's Snort product, which is the world's most deployed intrusion protection system. Firepower services provide powerful new features such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and automation.

Progent's Cisco-certified infrastructure engineers can assist your organization to maintain and debug legacy ASA 5500 Series and PIX firewall appliances and can also assist you to design and implement a smooth upgrade to Cisco's ASA 5500-X Series firewalls with Firepower Services. Progent can also assist you to plan, deploy, tune, manage and debug new firewall ecosystems built on Cisco's latest ASA 5500-X models with Firepower. Progent can also help your organization to upgrade from your Cisco ASA 5500-X Series deployment to Cisco's Firepower NGFWs Firewalls.

Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive line of ASA 5500-X firewalls features an enhanced substitute for every rack-mountable model in the older ASA 5500 line of devices. Each ASA 5500-X model is suited for the same environment as the corresponding earlier models, which offers most ample room for selecting a firewall that aligns with their security requirements and budgets. All ASA 5500-X products build on Cisco's tested stateful-inspection firewall technology and all include 64-bit hardware with multicore CPUs and are capable of running Cisco's powerful security services. All devices in Cisco's ASA 5500-X product line deliver dependable protection across any combination of physical, virtual, and cloud environments.

For more information about Cisco's ASA 5500-X firewalls, Cisco Firepower services, and Progent's support for ASA 5500-X firewalls, visit Cisco Firepower integration and troubleshooting expertise

Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls accept software or physical modules that support Firepower Services, which offer layered defense against advanced attacks. Firepower Services are powered by innovative technology acquired by Cisco from Sourcefire. Major features of Firepower Services for ASA 5500-X firewalls include:

• Layered defense against both familiar and new attacks
• Advanced Malware Protection that uses big data techniques to find and mitigate security breaches
• A Next-Generation Intrusion Prevention System that provides contextual analysis that looks at users, network infrastructure, apps, and content to discover attacks that incorporate multiple vectors
• Fine-grained Application Visibility and Control (AVC that is familiar with thousands of applications and can automatically activate both standard and customized IPS policies based on the degree of risk

Smaller deployments of ASA firewalls can be effectively managed via Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web utility provided with all ASA 5500-X models. ASDM provides a convenient web dashboard for configuring, administering, and debugging ASA 5500-X firewalls and service modules.

For more complex deployments, ASA 5500-X appliances with Firepower can be administered using Firepower Management Center, implemented as one or several physical or virtual appliances. Firepower Management Center offers unified firewall management, Application Visibility and Control, advanced IPS, URL filtering, and Advanced Malware Protection. Due to frequent rebranding since Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names including Cisco Defense Center, FireSIGHT Defense Center, and Cisco Firesight Management Center.

Firepower Management Center offers capabilities beyond those available with Cisco's on-box Adaptive Security Device Manager tool. Additional features include greater context awareness, Cisco's Advanced Malware Protection with mitigation for user devices, a console that offers dynamic network infrastructure visualization, automated policy tuning driven by risk evaluation of attacks, comprehensive IPS, custom application discovery for Application Visibility and Control, customized health notifications, enhanced reporting features, and APIs for host input and database access. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be handled using the on-device ASDM or the ASA command line interface.

Cisco ASA 5500 Series Firewalls
Cisco ASA Firewalls leverage technology developed for the PIX 500 family firewall, Cisco's IPS 4200 family Intrusion Prevention System, and the Cisco VPN 3000 model concentrator. These technologies converge on the Cisco Adaptive Security Appliances 5500 Series Firewall product line to deliver a firewall that defends against the broadest range of threats. Cisco Adaptive Security Appliances Firewalls provide program security, local containment, and safe VPN connectivity throughout Cisco's product line. This broad scope of security allows the guarding of any network section, including the most common threat vectors like remote locations, locally-attached internal users, and remote access Virtual Private Networks.

Cisco ASA 5500 Series firewalls deliver a high-level of application security through intelligent, application-sensitive inspection engines that analyze network flows at Layers 4-7. The result is a more secure network including Web, voice, and 3G-mobile wireless services. To protect against application-layer assaults and to provide stronger policing of the programs and protocols utilized in their networks, Cisco's inspection engines incorporate broad application and protocol knowledgebases and employ security enforcement solutions that include anomaly detection and application and protocol state tracking. Also included are assault sensing and mitigation technology such as application and protocol command filtering and content verification. Cisco Adaptive Security Appliances firewall inspection engines also deliver control over instant messaging and tunneling applications, enabling organizations to enforce usage policies and free up bandwidth for critical business processes.

For more information about Progent's consulting services for Cisco's ASA 5500 security appliances, visit ASA 5500 firewalls integration and troubleshooting consulting.

Cisco PIX Security Appliance Series
Based around a hardened, specialized software platform that offers rich security features, PIX security appliances provide excellent protection and have received EAL 4 status and ICSA Firewall and IP Security certification. Cisco PIX security appliances offer security for a wide range of VoIP and additional multimedia conventions such as H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol, and MGCP, enabling organizations to safeguard installations of a broad range of current and upcoming VoIP and multimedia applications.

IT managers can furthermore remotely set up, track, and analyze Cisco PIX security appliances via a command-line interface. Safe command-line interface (CLI) access is available using several methods such as Secure Shell (SSHv2) Protocol, Telnet through IP Security, and out-of-band through a console port. Cisco PIX firewall appliances also include robust auto-update features, a collection of revolutionary secure remote-management options that ensure firewall configurations and software images are always current.

For more details about Progent's consulting services for Cisco PIX 500 firewalls, visit PIX 500 firewalls configuration and troubleshooting services.

Progent's Migration Support Services for Cisco Firewalls
Since Cisco has stopped offering the PIX 500 and ASA 5500 families of firewalls, many businesses are concerned about relying on a key security mechanism that might stop being supported. Cisco ASA 5500-X and Firepower NGFW Series firewalls offer the advantage of being current products and also offer several technical and financial advantages in comparison to PIX 500 firewalls. These benefits include substantially higher performance, optional SSL tunneling capability, and a modular architecture that protects your investment by allowing you to self-install more security services when and if you require them. Progent's Cisco certified experts can help you to determine the strategic case for upgrading from PIX or ASA 5500 firewalls, create a migration plan that allows for a fast and non-disruptive changeover, assist you to deploy new ASA 5500-x or Firepower Series appliances, and provide remote training, consulting, and technical support services.

Other Ways Progent Can Assist You with Cisco ASA and PIX Security Appliances
Cisco Firepower Series, ASA Series, and PIX family security appliances incorporate a wealth of setup, tracking, and troubleshooting options that offer you the flexibility to deploy these firewalls to match your company's needs. Progent's CCIE authorized network experts can assist you to configure and support an efficient infrastructure that includes Cisco firewalls and that offers advanced protection, fault tolerance, performance, and recoverability. Progent's CISA and CISSP-ISSP-premier IS security engineers can help your business to create a security strategy that makes sense for your situation and can configure your security appliance to support your security strategy. Progent's risk evaluation engineers can evaluate the effectiveness of your existing firewall solution and validate the security of your whole IT environment. Progent's Technical Response Center can provide emergency remote technical support for Cisco products and can give you fast access to a Cisco CCIE network engineer.

For additional details about Progent's consulting support for Cisco products, pick a subject:

• Introduction to Cisco Network Support
• Fast and Affordable Remote Support from a Cisco CCIE Engineer
• Cisco Routers Engineering Support
• Cisco Wireless Deployment Support
• Aironet Wireless Access Points Engineering Services
• Cisco Small Business 100, 300 and 500 Wireless APs Engineering Expertise
• Cisco Catalyst Wi-Fi 6/6E APs Solution Design, Configuration and Debugging Expertise
• Cisco Wireless Controllers Support Services
• Meraki APs Design Expertise
• Cisco Unified Communications Manager (CUCM or Unified CM) and Cisco CallManager Configuration and Technical Support
• Cisco Voice over IP (VoIP) Phones and IP Video Phones Consulting Services and Cisco Wireless IP Phone Integration
• Cisco Jabber Consulting and Support Expertise
• Catalyst Switches Engineering Services
• Cisco Nexus Switches Deployment Services
• Meraki MS Switches Configuration and Maintenance Services
• Cisco VPN Integration Assistance
• SIP and CUBE Infrastructure Solutions: SIP Trunking and Cisco CUBE Integration Expertise
• Cisco Duo MFA Two-factor Authentication Services for Teleworkers
• Infrastructure Design for Cisco-based Datacenters and Colocation Centers
• Data Center Design Expertise for ISPs
• Centralized Cloud-based and Hybrid Management Strategies for Cisco Infrastructure

Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:

• Palo Alto Networks PA-Series Firewalls Consulting
• Check Point Software Consulting
• Barracuda CloudGen Firewall Consulting
• Watchguard Consulting
• Juniper Networks NetScreen and SSG Firewall Consulting
• SonicWall Consulting
• Fortinet FortiGate Firewall Consulting
• Symantec Raptor Consulting

In order to contact Progent about technical assistance for Cisco products, phone 1-800-993-9400 or see Contact Progent.