Cisco is a perennial leader in delivering cutting-edge firewall appliances for the broadest possible range of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) provide a modern cybersecurity solution that combines dedicated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to block, identify, and mitigate threats without manual intervention. Progent's Cisco-certified CCIE-certified firewall consultants can assist you to plan and execute a smooth upgrade to Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and show you how to integrate Firepower firewalls with Cisco's security services to build and centrally control network environments that span local offices, data centers, private clouds and public clouds. Progent's firewall consultants can also assist you to manage and troubleshoot legacy Cisco firewalls. Progent's certified cybersecurity experts can assist you with policy creation and tuning based on leading best practices in order to establish a consistent and effective cybersecurity profile that applies to all your endpoints at any location.
Cisco's Firepower Next Generation Firewalls
Cisco's Firepower Next Generation Firewalls deliver a major performance boost over Cisco's previous-generation ASA 5500-X security appliances and offer centralized control of modern security features like application visibility and control (AVC), next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection, distributed denial of service (DDoS) mitigation, and sandboxing. For details about Cisco's Firepower portfolio of Next Generation Firewalls, refer to Firepower firewalls integration services.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500, and PIX firewalls provide integrated firewall, VPN, and intrusion prevention system (IPS) services in single-box devices, delivering a broad range of features to match the security and compliance needs of companies from small and mid-size businesses to enterprises and ISPs. Cisco's ASA 5500-X Series, ASA 5500 Series, and PIX 500 firewall appliances allow network security teams to protect their network edge and offer secure offsite and mobile connectivity while utilizing powerful management mechanisms built on Cisco's world-class firewall technology.
Cisco's ASA 5500 and PIX 500 firewalls have reached end-of-life status but remain widely deployed in small and mid-size organizations as well as in a few larger data centers. Cisco's ASA 5500-X Next-Generation Firewalls represent significantly more bang for the buck and have superseded Cisco's ASA 5500 and PIX lines of firewalls for new installations. Still, Cisco's legacy firewalls, if properly managed, continue to offer a high level of protection by providing a variety of security functions including stateful firewall, VPN, and IPS.
After Cisco's purchase of Sourcefire, the entire family of Cisco ASA 5500-X devices can be provisioned to support Firepower Services, based on Sourcefire's Snort technology, which is the market's most deployed intrusion protection system. Firepower services bring enhanced capabilities such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and automation.
Progent's Cisco-certified network consultants can assist you to support and troubleshoot older ASA 5500 Series and PIX firewall appliances and can also help you to plan and implement a smooth upgrade to Cisco's ASA 5500-X firewalls with Firepower. Progent can also assist you to design, configure, tune, manage and debug new firewall solutions built on Cisco's current ASA 5500-X firewalls with Firepower Services. Progent's firewall consultants can also help you to upgrade from your Cisco ASA 5500-X solution to Cisco's latest Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's extensive line of ASA 5500-X firewalls features an enhanced replacement for each rack-mountable model in the older ASA 5500 generation of firewalls. Each ASA 5500-X firewall is suited for the identical environment as the corresponding earlier models, which gives most ample room for selecting a solution that meets their security needs and budgets. All ASA 5500-X products are based on Cisco's tested stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore CPUs and support Cisco's powerful protection services. All models in Cisco's ASA 5500-X family deliver dependable protection across any mix of physical, virtual, and cloud environments.
For additional information about Cisco's ASA 5500-X security appliances, Firepower services, and Progent's consulting for Cisco ASA security appliances, see Cisco Firepower configuration and debugging consulting
Cisco's Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls accept software or hardware modules that enable Cisco's Firepower Services, which offer layered defense against advanced threats. Cisco's Firepower Services are based on technology acquired by Cisco from Sourcefire. Key capabilities of Firepower Services for ASA security appliances include:
Smaller deployments of Cisco ASA 5500-X firewalls can be efficiently managed using Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool included with all ASA 5500-X versions. ASDM includes a convenient web dashboard for configuring, administering, and debugging ASA 5500-X firewalls and modules.
For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower Services can be administered using Cisco's Firepower Management Center, available as one or several physical units or virtual devices. Cisco's Firepower Management Center offers centralized firewall management, Application Visibility and Control, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Due to frequent rebranding after Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names including Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center provides features unavailable with Cisco's on-box ASDM tool. Extra capabilities include greater context awareness, Advanced Malware Protection (AMP) with mitigation for client devices, a console that provides real-time network infrastructure visualization, automated policy tuning driven by risk assessment of attacks, advanced IPS, custom application discovery for Application Visibility and Control, customized health alerts, improved reporting features, and APIs for host input and databases. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be managed via the on-device ASDM or the ASA command line interface.
Cisco ASA 5500 Adaptive Security Appliances
Cisco Adaptive Security Appliances Firewalls build on technology developed for the Cisco PIX 500 family Security Appliance, the Cisco IPS 4200 Intrusion Prevention System, and the VPN 3000 family concentrator. These solutions converge on the Cisco Adaptive Security Appliances (ASA) Firewall family to offer a platform that defends against the widest range of threats. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls deliver application protection, local containment, and safe Virtual Private Network functionality across the entire product line. This broad scope of security allows the guarding of any network segment, which includes the most typical attack conduits like remote locations, LAN-attached internal users, and remote access VPNs.
Cisco ASA 5500 Series firewalls provide robust application security via smart, application-sensitive inspection processes that analyze traffic at Layers 4-7. This results in a safer network covering Web, voice, and mobile wireless services. To protect networks against application-layer assaults and to offer better policing of the programs and protocols utilized in their environments, Cisco's inspection engines integrate broad application and protocol knowledge and employ protection enforcement solutions such as anomaly sensing and application and protocol state tracking. Also included are assault sensing and remediation techniques including application and protocol command filtering and URL deobfuscation. Cisco ASA 5500 Series firewall inspection engines also deliver management of instant messaging and peer-to-peer file sharing, allowing businesses to police usage policies and preserve network bandwidth for critical business applications.
For more details about Progent's consulting services for ASA 5500 security appliances, see ASA 5500 series firewalls integration and debugging consulting.
Cisco PIX Firewall Appliances
Built around a tested, purpose-built software platform that offers a wealth of protection services, Cisco PIX firewall appliances offer excellent security and have earned EAL 4 status and ICSA Labs Firewall and IPsec certification. PIX security appliances provide security for a wide range of VoIP and other mixed-media conventions including H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol (SCCP), RTSP, and Media Gateway Control Protocol, enabling businesses to protect installations of a broad array of contemporary and upcoming IP voice and video applications.
Administrators can furthermore remotely configure, monitor, and troubleshoot PIX security appliances via a CLI interface. Secure command-line interface (CLI) communication is available using a number of techniques such as SSHv2 Protocol, Telnet over IP Security, and out-of-band via a console port. Cisco PIX firewall appliances also include dependable auto-update features, a set of revolutionary secure remote-management services that ensure firewall settings and software images are kept current.
For additional information about Progent's support services for PIX 500 security appliances, visit PIX 500 firewalls integration and debugging support.
Progent's Migration Support for Cisco Firewalls
Since Cisco has ceased offering the PIX and ASA 5500 families of firewalls, many businesses are concerned about relying on a key security component that might stop being supported. Cisco ASA 5500-X and Firepower NGFW Series firewalls offer the benefit of being current products and also offer a number of technical and budgetary advantages in comparison to PIX firewalls. These benefits include substantially better performance, optional SSL tunneling support, and an expandable design that protects your investment by allowing you to add new security services whenever you need them. Progent's Cisco network engineers can help you to assess the strategic case for migrating from PIX 500 or Cisco ASA 5500 firewalls, design a migration process that permits a fast and seamless upgrade, assist your IT staff to deploy new ASA 5500-x or Firepower NGFW Series appliances, and offer online, consulting, and technical support services.
Other Ways Progent Can Help Your Business with Cisco ASA and PIX Security Appliances
Cisco's Firepower NGFW Series, ASA Series, and PIX security appliances incorporate an array of setup, monitoring, and analysis options that give you the ability to configure these security appliances to match your company's needs. Progent's CCIE authorized network professionals can show you how to configure and support an efficient network infrastructure that includes Cisco firewalls and that offers world-class protection, fault tolerance, throughput, and manageability. Progent's GISA and CISM-certified IS security professionals can assist your business to develop a security strategy appropriate for your business and can set up your security appliance to enforce your security policies. Progent's risk assessment professionals can evaluate the strength of your current firewall solution and audit the overall security of your whole IS environment. Progent's Technical Response Center can deliver urgent online technical support for Cisco products and offer fast access to a Cisco network engineer.
For additional details about Progent's engineering expertise for Cisco solutions, select a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To ask Progent about professional support for Cisco networking, phone