Cisco is a long-time front-runner in developing state-of-the-art firewall appliances for the widest possible variety of deployments. Cisco's Firepower NGFWs Firewalls represent a modern firewall solution that marshals dedicated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to anticipate, discover, and respond to threats without manual intervention. Progent's Cisco-certified CCIE-certified firewall experts can assist your organization to plan and carry out an efficient migration to Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX firewalls and help you integrate Firepower appliances with Cisco's cloud-based services to build and centrally manage IT ecosystems that include branch offices, data centers, and cloud resources. Progent's firewall consultants can also assist you to maintain and debug legacy Cisco security appliances. Progent's certified network security experts can assist you with policy creation based on industry best practices so you can establish a consistent and effective cybersecurity profile across all your endpoints at any location.
Cisco's Firepower NGFW Firewalls
Cisco's Firepower Next Generation Firewalls (NGFWs) deliver a significant performance boost over Cisco's popular ASA 5500-X security appliances and offer unified control of modern security capabilities such as application visibility and control (AVC), next-generation intrusion protection with intelligent prioritization of risks, advanced malware protection, distributed denial of service (DDoS) mitigation, and sandboxing. For more information about Cisco's Firepower line of Next Generation Firewalls, visit Cisco Firepower Series firewalls consulting experts.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500, and PIX firewall appliances offer combined firewall, VPN, and IPS capabilities in compact single-box devices, delivering a wide array of features to match the security and compliance needs of companies from small businesses to enterprises and ISPs. Cisco's ASA 5500-X, ASA 5500 Series, and PIX firewalls enable network security teams to protect their network edge and provide secure offsite and mobile access while utilizing powerful administration tools based on Cisco's industry-leading firewall technology.
Cisco's ASA 5500 Series and PIX 500 firewall appliances have reached end-of-life status but are still commonly deployed in small and mid-size businesses and in some enterprise networks. The ASA 5500-X Next-Generation Firewalls deliver substantially more value and have superseded the ASA 5500 and PIX families of firewalls for new installations. However, Cisco's older model firewall appliances, if properly maintained, can offer a high level of security by supplying a variety of features such as firewall, Virtual Private Network (VPN) connections, and IPS.
Since Cisco's acquisition of Sourcefire, the whole line of Cisco ASA 5500-X devices can be provisioned to support Firepower Services, based on Sourcefire's Snort technology, which is the market's most deployed intrusion protection system (IPS). Firepower services provide powerful new features including advanced malware protection (AMP), URL filtering, dynamic threat analytics, and automation.
Progent's Cisco-premier network consultants can assist your organization to support and troubleshoot legacy ASA 5500 Series and PIX 500 firewalls and can also help you to design and implement an efficient upgrade to Cisco's ASA 5500-X Series firewalls with Firepower. Progent can also help you to design, integrate, optimize, manage and troubleshoot new firewall solutions built on Cisco's latest ASA 5500-X firewalls with Firepower. Progent's firewall consultants can also assist you to migrate from your Cisco ASA 5500-X Series solution to Cisco's latest Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Firewall Product Family
Cisco's comprehensive line of ASA 5500-X firewalls includes an improved substitute for each rack-mountable model in the previous ASA 5500 line of firewalls. Each ASA 5500-X firewall is suited for the identical environment as the associated previous models, which offers small and midsize businesses ample choice for picking a solution that aligns with their security needs and IT budgets. All ASA 5500-X products build on Cisco's proven stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and are capable of running Cisco's advanced security services. All models in Cisco's ASA 5500-X product line provide consistent security across any combination of physical, virtual, and cloud environments.
For more information about Cisco's ASA 5500-X firewalls, Cisco Firepower services, and Progent's consulting for Cisco ASA security appliances, see Cisco Firepower integration and troubleshooting expertise
Cisco's Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls work with either software or hardware modules that support Cisco's Firepower Services, which provide layered protection against advanced attacks. Firepower Services are based on technology acquired by Cisco from Sourcefire. Key features of Firepower Services for ASA security appliances include:
Simpler implementations of Cisco ASA firewalls can be efficiently managed via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web utility which is provided with all ASA 5500-X models. ASDM provides a convenient web console for configuring, managing, and debugging ASA 5500-X devices and service modules.
For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower Services can be managed using Firepower Management Center, implemented as one or more physical or virtual appliances. Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Advanced Malware Protection. Because of ongoing rebranding after Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names including Cisco Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center provides features unavailable with Cisco's on-box ASDM utility. Extra capabilities include expanded context awareness, Cisco's Advanced Malware Protection (AMP) with mitigation for client devices, a dashboard that provides real-time network infrastructure visualization, automated policy tuning based on impact assessment of attacks, advanced IPS, custom application discovery for Application Visibility and Control (AVC), customized health alerts, improved reporting features, and application interfaces for host input and databases. Hardware-dependent options like clustering, stacking, switching, routing, VPN, and NAT must be handled using Cisco's ASA 5500-X on-device ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances Firewalls build on technology behind the PIX 500 family firewall, the Cisco IPS 4200 sensor, and the VPN 3000 model concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall family to offer a platform that defends against the widest range of threats. Cisco Adaptive Security Appliances Firewalls provide application protection, local containment and control, and safe Virtual Private Network functionality throughout the entire product line. This breadth of security enables the guarding of any network section, including the most common attack vectors like remote locations, LAN-attached inside users, and remote access Virtual Private Networks.
Cisco ASA 5500 Series firewalls provide robust application security via smart, application-aware inspection processes that examine network flows at Layers 4-7. This results in a more secure environment covering Web, voice, and mobile wireless access. To defend against application-layer assaults and to provide better policing of the programs and protocols utilized in their environments, these inspection engines integrate broad application and protocol knowledge and employ security enforcement solutions that include anomaly detection and application and protocol state monitoring. Also included are attack detection and remediation techniques such as application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also provide management of IM and tunneling applications, allowing businesses to enforce usage policies and free up network bandwidth for critical business processes.
For more details about Progent's support services for Cisco's ASA 5500 security appliances, visit Cisco ASA 5500 series firewalls configuration and troubleshooting consulting.
PIX Firewalls
Built upon a hardened, purpose-built operating system that offers a wealth of security features, PIX firewall appliances offer a high level of security and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IP Security certification. PIX firewalls provide security for a wide array of Voice over IP and additional mixed-media conventions such as H.323 v. 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), RTSP, and MGCP, helping organizations to protect installations of a broad array of current and upcoming IP voice and multimedia applications.
Administrators can also remotely set up, track, and troubleshoot PIX firewalls using a command-line interface (CLI). Secure CLI interface communication is available using a number of methods such as Secure Shell (SSHv2) Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. Cisco PIX firewalls also include robust auto-update capabilities, a set of revolutionary secure remote-administration options that make sure that firewall settings and software images are kept current.
For additional details about Progent's consulting services for Cisco PIX security appliances, go to Cisco PIX firewalls configuration and troubleshooting support.
Progent's Migration Consulting Support for Cisco Firewalls
Because Cisco has ceased offering the PIX 500 and ASA 5500 families of firewalls, many businesses are uncomfortable with relying on a key security mechanism that may no longer be supported by Cisco. Cisco ASA 5500-X and Firepower NGFW Series security appliances offer the benefit of being current devices and also bring several technical and financial benefits in comparison to PIX 500 firewalls. These advantages include substantially higher throughput, optional SSL tunneling support, and an expandable architecture that protects your investment by allowing you to self-install new security services when and if you require them. Progent's CCIE-certified network engineers can help your company to assess the business value of for migrating from PIX or ASA 5500 security appliances, design a migration plan that allows for a fast and non-disruptive changeover, assist you to install new ASA 5500-x Series or Firepower Series firewalls, and offer remote training, consulting, and technical support services.
Additional Ways Progent Can Assist You with Cisco Firewalls
Cisco Firepower NGFW Series, ASA Series, and PIX family security appliances provide a wealth of setup, tracking, and analysis options which give you the ability to configure these firewalls to align optimally with your company's needs. Progent's CCIE authorized network experts can help you to build an efficient network infrastructure that incorporates Cisco firewall technology and that offers advanced security, resilience, performance, and manageability. Progent's GISA and CISSP-ISSP-certified IS security engineers can assist you to develop a security policy appropriate for your environment and can configure your security appliance to enforce your security policies. Progent's risk assessment engineers can evaluate the effectiveness of your current firewall solution and validate the security of your whole information system environment. Progent's Technical Response Center (TRC) can deliver emergency remote troubleshooting for Cisco technology and can give you quick access to a Cisco expert.
To find out additional information concerning Progent's engineering support for Cisco solutions, pick a topic:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To contact Progent about technical expertise for Cisco networking, call