Cisco is a perennial leader in developing state-of-the-art firewalls for the broadest possible variety of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) represent an advanced cybersecurity solution that marshals dedicated hardware, cloud-based services, and next-generation intrusion protection system (NGIPS) to anticipate, identify, and respond to cyber attacks without manual intervention. Progent's Cisco-certified CCIE-certified firewall experts can assist you to plan and carry out a smooth upgrade to Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX appliances and show you how to enhance Firepower appliances with Cisco's security services to build and centrally manage IT environments that span branch offices, data centers, private clouds and public clouds. Progent's firewall consultants can also assist you to maintain and troubleshoot legacy Cisco firewalls. Progent's certified cybersecurity experts can assist you with policy creation driven by leading best practices in order to establish a consistent and effective cybersecurity posture that applies to all your networked devices anywhere.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower Next Generation Firewalls provide a significant performance improvement over Cisco's previous-generation ASA 5500-X firewalls and include centralized control of modern security capabilities like application visibility and control (AVC), next-generation intrusion protection with risk prioritization, advanced malware protection, distributed denial of service (DDoS) mitigation, and sandboxing. For details about Cisco's Firepower line of NGFWs Firewalls, visit Cisco Firepower firewalls consulting experts.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500 Series, and PIX firewall appliances offer integrated firewall, IPsec VPN, and IPS capabilities in single-box packages, delivering a broad array of features to meet the security needs of organizations from small and mid-size businesses to enterprises and ISPs. Cisco's ASA 5500-X, ASA 5500 Series, and PIX firewall appliances enable network security teams to protect their network perimeter and offer secure offsite and mobile access while utilizing powerful management tools built on Cisco's world-class firewall technology.
Cisco's ASA 5500 and PIX 500 firewall appliances have arrived at end-of-life status but are still widely deployed in small and mid-size organizations and in some larger data centers. The ASA 5500-X Series Next-Generation Firewalls represent substantially more bang for the buck and have superseded Cisco's ASA 5500 and PIX lines of firewalls for new deployments. Still, Cisco's legacy firewalls, if carefully maintained, continue to offer a high degree of security by supplying a variety of security functions including stateful firewall, IPsec VPN, and IPS.
Following Cisco's purchase of Sourcefire, the entire line of ASA 5500-X firewalls can be configured to support Firepower Services, based on Sourcefire's Snort technology, which is the world's most popular network intrusion protection system. Firepower services bring powerful new capabilities such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-certified network engineers can assist your organization to support and troubleshoot legacy ASA 5500 Series and PIX 500 firewall appliances and can also assist you to plan and implement a smooth upgrade to Cisco's ASA 5500-X firewalls with Firepower. Progent can also assist you to design, integrate, tune, administer and troubleshoot new firewall ecosystems built on Cisco's latest ASA 5500-X firewalls with Firepower Services. Progent's firewall consultants can also assist you to migrate from your Cisco ASA 5500-X deployment to Cisco's Firepower Next Generation Firewalls (NGFWs).
Cisco's ASA 5500-X Series Firewalls
Cisco's extensive family of ASA 5500-X security appliances features an improved replacement for each rack-mountable unit in the older ASA 5500 generation of firewalls. Each ASA 5500-X model targets the same environment as the corresponding earlier models, which gives most plenty of choice for picking a firewall that meets their security requirements and budgets. All ASA 5500-X firewalls build on Cisco's proven stateful-inspection firewall technology and all incorporate purpose-built 64-bit hardware with multicore processors and support Cisco's powerful security services. All devices in Cisco's ASA 5500-X product line provide dependable security across any combination of physical, virtual, and cloud deployments.
For more details about Cisco's ASA 5500-X firewalls, Cisco Firepower services, and Progent's support for ASA 5500-X security appliances, see Firepower configuration and troubleshooting consulting
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X security appliances accept either software or hardware modules that enable Cisco's Firepower Services, which offer layered protection against multi-vector attacks. Cisco's Firepower Services are based on innovative technology adopted by Cisco from Sourcefire. Major capabilities of Firepower Services for ASA 5500-X firewalls include:
Simpler deployments of Cisco ASA firewalls can be effectively administered using Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool which is provided with all ASA 5500-X models. ASDM provides a convenient web console for deploying, administering, and troubleshooting ASA 5500-X appliances and modules.
For more complex deployments, ASA 5500-X appliances with Firepower Services can be managed using Firepower Management Center, available as one or several physical units or virtual appliances. Cisco's Firepower Management Center provides centralized firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Advanced Malware Protection. Because of ongoing rebranding since Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names that include Cisco Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center provides features unavailable with Cisco's on-device ASDM utility. Extra features include greater context awareness, Cisco's Advanced Malware Protection with mitigation for client devices, a dashboard that provides dynamic infrastructure visualization, automated policy tuning driven by impact assessment of threats, comprehensive IPS, custom app detectors for Application Visibility and Control, customized health alerts, improved reporting options, and APIs for host input and database access. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be handled via the on-box ASDM or the ASA 5500-X command line interface.
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco Adaptive Security Appliances (ASA) Firewalls build on technology developed for Cisco's PIX 500 firewall, the Cisco IPS 4200 Series sensor, and the Cisco VPN 3000 family concentrator. These technologies enable the Cisco Adaptive Security Appliances (ASA) Firewall product line to deliver a platform that stops the widest range of attacks. Cisco ASA Firewalls provide application protection, local containment, and safe VPN connectivity throughout Cisco's product portfolio. This broad scope of protection enables the guarding of any network segment, including the most common threat conduits like remote locations, locally-attached inside users, and off-site connected Virtual Private Networks.
Cisco Adaptive Security Appliances 5500 Series firewalls deliver robust application protection through smart, application-sensitive inspection engines that analyze traffic at Layers 4-7. The result is a more secure environment including Web, voice, and mobile wireless connectivity. To defend networks against application-layer assaults and to offer better control over the programs and protocols utilized in their environments, these inspection engines integrate broad application and protocol knowledgebases and employ security enforcement solutions such as anomaly detection and state tracking. Also incorporated are attack detection and mitigation techniques such as application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also deliver management of instant messaging and peer-to-peer file sharing, enabling organizations to enforce usage policies and recover network bandwidth for vital business processes.
For additional information about Progent's consulting services for Cisco's ASA 5500 security appliances, visit ASA 5500 firewalls configuration and debugging support.
PIX Firewalls
Based around a hardened, purpose-built OS that delivers rich protection services, Cisco PIX firewalls provide excellent security and have received Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IP Security (IPsec) certification. PIX security appliances provide security for a wide range of Voice over IP and additional mixed-media standards such as H.323 Version 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol, and MGCP, enabling businesses to protect installations of a broad range of current and next-generation Voice over IP and video applications.
Administrators can furthermore remotely configure, monitor, and troubleshoot Cisco PIX security appliances using a command-line interface (CLI). Safe command-line interface (CLI) access is possible through several techniques including Secure Shell (SSHv2) Protocol, Telnet over IPsec, and out-of-band through a console port. PIX firewalls also include dependable auto-update capabilities, a collection of revolutionary protected remote-administration options that make sure that security configurations and software images are always current.
For more information about Progent's support services for PIX 500 firewalls, visit PIX 500 firewalls integration and debugging support.
Progent's Migration Support Services for Cisco Firewalls
Since Cisco has discontinued offering the PIX 500 and ASA 5500 families of firewalls, many businesses are uncomfortable with relying on a critical security component that might no longer be supported. Cisco ASA 5500-X and Firepower Series security appliances offer the benefit of being current devices and also bring several functions and budgetary advantages in comparison to PIX firewalls. These benefits include significantly higher performance, optional SSL tunneling support, and a modular architecture that protects your investment by allowing you to self-install new security services when and if you need them. Progent's CCIE-certified network engineers can assist you to determine the business case for migrating from PIX 500 or ASA 5500 firewalls, create a migration plan that permits a fast and seamless changeover, assist your IT staff to deploy new ASA 5500-x Series or Firepower NGFW Series appliances, and offer remote training, consulting, and troubleshooting services.
Other Ways Progent Can Help Your Business with Cisco ASA and PIX Security Appliances
Cisco's Firepower NGFW Series, ASA Series, and PIX family firewalls provide an array of setup, tracking, and analysis options that give you the flexibility to deploy these firewalls to match your company's requirements. Progent's CCIE authorized network experts can assist you to build a cost-effective network infrastructure that includes Cisco firewalls and that provides world-class protection, resilience, performance, and recoverability. Progent's CISA and CISM-premier information security consultants can help you to develop a security policy appropriate for your situation and can set up your PIX or ASA firewall to support your security policies. Progent's risk evaluation consultants can evaluate the effectiveness of your current firewall solution and help determine the overall security of your whole IS network. Progent's Technical Response Center (TRC) can provide emergency online troubleshooting for Cisco products and offer quick access to a Cisco expert.
To see additional information concerning Progent's professional help for Cisco products, select a subject:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
In order to get in touch with Progent about engineering support for Cisco products, phone