Cisco is a long-time leader in developing cutting-edge firewalls for the broadest possible range of deployments. Cisco's Firepower NGFWs Firewalls provide a modern cybersecurity solution that marshals sophisticated hardware, cloud services, and machine learning to block, identify, and mitigate threats automatically. Progent's Cisco-certified CCIE firewall consultants can help your organization to plan and carry out an efficient upgrade to Firepower firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and show you how to integrate Firepower appliances with Cisco's cloud-based services to create and centrally control IT environments that include local offices, data centers, and cloud resources. Progent's firewall consultants can also help you to manage and troubleshoot legacy Cisco firewalls. Progent's certified network security experts can assist you with policy creation driven by industry best practices so you can build a consistent and effective security posture that applies to all your networked endpoints at any location.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower NGFWs Firewalls provide a major performance boost compared to Cisco's popular ASA 5500-X firewalls and include centralized management of modern security capabilities such as application visibility and control, next-generation intrusion protection with risk prioritization, advanced malware protection (AMP), URL filtering, and multi-node sandboxing. For details about Cisco's Firepower family of Next Generation Firewalls, see Firepower Series firewalls consulting experts.
Cisco's ASA 5500-X Series and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500, and PIX firewall appliances offer combined firewall, VPN, and IPS services in compact single-box packages, delivering a wide range of features to match the security and compliance requirements of companies ranging from small and mid-size businesses to enterprises and ISPs. Cisco's ASA 5500-X Series, ASA 5500, and PIX firewall appliances allow network security teams to protect their network edge and provide secure offsite and mobile access while using powerful management tools built on Cisco's world-class firewall products.
Cisco's ASA 5500 and PIX firewall appliances have arrived at end-of-life (EOL) status but remain commonly used in smaller businesses and in some larger data centers. Cisco's ASA 5500-X Series Next-Generation Firewalls deliver substantially more bang for the buck and have supplanted Cisco's ASA 5500 and PIX 500 families of firewalls for new deployments. However, Cisco's legacy firewalls, if carefully maintained, can offer a high level of protection by providing multiple services including firewall, IPsec VPN, and IPS.
Since Cisco's acquisition of Sourcefire, the whole line of Cisco ASA 5500-X devices can be configured to support Firepower Services, built on Sourcefire's Snort technology, which is the world's most deployed network intrusion protection system. Firepower services provide enhanced capabilities such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and automation.
Progent's Cisco CCIE-premier network consultants can help your organization to maintain and debug legacy ASA 5500 and PIX 500 firewall appliances and can also help you to plan and carry out a smooth migration to Cisco's ASA 5500-X Series firewalls with Firepower Services. Progent can also help you to design, integrate, tune, manage and troubleshoot new firewall ecosystems built on Cisco's latest ASA 5500-X firewalls with Firepower Services. Progent's firewall consultants can also assist your organization to upgrade from your Cisco ASA 5500-X Series solution to Cisco's Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's extensive family of ASA 5500-X firewalls features an enhanced substitute for each rack-mountable model in the older ASA 5500 series of devices. Each ASA 5500-X firewall is suited for the identical market as the associated earlier models, which gives small and midsize businesses ample room for selecting a solution that meets their security needs and IT budgets. All ASA 5500-X firewalls build on Cisco's tested stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and are capable of running Cisco's advanced protection services. All devices in Cisco's ASA 5500-X family deliver dependable security across any mix of physical, virtual, and cloud environments.
For more information about ASA 5500-X security appliances, Cisco Firepower services, and Progent's consulting for ASA 5500-X firewalls, go to Firepower configuration and troubleshooting expertise
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls accept either software or physical modules that support Firepower Services, which offer layered protection against advanced threats. Cisco's Firepower Services are powered by technology adopted by Cisco from Sourcefire. Major capabilities of Firepower Services for ASA firewalls include:
Simpler deployments of ASA 5500-X firewalls can be efficiently managed via Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web utility which is provided with all ASA 5500-X versions. ASDM includes a convenient web console for deploying, managing, and troubleshooting ASA 5500-X appliances and modules.
For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower can be administered with Cisco's Firepower Management Center, available as one or more physical units or virtual devices. Cisco's Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, advanced IPS, URL filtering, and Advanced Malware Protection (AMP). Due to ongoing rebranding since Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been offered under various names including Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center provides capabilities unavailable with Cisco's on-device Adaptive Security Device Manager tool. Additional features include expanded context awareness, Advanced Malware Protection with mitigation for client devices, a dashboard that offers dynamic network infrastructure visualization, automated policy tuning based on risk evaluation of attacks, comprehensive IPS, custom app detectors for Application Visibility and Control (AVC), customized health alerts, improved reporting options, and application interfaces for host input and databases. Hardware-dependent options such as clustering, stacking, switching, routing, VPN, and NAT must be handled using either Cisco's ASA 5500-X on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances Firewalls leverage technology developed for the PIX 500 Security Appliance, the Cisco IPS 4200 family Intrusion Prevention System, and Cisco's VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) Firewall family to deliver a firewall that defends against the widest variety of attacks. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls deliver application security, local containment, and clean VPN connectivity across Cisco's product portfolio. This broad scope of protection enables the guarding of any network segment, which includes the most typical threat conduits such as remote sites, LAN-connected inside users, and remote connected Virtual Private Networks.
Cisco Adaptive Security Appliances (ASA) firewalls provide robust application security via intelligent, application-aware inspection processes that examine traffic at Layers 4-7. This produces a better protected environment including Web, voice, and mobile wireless access. To defend networks against application-layer attacks and to offer stronger control over the programs and protocols used in their environments, these inspection engines incorporate extensive application and protocol knowledge and rely on security enforcement technologies that include anomaly sensing and application and protocol state tracking. Also included are assault detection and remediation techniques including application/protocol command filtering and content verification. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also deliver control over IM and peer-to-peer file sharing, allowing organizations to police usage policies and recover network bandwidth for important business applications.
For additional details about Progent's consulting services for Cisco's ASA 5500 firewalls, go to ASA 5500 series firewalls integration and troubleshooting consulting.
PIX Security Appliance Series
Built around a tested, purpose-built OS that offers rich security features, Cisco PIX security appliances provide a high level of security and have been awarded Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IP Security (IPsec) qualification. PIX security appliances provide protection for a wide array of VoIP and additional multimedia conventions including H.323 v. 4, SIP, SCCP, RTSP, and Media Gateway Control Protocol, helping organizations to protect installations of a broad range of contemporary and next-generation IP voice and multimedia applications.
Administrators can furthermore remotely set up, monitor, and troubleshoot Cisco PIX firewalls using a CLI interface. Safe command-line interface communication is available using a number of methods including SSHv2 Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. PIX security appliances also have robust auto-update features, a collection of advanced protected remote-administration options that ensure security settings and software images are always current.
For additional details about Progent's support services for PIX 500 firewalls, go to Cisco PIX 500 firewalls configuration and debugging services.
Progent's Migration Support Services for Cisco Firewalls
Since Cisco has stopped selling the PIX 500 and ASA 5500 families of firewalls, many businesses are uncomfortable with depending on a critical infrastructure component that may stop being supported by Cisco. Cisco ASA 5500-X and Firepower Series firewalls have the benefit of being current devices and also bring several technical and financial benefits in comparison to PIX 500 devices. These advantages include significantly better throughput, optional SSL VPN support, and an expandable architecture that guards your investment by enabling you to add new security services whenever you require them. Progent's Cisco experts can assist you to assess the business value of for moving from PIX or Cisco ASA 5500 security appliances, design a migration process that allows for a fast and non-disruptive upgrade, assist your IT staff to deploy new ASA 5500-x or Firepower NGFW Series firewalls, and provide online, consulting, and technical support services.
Additional Ways Progent Can Help You with Cisco ASA and PIX Firewalls
Cisco's Firepower Series, ASA Series, and PIX firewalls provide an array of setup, monitoring, and analysis options which give you the ability to set up these security appliances to match your company's requirements. Progent's CCIE authorized network consultants can assist you to configure and support a cost-effective network infrastructure that incorporates Cisco firewalls and that provides advanced security, resilience, throughput, and manageability. Progent's CISA and CISM-certified IS security engineers can help your business to create a security strategy that makes sense for your business and can configure your firewall to enforce your security policies. Progent's security evaluation experts can evaluate the effectiveness of your existing firewall solution and audit the security of your entire IT network. Progent's Technical Response Center (TRC) can deliver emergency online troubleshooting for Cisco technology and offer quick access to a Cisco network engineer.
To find out more information about Progent's consulting support for Cisco networking products, choose a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To get in touch with Progent about consulting assistance for Cisco technology, call