Cisco is a long-time front-runner in developing cutting-edge firewall appliances for the broadest possible range of environments. Cisco's Firepower Next Generation Firewalls (NGFWs) provide an advanced firewall platform that marshals sophisticated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to anticipate, discover, and respond to cyber attacks automatically. Progent's Cisco-certified CCIE firewall experts can assist your organization to design and carry out a smooth migration to Cisco Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and help you integrate Firepower appliances with Cisco's subscription-based security services to create and centrally control IT environments that span branch offices, data centers, private clouds and public clouds. Progent's firewall consultants can also assist you to maintain and debug legacy Cisco firewalls. Progent's certified cybersecurity consultants can assist you with policy creation and tuning based on industry best practices so you can build a consistent cybersecurity posture across all your networked endpoints at any location.
Cisco's Firepower Next Generation Firewalls
Cisco's Firepower Next Generation Firewalls (NGFWs) deliver a major performance improvement over Cisco's previous-generation ASA 5500-X security appliances and offer unified control of modern cybersecurity features like application visibility and control (AVC), next-generation intrusion protection with intelligent prioritization of risks, advanced malware protection, DDoS mitigation, and sandboxing. For more information about Cisco's Firepower portfolio of Next Generation Firewalls, visit Firepower Series firewalls integration expertise.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500 Series, and PIX 500 firewall appliances provide integrated firewall, VPN, and IPS capabilities in compact single-box packages, delivering a wide range of features to match the security requirements of organizations ranging from small and mid-size businesses to enterprises and Internet service providers. Cisco's ASA 5500-X Series, ASA 5500, and PIX 500 firewall appliances enable IT security teams to protect their network perimeter and provide safe offsite and mobile connectivity while using powerful management mechanisms built on Cisco's world-class firewall products.
Cisco's ASA 5500 and PIX 500 firewalls have reached end-of-life but remain widely deployed in small and mid-size businesses and in a few enterprise networks. Cisco's ASA 5500-X Series Next-Generation Firewalls represent significantly more bang for the buck and have superseded the ASA 5500 and PIX families of firewalls for new deployments. Still, Cisco's older model firewall appliances, if carefully managed, continue to offer a high degree of protection by providing a variety of services such as stateful firewall, VPN tunneling, and IPS.
Following Cisco's purchase of Sourcefire, the whole line of ASA 5500-X devices can be provisioned to support Firepower Services, built on Sourcefire's Snort technology, which is the market's most popular intrusion protection system (IPS). Firepower services provide powerful new features including advanced malware protection (AMP), URL filtering, dynamic threat analytics, and security automation.
Progent's Cisco-premier network consultants can assist your organization to maintain and debug legacy ASA 5500 Series and PIX firewall appliances and can also help you to design and implement a smooth upgrade to Cisco's ASA 5500-X Series firewalls with Firepower Services. Progent can also assist you to design, deploy, tune, manage and troubleshoot new firewall solutions based on Cisco's current ASA 5500-X models with Firepower. Progent can also help you to upgrade from your Cisco ASA 5500-X Series deployment to Cisco's Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive family of ASA 5500-X firewalls features an improved substitute for each rack-mountable model in the previous ASA 5500 line of firewalls. Each ASA 5500-X model targets the identical environment as the corresponding earlier models, which offers small and midsize businesses plenty of choice for selecting a firewall that aligns with their security requirements and IT budgets. All ASA 5500-X firewalls are based on Cisco's tested stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore CPUs and support Cisco's advanced security services. All models in Cisco's ASA 5500-X family deliver dependable protection across any combination of physical, virtual, and cloud environments.
For more details about Cisco's ASA 5500-X firewalls, Cisco Firepower services, and Progent's consulting for ASA firewalls, see Cisco Firepower configuration and debugging expertise
Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X firewalls work with software or physical modules that support Cisco's Firepower Services, which offer layered defense against advanced attacks. Firepower Services are powered by innovative technology acquired by Cisco from Sourcefire. Key features of Firepower Services for ASA firewalls include:
Simpler deployments of ASA firewalls can be effectively administered via Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility included with all ASA 5500-X models. ASDM provides an easy-to-use web dashboard for configuring, managing, and troubleshooting ASA 5500-X appliances and service modules.
For multi-device and multi-site environments, ASA 5500-X firewalls with Firepower can be managed with Firepower Management Center, implemented as one or more physical units or virtual appliances. Cisco's Firepower Management Center offers centralized firewall management, Application Visibility and Control (AVC, advanced IPS, URL filtering, and Cisco's Advanced Malware Protection (AMP). Because of ongoing rebranding after Cisco's purchase of Sourcefire Defense Center, Firepower Management Center has been delivered under various names including Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Firepower Management Center offers features unavailable with Cisco's on-box Adaptive Security Device Manager tool. Extra features include greater context awareness, Cisco's Advanced Malware Protection (AMP) with mitigation for user devices, a dashboard that offers real-time infrastructure visualization, automated policy optimization based on risk assessment of attacks, comprehensive IPS, custom application discovery for Application Visibility and Control (AVC), customized health alerts, improved reporting features, and APIs for host input and databases. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be handled using Cisco's ASA 5500-X on-device ASDM or the ASA CLI.
Cisco ASA 5500 Adaptive Security Appliances
Cisco Adaptive Security Appliances Firewalls build on technology developed for Cisco's PIX 500 Series firewall, Cisco's IPS 4200 family sensor, and the Cisco VPN 3000 model concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall product line to offer a platform that stops the broadest variety of attacks. Cisco ASA Firewalls provide application protection, local containment and control, and safe Virtual Private Network connectivity across Cisco's product portfolio. This broad scope of protection enables the guarding of any network segment, which includes the most typical attack vectors like remote locations, locally-attached inside users, and off-site connected Virtual Private Networks.
Cisco ASA 5500 Series firewalls deliver a high-level of application security via intelligent, application-sensitive inspection processes that analyze traffic at Layers 4-7. The result is a better protected network including Web, voice, and 3G-mobile wireless access. To defend against application-layer assaults and to provide stronger policing of the applications and protocols used in their networks, Cisco's inspection engines integrate extensive application and protocol knowledge and rely on protection enforcement technologies such as protocol anomaly sensing and application and protocol state tracking. Also included are assault detection and remediation techniques including application and protocol command filtering and URL deobfuscation. Cisco ASA 5500 Series firewall inspection engines also deliver control over instant messaging and tunneling applications, enabling businesses to police usage policies and conserve network bandwidth for critical business processes.
For additional information about Progent's support services for ASA 5500 security appliances, visit ASA 5500 firewalls configuration and debugging support.
PIX Firewall Appliances
Based upon a tested, specialized OS that delivers rich security features, Cisco PIX firewalls offer excellent protection and have received EAL 4 status and ICSA Firewall and IPsec certification. Cisco PIX security appliances offer security for a broad array of VoIP and other multimedia conventions such as H.323 Version 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol, and Media Gateway Control Protocol, enabling businesses to protect installations of a broad range of current and next-generation VoIP and multimedia applications.
IT managers can also remotely set up, track, and analyze Cisco PIX firewalls using a command-line interface. Secure CLI interface access is available through several techniques including Secure Shell Protocol, Telnet over IP Security, and out-of-band through a console port. Cisco PIX security appliances also have robust automatic-update capabilities, a set of revolutionary protected remote-administration services that ensure security configurations and software images are kept current.
For more details about Progent's consulting services for PIX 500 firewalls, go to Cisco PIX firewalls integration and debugging support.
Progent's Migration Support for Cisco Firewalls
Since Cisco has stopped offering the PIX and ASA 5500 families of firewalls, many companies are concerned about relying on a key security component that may no longer be supported. Cisco ASA 5500-X and Firepower Series security appliances have the advantage of being new products and also bring several functions and financial advantages in comparison to PIX firewalls. These benefits include substantially better throughput, optional SSL tunneling support, and an expandable architecture that guards your investment by allowing you to add more security services when and if you require them. Progent's CCIE-certified network engineers can help your company to determine the strategic case for migrating from PIX 500 or Cisco ASA 5500 firewalls, create a migration plan that permits a quick and non-disruptive changeover, assist your IT staff to configure new ASA 5500-x or Firepower NGFW Series firewalls, and offer online, consulting, and troubleshooting services.
Other Ways Progent Can Assist You with Cisco ASA and PIX Security Appliances
Cisco's Firepower NGFW Series, ASA Series, and PIX family security appliances incorporate an array of setup, tracking, and troubleshooting options that offer you the flexibility to deploy these firewalls to match your business requirements. Progent's CCIE certified network professionals can show you how to configure and support a cost-effective network infrastructure that includes Cisco security appliances and that offers advanced protection, resilience, performance, and recoverability. Progent's CISA and CISM-premier IS security experts can assist your business to develop a security strategy that makes sense for your situation and can configure your firewall to enforce your security strategy. Progent's security evaluation professionals can assess the strength of your existing firewall deployment and validate the overall security of your whole IT environment. Progent's Technical Response Center can provide urgent online troubleshooting for Cisco products and offer fast access to a Cisco CCIE network engineer.
For additional details about Progent's consulting expertise for Cisco technology, pick a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To contact Progent about professional support for Cisco technology, call