Cisco is a perennial front-runner in delivering cutting-edge firewalls for the broadest possible variety of deployments. Cisco's Firepower NGFWs Firewalls provide a modern cybersecurity solution that marshals dedicated hardware, cloud-based services, and machine learning to block, identify, and respond to cyber attacks without manual intervention. Progent's Cisco-certified CCIE firewall experts can help you to plan and execute an efficient migration to Cisco Firepower firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX appliances and help you integrate Firepower appliances with Cisco's security services to build and centrally control network environments that include local offices, data centers, and cloud resources. Progent can also assist you to manage and troubleshoot older-generation Cisco security appliances. Progent's certified cybersecurity experts can help you with policy creation based on leading best practices so you can build a consistent cybersecurity posture across all your endpoints at any location.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower Next Generation Firewalls (NGFWs) deliver a significant performance improvement over Cisco's previous-generation ASA 5500-X security appliances and offer unified management of modern cybersecurity capabilities like application visibility and control, next-generation intrusion protection with intelligent prioritization of risks, advanced malware protection (AMP), URL filtering, and multi-node sandboxing. For details about Cisco's Firepower family of NGFWs Firewalls, see Cisco Firepower Series firewalls integration expertise.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco’s ASA 5500-X Series, ASA 5500 Series, and PIX firewall appliances provide integrated firewall, IPsec VPN, and IPS capabilities in compact single-box packages, delivering a wide range of features to meet the security requirements of companies ranging from small and mid-size businesses to enterprises and Internet service providers. Cisco’s ASA 5500-X, ASA 5500, and PIX 500 firewalls allow network security teams to defend their network edge and provide safe offsite and mobile connectivity while using powerful administration tools based on Cisco's industry-leading firewall technology.
Cisco’s ASA 5500 and PIX firewalls have arrived at end-of-life but are still commonly used in small and mid-size organizations as well as in a few larger networks. Cisco’s ASA 5500-X Series Next-Generation Firewalls deliver significantly more value and have supplanted the ASA 5500 and PIX lines of firewalls for new installations. However, Cisco's legacy firewalls, if properly managed, can deliver a high degree of security by providing multiple features including stateful firewall, Virtual Private Network (VPN) connections, and IPS.
After Cisco's purchase of Sourcefire, the entire family of ASA 5500-X firewalls can be provisioned to support Firepower Services, based on Sourcefire's Snort technology, which is the world's most deployed network intrusion protection system (IPS). Firepower services bring enhanced capabilities such as advanced malware protection (AMP), URL filtering, dynamic threat analytics, and automation.
Progent's Cisco-premier network consultants can assist you to maintain and debug older ASA 5500 and PIX firewall appliances and can also assist you to design and carry out an efficient upgrade to Cisco’s ASA 5500-X Series firewalls with Firepower Services. Progent can also help you to plan, configure, tune, manage and troubleshoot new firewall solutions based on Cisco's latest ASA 5500-X firewalls with Firepower Services. Progent's firewall consultants can also assist you to migrate from your Cisco ASA 5500-X deployment to Cisco's Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive family of ASA 5500-X security appliances features an enhanced substitute for each rack-mountable model in the previous ASA 5500 series of devices. Each ASA 5500-X model is suited for the identical market as the corresponding earlier models, which offers most ample room for picking a firewall that meets their security needs and budgets. All ASA 5500-X firewalls are based on Cisco's proven stateful-inspection firewall technology and all incorporate purpose-built 64-bit hardware with multicore CPUs and are capable of running Cisco's advanced security services. All models in Cisco's ASA 5500-X family provide consistent security across any combination of physical, virtual, and cloud deployments.
For more details about ASA 5500-X firewalls, Cisco Firepower services, and Progent's support for ASA firewalls, see Cisco Firepower integration and debugging expertise
Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X security appliances work with software or hardware modules that enable Cisco's Firepower Services, which offer layered defense against multi-vector threats. Firepower Services are powered by technology acquired by Cisco from Sourcefire. Major capabilities of Firepower Services for ASA 5500-X security appliances include:
- Layered protection against both familiar and zero-day attacks
- Advanced Malware Protection that utilizes big data techniques to find and mitigate intrusions
- A Next-Generation Intrusion Prevention System that performs contextual analysis that covers clients, network infrastructure, apps, and content to discover threats that incorporate simultaneous approaches
- Fine-grained Application Visibility and Control (AVC that is aware of thousands of apps and can automatically activate both standard and customized IPS policies depending on the severity of threats
Firepower Services for Cisco ASA 5500-X firewalls provide advanced multi-layered protection
Simpler implementations of Cisco ASA 5500-X firewalls can be efficiently managed via Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility included with all ASA 5500-X versions. ASDM provides an easy-to-use web dashboard for configuring, administering, and debugging ASA 5500-X appliances and modules.
For multi-device and multi-site environments, ASA 5500-X firewalls with Firepower Services can be administered with Cisco's Firepower Management Center, implemented as one or several physical units or virtual devices. Firepower Management Center provides centralized firewall management, Application Visibility and Control, advanced IPS, URL filtering, and Advanced Malware Protection. Because of ongoing rebranding after Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been offered under various names including Cisco Defense Center, FireSIGHT Defense Center, and Cisco Firesight Management Center.
Firepower Management Center centralizes event and policy control for Firepower firewall appliances
Firepower Management Center offers capabilities beyond those available with Cisco's on-device ASDM tool. Additional features include expanded context awareness, Cisco's Advanced Malware Protection with remediation for client devices, a console that offers dynamic network infrastructure visualization, automated policy optimization based on risk evaluation of attacks, advanced IPS, custom app detectors for Application Visibility and Control, customized health notifications, improved reporting features, and application interfaces for host input and database access. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be handled using the on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Family of Adaptive Security Appliances
Cisco ASA 5500 Series Firewalls leverage technology developed for Cisco's PIX 500 family Security Appliance, the Cisco IPS 4200 Series sensor, and the VPN 3000 Series concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall family to deliver a firewall that stops the broadest variety of attacks. Cisco ASA Firewalls deliver application security, local containment, and clean VPN functionality throughout the entire product portfolio. This broad scope of protection allows the guarding of any network area, including the most typical attack vectors like remote sites, locally-connected internal users, and remote access VPNs.
The scalable architecture of the ASA 5500 Series permits you to add services via security service modules and security service cards (SSCs). These easy-to-install options provide the ability to add Intrusion Protection and content protection services like filtering virus, spyware, and phishing assaults and executing file and web screening. Beside allowing you to respond rapidly to new threat vectors, the extensible architecture of the Cisco ASA 5500 family also protects your hardware investment by increasing the life of your security appliances. The Cisco ASA 5500 family also leverages your investment in administrative team training by supporting the familiar library of PIX 500 management tools and protocols such as the Cisco Adaptive Security Device Manager platform, secure command-line interface availability, syslog, and Simple Network Management Protocol (SNMP).
Cisco Adaptive Security Appliances (ASA) firewalls provide a high-level of application security via smart, application-sensitive inspection processes that analyze traffic at Layers 4-7. The result is a safer network including Web, voice, and mobile wireless connectivity. To protect against application-layer assaults and to offer stronger policing of the programs and protocols utilized in their networks, Cisco's inspection engines integrate extensive application and protocol knowledge and employ security enforcement technologies such as anomaly detection and state tracking. Also included are attack detection and remediation technology including application/protocol command filters and content verification. Cisco Adaptive Security Appliances 5500 Series firewall inspection engines also provide management of instant messaging and peer-to-peer file sharing, allowing organizations to enforce usage policies and conserve bandwidth for vital business processes.
For more information about Progent's support services for ASA 5500 firewalls, go to ASA 5500 firewalls integration and debugging services.
Based around a tested, specialized OS that delivers a wealth of protection features, Cisco PIX security appliances offer a high level of security and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IPsec certification. Cisco PIX firewalls offer protection for a wide array of VoIP and additional multimedia standards including H.323 Version 4, SIP, SCCP, Real-Time Streaming Protocol, and Media Gateway Control Protocol (MGCP), helping organizations to safeguard deployments of a broad array of current and upcoming Voice over IP and mixed-media applications.
PIX security appliances feature a wealth of setup, monitoring, and troubleshooting options, giving businesses the flexibility to utilize the techniques that best meet their needs. Management options include common, policy-based management utilities, integrated web-accessible management, and compatibility with remote-monitoring protocols such as Simple Network Management Protocol (SNMP) and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) interface offers a world-class Web-based management solution that significantly simplifies the deployment, ongoing modification, and tracking of a specific PIX security appliance without the need of any additional utility other than an ordinary browser and Java plug-in to be installed on a manager's computer.
Administrators can furthermore remotely configure, monitor, and troubleshoot PIX firewalls using a command-line interface. Safe command-line interface (CLI) access is available through several techniques such as Secure Shell (SSHv2) Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. Cisco PIX security appliances also include robust auto-update capabilities, a collection of revolutionary protected remote-management services that make sure that firewall configurations and software images are kept current.
For more information about Progent's consulting services for Cisco PIX 500 security appliances, see Cisco PIX 500 firewalls configuration and debugging services.
Progent's Migration Consulting for Cisco Firewalls
Since Cisco has ceased selling the PIX 500 and ASA 5500 product lines, many businesses are concerned about depending on a critical infrastructure mechanism that might stop being supported by Cisco. Cisco ASA 5500-X and Firepower NGFW Series security appliances offer the benefit of being current devices and also bring several functions and financial advantages in comparison to PIX 500 devices. These advantages include significantly higher performance, optional Secure Sockets Layer VPN capability, and a modular architecture that guards your investment by enabling you to self-install more security services when and if you need them. Progent's CCIE-certified experts can help you to determine the business value of for upgrading from PIX or Cisco ASA 5500 firewalls, design a migration process that permits a quick and seamless changeover, assist you to set up new ASA 5500-x or Firepower NGFW Series firewalls, and offer remote training, consulting, and technical support services.
Additional Ways Progent Can Assist You with Cisco ASA and PIX Security Appliances
Cisco's Firepower Series, ASA 5500 Series, and PIX family security appliances incorporate a wealth of setup, tracking, and analysis features that offer you the ability to deploy these security appliances to match your company's requirements. Progent's CCIE certified network experts can help you to configure and support a cost-effective infrastructure that includes Cisco security appliances and that provides advanced protection, resilience, throughput, and manageability. Progent's GISA and CISM-premier information security engineers can assist you to create a security policy that makes sense for your situation and can set up your security appliance to support your security strategy. Progent's security assessment consultants can evaluate the effectiveness of your current firewall solution and help determine the overall security of your entire IT network. Progent’s Technical Response Center (TRC) can deliver urgent online technical support for Cisco products and offer quick access to a Cisco expert.
To learn more information concerning Progent's consulting expertise for Cisco solutions, pick a topic:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
In order to contact Progent about engineering help for Cisco products, phone 1-800-993-9400 or refer to Contact Progent.