Cisco is a perennial leader in developing cutting-edge firewalls for the widest possible variety of environments. Cisco's Firepower Next Generation Firewalls (NGFWs) represent an advanced firewall solution that combines dedicated hardware, cloud-based services, and machine learning to anticipate, discover, and mitigate cyber attacks automatically. Progent's Cisco-certified CCIE-certified firewall consultants can assist you to plan and execute a smooth migration to Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX appliances and show you how to integrate Firepower firewalls with Cisco's security services to create and centrally control IT environments that include branch offices, data centers, private clouds and public clouds. Progent can also assist you to manage and debug legacy Cisco firewalls. Progent's certified cybersecurity experts can assist you with policy creation driven by industry best practices in order to establish a consistent and effective security profile that applies to all your devices at any location.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower NGFWs Firewalls provide a major performance improvement compared to Cisco's previous-generation ASA 5500-X firewalls and include unified management and automation of modern security capabilities such as application visibility and control, next-generation intrusion protection (NGIPS) with intelligent prioritization of risks, advanced malware protection, URL filtering, and multi-node sandboxing. For details about Cisco's Firepower portfolio of Next Generation Firewalls, refer to Firepower firewalls integration expertise.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500 Series, and PIX firewalls offer integrated firewall, IPsec VPN, and intrusion prevention system (IPS) services in compact single-box packages, delivering a broad range of features to meet the security and compliance needs of organizations ranging from small and mid-size businesses to enterprises and Internet service providers. Cisco's ASA 5500-X Series, ASA 5500 Series, and PIX firewalls enable IT security teams to defend their network edge and offer secure remote connectivity while utilizing advanced management tools built on Cisco's world-class firewall products.
Cisco's ASA 5500 and PIX firewall appliances have arrived at end-of-life status but are still widely deployed in small and mid-size organizations as well as in a few enterprise networks. The ASA 5500-X Next-Generation Firewalls represent substantially more value and have supplanted Cisco's ASA 5500 and PIX 500 families of firewalls for new deployments. However, Cisco's older model firewall appliances, if carefully maintained, can offer a high degree of protection by supplying multiple services including firewall, VPN, and IPS.
After Cisco's purchase of Sourcefire, the whole family of ASA 5500-X firewalls can be provisioned to enable Firepower Services, based on Sourcefire's Snort product, which is the world's most deployed network intrusion protection system (IPS). Firepower services bring enhanced features such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-premier infrastructure engineers can help you to support and troubleshoot legacy ASA 5500 Series and PIX 500 firewall appliances and can also help you to plan and carry out a smooth upgrade to Cisco's ASA 5500-X Series firewalls with Firepower. Progent can also help you to plan, deploy, tune, administer and debug new firewall ecosystems based on Cisco's latest ASA 5500-X firewalls with Firepower Services. Progent can also help your organization to upgrade from your Cisco ASA 5500-X Series solution to Cisco's latest Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Firewall Product Family
Cisco's comprehensive family of ASA 5500-X security appliances includes an enhanced replacement for each rack-mountable unit in the older ASA 5500 generation of devices. Each ASA 5500-X model targets the same environment as the associated earlier models, which offers small and midsize businesses ample room for selecting a solution that meets their security requirements and IT budgets. All ASA 5500-X firewalls are based on Cisco's proven stateful-inspection firewall technology and all include 64-bit hardware with multicore CPUs and support Cisco's powerful security services. All models in Cisco's ASA 5500-X family deliver dependable security across any mix of physical, virtual, and cloud deployments.
For more information about ASA 5500-X security appliances, Cisco Firepower services, and Progent's support for ASA firewalls, see Cisco Firepower configuration and debugging expertise
Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X firewalls accept either software or physical modules that enable Firepower Services, which offer layered defense against multi-vector attacks. Firepower Services are powered by innovative technology acquired by Cisco from Sourcefire. Key capabilities of Firepower Services for ASA 5500-X firewalls include:
Simpler implementations of Cisco ASA 5500-X firewalls can be efficiently managed via Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility which is provided with all ASA 5500-X versions. ASDM includes an easy-to-use web dashboard for configuring, administering, and troubleshooting ASA 5500-X appliances and modules.
For more complex deployments, ASA 5500-X firewalls with Firepower can be administered using Firepower Management Center, implemented as one or several physical or virtual appliances. Cisco's Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection (AMP). Because of frequent rebranding since Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under various names that include Cisco Defense Center, FireSIGHT Defense Center, and Cisco Firesight Management Center.
Firepower Management Center offers features beyond those available with Cisco's on-device Adaptive Security Device Manager utility. Extra capabilities include expanded context awareness, Advanced Malware Protection (AMP) with remediation for client devices, a console that offers dynamic network infrastructure visualization, automated policy tuning based on risk assessment of threats, comprehensive IPS, custom application discovery for Application Visibility and Control (AVC), customized health notifications, enhanced reporting options, and application interfaces for host input and databases. Hardware-dependent features such as clustering, stacking, switching, routing, VPN, and NAT must be handled via Cisco's ASA 5500-X on-box ASDM or the ASA command line interface.
Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances 5500 Series Firewalls leverage technology behind the Cisco PIX 500 family Security Appliance, the Cisco IPS 4200 family sensor, and the Cisco VPN 3000 family concentrator. These technologies enable the Cisco Adaptive Security Appliances Firewall product line to offer a firewall that stops the broadest range of threats. Cisco Adaptive Security Appliances 5500 Series Firewalls deliver program protection, local containment, and clean Virtual Private Network functionality across Cisco's product portfolio. This breadth of protection enables the guarding of any network section, including the most common threat vectors such as remote sites, locally-attached internal users, and remote connected Virtual Private Networks.
Cisco ASA 5500 Series firewalls deliver a high-level of application protection via intelligent, application-sensitive inspection processes that analyze traffic at Layers 4-7. This results in a better protected environment covering Web, voice, and mobile wireless services. To protect against application-layer attacks and to provide stronger policing of the programs and protocols used in their environments, these inspection engines incorporate extensive application and protocol knowledgebases and rely on protection enforcement solutions such as anomaly sensing and application and protocol state tracking. Also included are assault detection and mitigation technology including application/protocol command filters and content verification. Cisco ASA 5500 Series firewall inspection engines also deliver control over instant messaging and peer-to-peer file sharing, enabling businesses to police usage policies and conserve network bandwidth for critical business processes.
For more details about Progent's consulting services for ASA 5500 firewalls, go to ASA 5500 series firewalls configuration and debugging support.
Cisco PIX Firewall Appliances
Built upon a hardened, specialized OS that delivers rich protection features, Cisco PIX firewall appliances offer a high level of protection and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IPsec certification. Cisco PIX firewall appliances offer security for a broad range of VoIP and additional mixed-media conventions including H.323 Version 4, SIP, Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol, enabling organizations to protect installations of a wide range of current and next-generation VoIP and multimedia applications.
Administrators can also remotely set up, track, and analyze Cisco PIX firewalls using a command-line interface. Safe command-line interface (CLI) access is possible using several methods including Secure Shell (SSHv2) Protocol, Telnet through IPsec, and out-of-band through a console port. PIX firewalls also have robust automatic-update capabilities, a collection of revolutionary protected remote-administration services that ensure security configurations and software images are always current.
For additional information about Progent's support services for Cisco PIX 500 security appliances, visit Cisco PIX 500 firewalls integration and troubleshooting services.
Progent's Migration Consulting for Cisco Firewalls
Since Cisco has discontinued offering the PIX 500 and ASA 5500 families of firewalls, many companies are uncomfortable with relying on a key infrastructure mechanism that may stop being supported by Cisco. Cisco ASA 5500-X and Firepower NGFW Series security appliances have the advantage of being new products and also offer several technical and financial advantages in comparison to PIX devices. These benefits include significantly higher throughput, optional Secure Sockets Layer VPN capability, and an expandable design that protects your investment by allowing you to self-install more security features when and if you require them. Progent's Cisco certified experts can assist you to determine the strategic value of for moving from PIX 500 or Cisco ASA 5500 security appliances, create a migration plan that permits a quick and non-disruptive upgrade, help your IT staff to set up new ASA 5500-x or Firepower Series appliances, and offer remote training, consulting, and technical support services.
Other Ways Progent Can Help You with Cisco Firewalls
Cisco Firepower NGFW Series, ASA 5500 Series, and PIX security appliances provide a wealth of setup, tracking, and analysis options which offer you the flexibility to configure these firewalls to align optimally with your company's requirements. Progent's CCIE certified network consultants can help you to design an efficient network infrastructure that includes Cisco security appliances and that offers advanced security, resilience, throughput, and recoverability. Progent's CISA and CISM-premier information security engineers can help you to create a security strategy that makes sense for your situation and can set up your firewall to enforce your security policies. Progent's risk evaluation engineers can evaluate the strength of your existing firewall solution and validate the overall security of your whole IS network. Progent's Technical Response Center (TRC) can deliver emergency remote technical support for Cisco technology and can give you quick access to a Cisco network engineer.
To learn more information concerning Progent's professional help for Cisco technology, choose a topic:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
In order to get in touch with Progent about engineering help for Cisco products, call