Cisco is a long-time front-runner in developing cutting-edge firewall appliances for the broadest possible range of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) represent a modern firewall solution that marshals sophisticated hardware, cloud-based services, and machine learning to block, identify, and respond to threats automatically. Progent's Cisco-certified CCIE-certified firewall experts can assist your organization to plan and execute an efficient upgrade to Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX appliances and help you enhance Firepower firewalls with Cisco's cloud-based services to build and centrally manage IT environments that include branch offices, data centers, and cloud resources. Progent can also assist you to maintain and debug older-generation Cisco security appliances. Progent's certified cybersecurity experts can assist you with policy creation based on leading best practices in order to establish a consistent cybersecurity profile across all your networked endpoints anywhere.
Cisco's Firepower NGFW Firewalls
Cisco's Firepower Next Generation Firewalls (NGFWs) provide a major performance boost over Cisco's popular ASA 5500-X security appliances and include centralized control of advanced security capabilities such as application visibility and control (AVC), next-generation intrusion protection with risk prioritization, advanced malware protection, DDoS mitigation, and sandboxing. For more information about Cisco's Firepower family of NGFWs Firewalls, refer to Cisco Firepower firewalls integration services.
Cisco's ASA 5500-X Series and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500, and PIX firewall appliances offer integrated firewall, IPsec VPN, and intrusion prevention system (IPS) capabilities in compact single-box devices, delivering a broad array of features to meet the security and compliance requirements of companies ranging from small and mid-size businesses to enterprises and ISPs. Cisco's ASA 5500-X Series, ASA 5500, and PIX 500 firewall appliances enable network security teams to defend their network perimeter and provide safe remote access while utilizing advanced management tools based on Cisco's world-class firewall products.
Cisco's ASA 5500 Series and PIX firewalls have reached end-of-life (EOL) but are still widely deployed in small and mid-size organizations and in some larger data centers. The ASA 5500-X Next-Generation Firewalls represent substantially more value and have supplanted Cisco's ASA 5500 and PIX families of firewalls for new deployments. However, Cisco's older model firewall appliances, if carefully managed, can offer a high degree of security by supplying multiple security functions including firewall, IPsec VPN, and IPS.
Since Cisco's acquisition of Sourcefire, the entire family of ASA 5500-X devices can be provisioned to support Firepower Services, based on Sourcefire's Snort technology, which is the world's most deployed intrusion protection system (IPS). Firepower services bring powerful new features including advanced malware protection (AMP), URL filtering, real-time threat analytics, and automation.
Progent's Cisco-certified network engineers can help your organization to support and troubleshoot legacy ASA 5500 and PIX firewall appliances and can also assist you to design and implement a smooth migration to Cisco's ASA 5500-X firewalls with Firepower. Progent can also help you to plan, deploy, tune, manage and debug new firewall ecosystems built on Cisco's latest ASA 5500-X models with Firepower. Progent can also help your organization to upgrade from your Cisco ASA 5500-X Series deployment to Cisco's latest Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive line of ASA 5500-X security appliances includes an enhanced substitute for each rack-mountable unit in the older ASA 5500 series of firewalls. Each ASA 5500-X firewall is suited for the same environment as the associated previous models, which offers most ample room for picking a solution that meets their security requirements and IT budgets. All ASA 5500-X products build on Cisco's tested stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and are capable of running Cisco's advanced protection services. All models in Cisco's ASA 5500-X family deliver dependable security across any mix of physical, virtual, and cloud deployments.
For more information about ASA 5500-X firewalls, Cisco Firepower services, and Progent's support for Cisco ASA 5500-X firewalls, go to Firepower integration and debugging expertise
Cisco's Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X security appliances work with software or hardware modules that enable Cisco's Firepower Services, which provide layered protection against advanced attacks. Firepower Services are powered by technology acquired by Cisco from Sourcefire. Key features of Firepower Services for ASA 5500-X firewalls include:
Simpler implementations of Cisco ASA firewalls can be effectively administered using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web utility included with all ASA 5500-X models. ASDM includes a simple web console for configuring, administering, and troubleshooting ASA 5500-X devices and modules.
For more complex deployments, ASA 5500-X appliances with Firepower can be managed using Cisco's Firepower Management Center, implemented as one or more physical units or virtual devices. Cisco's Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, advanced IPS, URL filtering, and Advanced Malware Protection. Due to ongoing rebranding since Cisco's purchase of Sourcefire Defense Center, Firepower Management Center has been offered under various names including Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Cisco's Firepower Management Center offers capabilities unavailable with Cisco's on-device ASDM tool. Additional capabilities include greater context awareness, Advanced Malware Protection (AMP) with remediation for user devices, a dashboard that offers real-time network infrastructure visualization, automated policy tuning driven by impact assessment of threats, comprehensive IPS, custom application detectors for Application Visibility and Control (AVC), customized health notifications, enhanced reporting options, and APIs for host input and database access. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be handled via the on-box ASDM or the ASA CLI.
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco ASA 5500 Series Firewalls build on engineering behind the PIX 500 firewall, the IPS 4200 Series sensor, and Cisco's VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances (ASA) Firewall product line to deliver a platform that defends against the broadest range of threats. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls deliver application protection, network containment, and clean Virtual Private Network functionality across the entire product line. This broad scope of protection enables defense of any network section, which includes the most typical attack conduits such as remote locations, locally-attached internal users, and off-site connected Virtual Private Networks.
Cisco Adaptive Security Appliances firewalls provide robust application protection through smart, application-aware inspection engines that analyze network flows at Layers 4-7. This produces a more secure network including Web, voice, and mobile wireless connectivity. To defend networks against application-layer assaults and to offer stronger policing of the applications and protocols used in their networks, Cisco's inspection engines integrate extensive application and protocol knowledgebases and employ security enforcement solutions that include protocol anomaly sensing and application and protocol state tracking. Also included are attack sensing and remediation technology such as application/protocol command filters and content verification. Cisco ASA firewall inspection engines also deliver management of IM and tunneling applications, allowing organizations to police usage policies and free up network bandwidth for vital business processes.
For more information about Progent's consulting services for ASA 5500 security appliances, go to Cisco ASA 5500 series firewalls configuration and troubleshooting services.
Cisco PIX Firewalls
Based around a hardened, purpose-built software platform that delivers rich security features, PIX firewalls provide a high level of security and have been awarded EAL 4 status and ICSA Labs Firewall and IP Security qualification. PIX security appliances provide security for a wide range of Voice over IP and other mixed-media conventions such as H.323 v. 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol (RTSP), and MGCP, helping businesses to safeguard installations of a wide range of current and next-generation IP voice and multimedia applications.
IT managers can furthermore remotely set up, monitor, and analyze PIX security appliances via a command-line interface (CLI). Secure command-line interface (CLI) communication is possible through several techniques including Secure Shell (SSHv2) Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. PIX security appliances also have dependable automatic-update features, a set of revolutionary secure remote-management services that ensure security configurations and software images are kept up to date.
For additional details about Progent's consulting services for Cisco PIX firewalls, go to PIX firewalls integration and troubleshooting consulting.
Progent's Migration Consulting for Cisco Firewalls
Because Cisco has ceased selling the PIX and ASA 5500 product lines, many businesses are concerned about relying on a key infrastructure component that might stop being supported by Cisco. ASA 5500-X and Firepower Series firewalls have the advantage of being new devices and also offer several technical and budgetary advantages in comparison to PIX 500 firewalls. These advantages include substantially higher performance, optional Secure Sockets Layer tunneling support, and an expandable architecture that guards your investment by enabling you to add more security services when and if you need them. Progent's Cisco certified experts can assist your company to assess the strategic value of for moving from PIX or Cisco ASA 5500 firewalls, design a migration process that allows for a fast and non-disruptive upgrade, assist you to install new ASA 5500-x or Firepower Series firewalls, and offer online, consulting, and technical support services.
Additional Ways Progent Can Assist You with Cisco Firewalls
Cisco's Firepower Series, ASA Series, and PIX security appliances incorporate a wealth of configuration, monitoring, and analysis options which give you the ability to configure these firewalls to align optimally with your company's needs. Progent's CCIE certified network consultants can show you how to design a cost-effective infrastructure that includes Cisco security appliances and that provides world-class security, fault tolerance, throughput, and recoverability. Progent's GISA and CISM-premier IS security consultants can help you to create a security strategy appropriate for your environment and can configure your firewall to support your security strategy. Progent's security evaluation consultants can evaluate the strength of your current firewall solution and help determine the overall security of your whole IT environment. Progent's Technical Response Center can provide urgent remote troubleshooting for Cisco products and offer quick access to a Cisco CCIE network engineer.
To find out more information about Progent's engineering expertise for Cisco solutions, select a subject:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To ask Progent about technical expertise for Cisco products, call