Cisco is a long-time leader in developing cutting-edge firewall appliances for the widest possible variety of deployments. Cisco's Firepower Next Generation Firewalls provide an advanced firewall platform that combines dedicated hardware, cloud services, and machine learning to anticipate, discover, and mitigate cyber attacks automatically. Progent's Cisco-certified CCIE-certified firewall experts can assist your organization to plan and execute an efficient upgrade to Cisco Firepower firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX firewalls and show you how to enhance Firepower firewalls with Cisco's subscription-based security services to build and centrally control IT environments that span branch offices, data centers, and cloud resources. Progent's firewall consultants can also assist you to manage and debug older-generation Cisco firewalls. Progent's certified cybersecurity consultants can help you with policy creation and tuning based on industry best practices in order to establish a consistent security profile that applies to all your devices at any location.
Cisco's Firepower Next Generation Firewalls
Cisco's Firepower Next Generation Firewalls (NGFWs) deliver a significant performance boost over Cisco's previous-generation ASA 5500-X firewalls and include centralized management and automation of advanced cybersecurity features such as application visibility, next-generation intrusion protection with risk prioritization, advanced malware protection (AMP), URL filtering, and sandboxing. For more information about Cisco's Firepower portfolio of Next Generation Firewalls, refer to Cisco Firepower Series firewalls integration expertise.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500, and PIX firewall appliances offer combined firewall, VPN, and intrusion prevention system (IPS) services in compact single-box packages, delivering a broad range of features to match the security needs of companies from small and mid-size businesses to enterprises and Internet service providers. Cisco's ASA 5500-X, ASA 5500, and PIX 500 firewalls allow network security staffs to defend their network perimeter and offer safe offsite and mobile access while using powerful administration tools based on Cisco's industry-leading firewall products.
Cisco's ASA 5500 Series and PIX 500 firewalls have arrived at end-of-life but remain commonly used in small and mid-size organizations as well as in a few enterprise networks. Cisco's ASA 5500-X Series Next-Generation Firewalls deliver significantly more value and have superseded the ASA 5500 and PIX 500 families of firewalls for new installations. However, Cisco's legacy firewall appliances, if properly maintained, can deliver a high degree of protection by supplying a variety of services including stateful firewall, IPsec VPN, and IPS.
After Cisco's acquisition of Sourcefire, the whole line of Cisco ASA 5500-X firewalls can be configured to enable Firepower Services, based on Sourcefire's Snort technology, which is the market's most popular intrusion protection system. Firepower services bring enhanced features including advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco-premier infrastructure engineers can help you to maintain and troubleshoot older ASA 5500 and PIX firewall appliances and can also help you to design and carry out an efficient migration to Cisco's ASA 5500-X firewalls with Firepower Services. Progent can also assist you to design, integrate, optimize, manage and debug new firewall solutions built on Cisco's current ASA 5500-X models with Firepower Services. Progent can also assist you to migrate from your Cisco ASA 5500-X Series solution to Cisco's Firepower Next Generation Firewalls (NGFWs).
Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive line of ASA 5500-X security appliances features an improved replacement for each rack-mountable unit in the previous ASA 5500 generation of devices. Each ASA 5500-X firewall targets the same market as the associated earlier models, which gives small and midsize businesses ample choice for picking a solution that meets their security needs and IT budgets. All ASA 5500-X products are based on Cisco's tested stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore CPUs and are capable of running Cisco's advanced security services. All devices in Cisco's ASA 5500-X family provide consistent security across any mix of physical, virtual, and cloud deployments.
For more information about Cisco's ASA 5500-X security appliances, Cisco Firepower services, and Progent's consulting for Cisco ASA 5500-X security appliances, go to Firepower configuration and debugging consulting
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls accept either software or hardware modules that enable Firepower Services, which provide layered protection against advanced attacks. Firepower Services are powered by technology acquired by Cisco from Sourcefire. Key capabilities of Firepower Services for ASA security appliances include:
Smaller implementations of ASA firewalls can be effectively administered via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility provided with all ASA 5500-X models. ASDM includes an easy-to-use web console for deploying, managing, and troubleshooting ASA 5500-X appliances and modules.
For more complex environments, ASA 5500-X appliances with Firepower can be administered with Firepower Management Center, implemented as one or more physical units or virtual appliances. Cisco's Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, advanced IPS, URL filtering, and Advanced Malware Protection (AMP). Due to frequent rebranding since Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under various names including Defense Center, FireSIGHT Defense Center, and FireSIGHT Management Center.
Cisco's Firepower Management Center provides capabilities unavailable with Cisco's on-device ASDM tool. Additional capabilities include expanded context awareness, Advanced Malware Protection (AMP) with mitigation for client devices, a console that offers real-time network visualization, automated policy tuning based on impact evaluation of threats, comprehensive IPS, custom app detectors for Application Visibility and Control, customized health notifications, enhanced reporting options, and application interfaces for host input and databases. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be handled using either Cisco's ASA 5500-X on-device ASDM or the ASA 5500-X command line interface.
Cisco ASA 5500 Family of Firewalls
Cisco Adaptive Security Appliances 5500 Series Firewalls leverage engineering behind the Cisco PIX 500 firewall, the IPS 4200 Series Intrusion Prevention System, and the VPN 3000 Series concentrator. These solutions converge on the Cisco Adaptive Security Appliances (ASA) Firewall product line to deliver a platform that stops the broadest variety of threats. Cisco Adaptive Security Appliances Firewalls deliver program security, local containment and control, and clean VPN connectivity throughout Cisco's product portfolio. This breadth of security enables defense of any network segment, which includes the most common attack conduits like remote sites, locally-attached inside users, and off-site access VPNs.
Cisco ASA firewalls provide a high-level of application security through smart, application-aware inspection processes that analyze traffic at Layers 4-7. This produces a safer environment including Web, voice, and 3G-mobile wireless access. To protect networks against application-layer assaults and to offer stronger control over the applications and protocols utilized in their environments, Cisco's inspection engines integrate broad application and protocol knowledge and rely on protection enforcement solutions such as anomaly detection and state monitoring. Also incorporated are attack detection and mitigation techniques including application/protocol command filters and content verification. Cisco Adaptive Security Appliances firewall inspection engines also deliver management of instant messaging and tunneling applications, enabling businesses to enforce usage policies and conserve network bandwidth for critical business applications.
For additional information about Progent's support services for ASA 5500 firewalls, visit Cisco ASA 5500 firewalls configuration and debugging support.
Cisco PIX Security Appliance Series
Based upon a hardened, specialized software platform that offers rich protection services, PIX firewall appliances offer a high level of security and have received Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Firewall and IP Security (IPsec) certification. PIX firewalls offer protection for a broad array of VoIP and additional mixed-media standards including H.323 v. 4, SIP, Cisco Skinny Client Control Protocol (SCCP), RTSP, and MGCP, helping businesses to safeguard deployments of a broad range of current and next-generation Voice over IP and mixed-media applications.
Administrators can furthermore remotely set up, monitor, and analyze Cisco PIX firewall appliances via a CLI interface. Safe command-line interface (CLI) access is possible through several techniques such as Secure Shell (SSHv2) Protocol, Telnet over IP Security, and out-of-band via a console port. PIX security appliances also have dependable auto-update features, a set of advanced secure remote-administration services that ensure firewall configurations and software images are kept up to date.
For more details about Progent's consulting services for PIX firewalls, go to Cisco PIX 500 firewalls configuration and troubleshooting services.
Progent's Migration Support Services for Cisco Firewalls
Because Cisco has stopped selling the PIX 500 and ASA 5500 families of firewalls, many companies are concerned about relying on a critical infrastructure component that might no longer be supported. ASA 5500-X and Firepower NGFW Series security appliances have the advantage of being current products and also offer a number of functions and economic advantages in comparison to PIX devices. These advantages include significantly higher throughput, optional Secure Sockets Layer VPN capability, and a modular architecture that protects your investment by allowing you to self-install new security features when and if you require them. Progent's Cisco network engineers can help your company to assess the strategic value of for migrating from PIX or ASA 5500 firewalls, design a migration plan that permits a fast and non-disruptive changeover, assist you to configure new ASA 5500-x Series or Firepower NGFW Series firewalls, and provide remote training, consulting, and troubleshooting services.
Other Ways Progent Can Help Your Business with Cisco Firewalls
Cisco Firepower Series, ASA 5500 Series, and PIX family firewalls provide an array of configuration, monitoring, and analysis options that offer you the ability to deploy these firewalls to align optimally with your business requirements. Progent's CCIE certified network consultants can assist you to configure and support a cost-effective infrastructure that incorporates Cisco firewalls and that provides advanced security, fault tolerance, throughput, and manageability. Progent's GISA and CISM-premier IS security engineers can assist your business to create a security strategy that makes sense for your environment and can configure your security appliance to enforce your security strategy. Progent's risk evaluation professionals can evaluate the strength of your existing firewall deployment and audit the overall security of your whole IS network. Progent's Help Desk Call Center can deliver urgent remote troubleshooting for Cisco technology and can give you fast access to a Cisco network engineer.
For additional details concerning Progent's professional support for Cisco technology, choose a topic:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
In order to get in touch with Progent about professional expertise for Cisco networking, call