Cisco is a long-time leader in developing cutting-edge firewalls for the widest possible variety of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) represent an advanced cybersecurity solution that marshals sophisticated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to anticipate, discover, and mitigate threats automatically. Progent's Cisco-certified CCIE-certified firewall consultants can help your organization to design and carry out a smooth upgrade to Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX appliances and show you how to enhance Firepower firewalls with Cisco's cloud-based services to create and centrally manage IT ecosystems that include branch offices, data centers, private clouds and public clouds. Progent can also help you to manage and debug legacy Cisco firewalls. Progent's certified network security experts can help you with policy creation based on industry best practices in order to build a consistent security profile that applies to all your endpoints at any location.
Cisco's Firepower NGFW Firewalls
Cisco's Firepower Next Generation Firewalls (NGFWs) provide a major performance improvement compared to Cisco's popular ASA 5500-X security appliances and include centralized management and automation of advanced cybersecurity features such as application visibility and control (AVC), next-generation intrusion protection with intelligent prioritization of risks, advanced malware protection, URL filtering, and sandboxing. For more information about Cisco's Firepower family of NGFWs Firewalls, see Firepower firewalls consulting services.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500, and PIX firewall appliances provide integrated firewall, IPsec VPN, and IPS services in single-box packages, delivering a wide range of features to match the security requirements of companies ranging from small businesses to enterprises and Internet service providers. Cisco's ASA 5500-X, ASA 5500 Series, and PIX firewalls enable network security staffs to protect their network edge and offer safe remote connectivity while utilizing powerful administration mechanisms built on Cisco's industry-leading firewall products.
Cisco's ASA 5500 Series and PIX 500 firewalls have arrived at end-of-life (EOL) but remain widely used in small and mid-size organizations and in some larger networks. Cisco's ASA 5500-X Next-Generation Firewalls deliver significantly more bang for the buck and have superseded the ASA 5500 and PIX 500 families of firewalls for new installations. However, Cisco's older model firewalls, if carefully managed, can offer a high level of protection by providing multiple services such as stateful firewall, VPN tunneling, and IPS.
After Cisco's acquisition of Sourcefire, the whole line of Cisco ASA 5500-X firewalls can be configured to support Firepower Services, based on Sourcefire's Snort product, which is the world's most popular intrusion protection system. Firepower services provide enhanced capabilities including advanced malware protection (AMP), URL filtering, real-time threat analytics, and automation.
Progent's Cisco-premier network engineers can assist you to maintain and troubleshoot older ASA 5500 Series and PIX firewall appliances and can also help you to plan and implement a smooth upgrade to Cisco's ASA 5500-X firewalls with Firepower Services. Progent can also help you to plan, integrate, tune, administer and debug new firewall solutions based on Cisco's current ASA 5500-X firewalls with Firepower. Progent's firewall consultants can also help your organization to upgrade from your Cisco ASA 5500-X solution to Cisco's Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive family of ASA 5500-X firewalls features an improved substitute for each rack-mountable unit in the previous ASA 5500 line of firewalls. Each ASA 5500-X model is suited for the identical market as the corresponding earlier models, which offers small and midsize businesses ample choice for picking a firewall that aligns with their security needs and budgets. All ASA 5500-X products are based on Cisco's proven stateful-inspection firewall technology and all include 64-bit hardware with multicore CPUs and support Cisco's advanced security services. All devices in Cisco's ASA 5500-X family provide dependable protection across any combination of physical, virtual, and cloud deployments.
For additional details about Cisco's ASA 5500-X firewalls, Firepower services, and Progent's consulting for Cisco ASA firewalls, go to Cisco Firepower configuration and debugging expertise
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X security appliances accept software or hardware modules that enable Firepower Services, which offer layered protection against advanced threats. Firepower Services are powered by innovative technology adopted by Cisco from Sourcefire. Major capabilities of Firepower Services for ASA firewalls include:
- Layered protection against familiar and zero-day threats
- Advanced Malware Protection that utilizes big data to discover and remediate security breaches
- A Next-Generation Intrusion Prevention System that provides contextual analysis that covers clients, network infrastructure, apps, and content to discover attacks that incorporate simultaneous approaches
- High-resolution Application Visibility and Control that is aware of thousands of applications and can automatically activate standard and customized IPS policies based on the degree of threats
Firepower Services for Cisco ASA firewalls provide advanced multi-layered security
Simpler implementations of Cisco ASA 5500-X firewalls can be efficiently administered via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool which is provided with all ASA 5500-X versions. ASDM provides a convenient web console for configuring, administering, and debugging ASA 5500-X appliances and service modules.
For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower Services can be administered using Cisco's Firepower Management Center, implemented as one or several physical or virtual appliances. Firepower Management Center provides unified firewall management, Application Visibility and Control, advanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Because of frequent rebranding since Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been delivered under several names including Cisco Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Firepower Management Center unifies event and policy control for Cisco Firepower firewall appliances
Cisco's Firepower Management Center offers capabilities unavailable with Cisco's on-box Adaptive Security Device Manager utility. Additional features include greater context awareness, Advanced Malware Protection (AMP) with mitigation for user devices, a dashboard that provides real-time network infrastructure visualization, automated policy tuning based on impact assessment of threats, advanced IPS, custom application discovery for Application Visibility and Control (AVC), customized health notifications, enhanced reporting features, and APIs for host input and databases. Hardware-dependent features such as clustering, stacking, switching, routing, VPN, and NAT must be handled using either the on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Family of Adaptive Security Appliances
Cisco Adaptive Security Appliances Firewalls leverage engineering developed for the PIX 500 family Security Appliance, the IPS 4200 family Intrusion Prevention System, and the VPN 3000 family concentrator. These technologies enable the Cisco ASA Firewall product line to offer a platform that stops the broadest range of attacks. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls deliver program security, network containment and control, and safe Virtual Private Network connectivity across Cisco's product portfolio. This breadth of security enables the guarding of any network area, which includes the most typical threat conduits like remote locations, LAN-connected internal users, and off-site connected Virtual Private Networks.
The expandable design of the Cisco ASA 5500 Series enables you to add more services via service modules and cards. These user-installable options give you the option of adding IPS and content protection services like filtering virus, spyware, and phishing attacks and performing file and URL filtering. In addition to enabling you to react rapidly to the latest threat environments, the expandable design of the Cisco ASA 5500 family also protects your capital investment by prolonging the useful life of your security appliances. The Cisco ASA 5500 Series also protects your investment in administrative staff training by utilizing the familiar set of PIX 500 management tools and protocols such as the Cisco ASDM system, protected command-line interface (CLI) access, verbose syslog, and Simple Network Management Protocol.
Cisco Adaptive Security Appliances firewalls provide robust application security through smart, application-aware inspection processes that examine traffic at Layers 4-7. The result is a better protected environment covering Web, voice, and 3G-mobile wireless services. To protect networks against application-layer assaults and to offer better control over the applications and protocols utilized in their networks, these inspection engines integrate broad application and protocol knowledge and employ protection enforcement solutions that include protocol anomaly sensing and state tracking. Also incorporated are attack detection and mitigation techniques including application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide management of instant messaging and peer-to-peer file sharing, enabling businesses to enforce usage policies and conserve bandwidth for critical business applications.
For more information about Progent's consulting services for ASA 5500 firewalls, go to Cisco ASA 5500 firewalls integration and debugging services.
Cisco PIX Security Appliance Series
Based around a tested, specialized software platform that offers a wealth of protection features, PIX firewalls offer a high level of security and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IP Security (IPsec) certification. PIX security appliances offer security for a wide array of VoIP and additional mixed-media conventions such as H.323 v. 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol, and Media Gateway Control Protocol (MGCP), enabling organizations to safeguard installations of a broad array of current and upcoming VoIP and multimedia applications.
Cisco PIX security appliances feature a wealth of setup, monitoring, and analysis options, giving IT managers the versatility to utilize the techniques that most closely match their requirements. Administrative solutions include common, policy-based administration tools, integrated web-based administration, and compatibility with remote-tracking standards like Simple Network Management Protocol and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system provides a powerful Web-accessible control solution that significantly simplifies the installation, ongoing modification, and monitoring of a specific PIX firewall appliance without the need of any extra utility beyond an ordinary Web browser and Java plug-in to be installed on an administrator's computer.
IT managers can furthermore remotely configure, monitor, and analyze PIX firewalls using a command-line interface. Safe CLI interface access is available through a number of methods including Secure Shell (SSHv2) Protocol, Telnet over IP Security (IPsec), and out-of-band through a console port. Cisco PIX firewall appliances also include robust automatic-update capabilities, a set of revolutionary protected remote-management options that make sure that security settings and software images are always up to date.
For more details about Progent's support services for PIX 500 security appliances, go to Cisco PIX firewalls configuration and troubleshooting consulting.
Progent's Migration Consulting Services for Cisco Firewalls
Because Cisco has ceased selling the PIX 500 and ASA 5500 product lines, many businesses are uncomfortable with relying on a critical infrastructure mechanism that may no longer be supported. ASA 5500-X and Firepower NGFW Series security appliances have the benefit of being new products and also offer a number of functions and budgetary advantages in comparison to PIX 500 devices. These benefits include significantly better throughput, optional SSL tunneling capability, and an expandable architecture that protects your investment by allowing you to add new security services when and if you need them. Progent's Cisco experts can help you to assess the business value of for migrating from PIX or ASA 5500 firewalls, create a migration process that permits a fast and non-disruptive upgrade, help you to set up new ASA 5500-x Series or Firepower NGFW Series firewalls, and offer online, consulting, and troubleshooting services.
Additional Ways Progent Can Help You with Cisco Firewalls
Cisco's Firepower Series, ASA 5500 Series, and PIX firewalls provide a wealth of configuration, monitoring, and analysis options which give you the flexibility to deploy these security appliances to match your company's requirements. Progent's CCIE certified network consultants can assist you to design a cost-effective network infrastructure that incorporates Cisco firewall technology and that offers world-class protection, fault tolerance, throughput, and recoverability. Progent's GISA and CISM-certified IS security professionals can help you to create a security strategy that makes sense for your environment and can configure your security appliance to enforce your security strategy. Progent's security assessment experts can assess the strength of your existing firewall solution and validate the security of your whole IS environment. Progent's Technical Response Center can deliver urgent online technical support for Cisco products and can give you fast access to a Cisco expert.
To learn more information concerning Progent's engineering support for Cisco solutions, pick a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To get in touch with Progent about professional help for Cisco networking, call 1-800-993-9400 or see Contact Progent.