Cisco is a long-time front-runner in developing cutting-edge firewalls for the widest possible variety of environments. Cisco's Firepower NGFWs Firewalls provide an advanced cybersecurity solution that combines sophisticated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to anticipate, discover, and mitigate cyber attacks automatically. Progent's Cisco-certified CCIE-certified firewall experts can assist you to plan and execute an efficient migration to Cisco Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX appliances and show you how to integrate Firepower appliances with Cisco's cloud-based services to build and centrally control IT environments that include branch offices, data centers, private clouds and public clouds. Progent's firewall consultants can also assist you to maintain and troubleshoot older-generation Cisco firewalls. Progent's certified cybersecurity experts can help you with policy creation based on industry best practices in order to establish a consistent cybersecurity profile across all your networked endpoints at any location.
Cisco's Firepower Next Generation Firewalls
Cisco's Firepower NGFWs Firewalls provide a major performance boost over Cisco's popular ASA 5500-X security appliances and include unified control of advanced security features such as application visibility and control, next-generation intrusion protection (NGIPS) with intelligent prioritization of risks, advanced malware protection, DDoS mitigation, and multi-node sandboxing. For details about Cisco's Firepower family of Next Generation Firewalls (NGFWs), see Cisco Firepower firewalls integration services.
Cisco's ASA 5500-X and Legacy Firewalls
Ciscoís ASA 5500-X, ASA 5500 Series, and PIX firewall appliances offer integrated firewall, VPN, and intrusion prevention system (IPS) capabilities in compact single-box packages, delivering a broad range of features to meet the security and compliance needs of organizations from small and mid-size businesses to enterprises and ISPs. Ciscoís ASA 5500-X, ASA 5500, and PIX 500 firewall appliances enable IT security staffs to defend their network perimeter and provide secure offsite and mobile access while utilizing powerful management mechanisms based on Cisco's industry-leading firewall technology.
Ciscoís ASA 5500 and PIX firewalls have arrived at end-of-life but remain commonly used in smaller organizations and in some larger networks. The ASA 5500-X Next-Generation Firewalls deliver substantially more value and have supplanted the ASA 5500 and PIX 500 families of firewalls for new deployments. However, Cisco's older model firewalls, if properly managed, can offer a high degree of security by supplying a variety of security functions including firewall, IPsec VPN, and IPS.
Since Cisco's acquisition of Sourcefire, the entire line of ASA 5500-X firewalls can be configured to support Firepower Services, based on Sourcefire's Snort product, which is the market's most deployed network intrusion protection system (IPS). Firepower services provide enhanced features including advanced malware protection (AMP), URL filtering, dynamic threat analytics, and automation.
Progent's Cisco-premier network consultants can help you to support and troubleshoot legacy ASA 5500 Series and PIX firewall appliances and can also help you to design and carry out a smooth migration to Ciscoís ASA 5500-X firewalls with Firepower Services. Progent can also assist you to plan, integrate, tune, manage and debug new firewall solutions built on Cisco's current ASA 5500-X firewalls with Firepower. Progent's firewall consultants can also assist your organization to migrate from your Cisco ASA 5500-X solution to Cisco's Firepower Next Generation Firewalls (NGFWs).
Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive family of ASA 5500-X security appliances features an enhanced substitute for every rack-mountable unit in the older ASA 5500 generation of devices. Each ASA 5500-X model is suited for the same environment as the associated previous models, which gives most plenty of room for picking a solution that aligns with their security needs and budgets. All ASA 5500-X firewalls are based on Cisco's proven stateful-inspection firewall technology and all incorporate purpose-built 64-bit hardware with multicore processors and support Cisco's powerful security services. All models in Cisco's ASA 5500-X family deliver dependable security across any combination of physical, virtual, and cloud environments.
For more details about ASA 5500-X firewalls, Firepower services, and Progent's consulting for Cisco ASA firewalls, visit Firepower integration and troubleshooting expertise
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls work with software or physical modules that enable Firepower Services, which provide layered defense against multi-vector threats. Firepower Services are based on innovative technology adopted by Cisco from Sourcefire. Key features of Firepower Services for ASA 5500-X security appliances include:
- Layered defense against familiar and new threats
- Cisco's Advanced Malware Protection (AMP) that uses big data techniques to discover and mitigate intrusions
- A Next-Generation Intrusion Prevention System that performs contextual analysis that looks at users, network infrastructure, apps, and content to discover attacks that use simultaneous approaches
- Fine-grained Application Visibility and Control that is aware of thousands of apps and can automatically activate standard and custom IPS policies depending on the degree of risk
Firepower Services for Cisco ASA 5500-X firewalls provide multi-layered protection
Simpler deployments of ASA 5500-X firewalls can be effectively administered using Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool which is provided with all ASA 5500-X versions. ASDM provides an easy-to-use web dashboard for configuring, administering, and debugging ASA 5500-X devices and service modules.
For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower can be administered with Cisco's Firepower Management Center, available as one or more physical units or virtual devices. Firepower Management Center provides unified firewall management, Application Visibility and Control, enhanced IPS, URL filtering, and Advanced Malware Protection (AMP). Because of frequent rebranding after Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under various names that include Defense Center, FireSIGHT Defense Center, and Cisco Firesight Management Center.
Firepower Management Center unifies event and policy control for Firepower firewalls
Firepower Management Center provides features beyond those available with Cisco's on-box ASDM tool. Additional features include expanded context awareness, Advanced Malware Protection (AMP) with mitigation for user devices, a console that offers dynamic network infrastructure visualization, automated policy optimization driven by impact evaluation of attacks, comprehensive IPS, custom application detectors for Application Visibility and Control (AVC), customized health alerts, enhanced reporting options, and application interfaces for host input and databases. Hardware-dependent options like clustering, stacking, switching, routing, VPN, and NAT must be managed using either Cisco's ASA 5500-X on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Family of Firewalls
Cisco Adaptive Security Appliances Firewalls leverage technology behind the Cisco PIX 500 family Security Appliance, the Cisco IPS 4200 family sensor, and the Cisco VPN 3000 Series concentrator. These technologies enable the Cisco Adaptive Security Appliances Firewall product line to deliver a firewall that defends against the broadest range of threats. Cisco ASA 5500 Series Firewalls deliver application security, local containment and control, and safe VPN functionality throughout Cisco's product line. This breadth of protection enables the guarding of any network area, which includes the most common threat conduits such as remote sites, locally-connected internal users, and remote connected Virtual Private Networks.
The scalable design of the Cisco ASA 5500 family allows you to add more security services via security service modules (SSMs) and security service cards. These easy-to-install enhancements provide the option of adding Intrusion Protection and content protection services like filtering virus, worms, and phishing attacks and performing data and URL filtering. Beside allowing your IT staff to react quickly to new risk vectors, the extensible design of the Cisco ASA 5500 family also protects your capital investment by increasing the life of your security appliances. The ASA 5500 family also leverages your investment in IT team education by utilizing the rich set of PIX 500 management utilities and protocols including the Cisco Adaptive Security Device Manager (ASDM) platform, secure command-line interface availability, syslog, and Simple Network Management Protocol.
Cisco Adaptive Security Appliances firewalls deliver a high-level of application security via smart, application-aware inspection engines that analyze traffic at Layers 4-7. This results in a more secure network including Web, voice, and mobile wireless connectivity. To protect against application-layer assaults and to provide better control over the applications and protocols used in their networks, these inspection engines integrate extensive application and protocol knowledge and employ protection enforcement solutions such as anomaly detection and state tracking. Also incorporated are assault sensing and remediation technology such as application/protocol command filters and content verification. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also deliver control over IM and peer-to-peer file sharing, allowing organizations to enforce usage policies and conserve network bandwidth for crucial business applications.
For more information about Progent's support services for Cisco's ASA 5500 security appliances, go to ASA 5500 firewalls integration and troubleshooting consulting.
Cisco PIX Firewall Appliances
Built upon a tested, purpose-built software platform that delivers a wealth of protection features, Cisco PIX firewalls offer excellent protection and have earned EAL 4 status and ICSA Labs Firewall and IPsec qualification. PIX firewall appliances provide protection for a broad range of Voice over IP and other multimedia conventions including H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol, and Media Gateway Control Protocol, helping organizations to protect installations of a broad range of current and upcoming IP voice and video applications.
Cisco PIX firewalls feature a wealth of configuration, tracking, and analysis options, providing IT managers the flexibility to utilize the techniques that best match their needs. Administrative solutions include centralized, policy-based management tools, integrated web-based management, and support for remote-monitoring protocols like Simple Network Management Protocol and syslog. The integrated Adaptive Security Device Manager interface provides a powerful Web-accessible control platform that significantly streamlines the deployment, ongoing modification, and tracking of a single Cisco PIX security appliance without the need of any extra software beyond a standard browser and Java plug-in to be running on an administrator's computer.
IT managers can also remotely set up, monitor, and troubleshoot PIX firewalls via a command-line interface. Secure CLI interface communication is available through several methods such as Secure Shell (SSHv2) Protocol, Telnet through IP Security, and out-of-band through a console port. PIX firewalls also include dependable auto-update capabilities, a set of revolutionary secure remote-administration services that ensure firewall configurations and software images are kept current.
For more details about Progent's support services for Cisco PIX 500 firewalls, go to Cisco PIX 500 firewalls configuration and debugging support.
Progent's Migration Support for Cisco Firewalls
Because Cisco has discontinued offering the PIX and ASA 5500 families of firewalls, many businesses are concerned about relying on a critical security component that may no longer be supported. ASA 5500-X and Firepower NGFW Series security appliances offer the advantage of being new devices and also bring several functions and economic advantages in comparison to PIX firewalls. These benefits include substantially better throughput, optional SSL VPN support, and a modular design that protects your investment by enabling you to add more security services when and if you need them. Progent's Cisco network engineers can assist you to assess the business value of for migrating from PIX 500 or ASA 5500 security appliances, create a migration plan that allows for a quick and seamless changeover, assist you to deploy new ASA 5500-x Series or Firepower NGFW Series firewalls, and provide online, consulting, and technical support services.
Other Ways Progent Can Help You with Cisco ASA and PIX Firewalls
Cisco Firepower NGFW Series, ASA 5500 Series, and PIX firewalls incorporate an array of configuration, tracking, and analysis options which give you the ability to set up these firewalls to match your business requirements. Progent's CCIE authorized network experts can assist you to build an efficient infrastructure that incorporates Cisco firewall technology and that offers advanced security, resilience, throughput, and manageability. Progent's GISA and CISSP-ISSP-premier IS security engineers can assist your business to develop a security strategy appropriate for your situation and can configure your PIX or ASA firewall to support your security policies. Progent's risk assessment professionals can evaluate the strength of your existing firewall deployment and validate the overall security of your entire information system network. Progentís Help Desk Call Center can provide urgent online troubleshooting for Cisco products and offer quick access to a Cisco CCIE expert.
To learn more details about Progent's consulting help for Cisco products, pick a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To contact Progent about technical help for Cisco products, phone 1-800-993-9400 or visit Contact Progent.