Cisco is a perennial front-runner in delivering cutting-edge firewall appliances for the broadest possible variety of environments. Cisco's Firepower NGFWs Firewalls represent a modern cybersecurity platform that combines dedicated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to block, identify, and respond to cyber attacks automatically. Progent's Cisco-certified CCIE-certified firewall experts can assist you to design and carry out an efficient migration to Firepower firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX appliances and show you how to integrate Firepower firewalls with Cisco's cloud-based services to create and centrally control network environments that include local offices, data centers, private clouds and public clouds. Progent's firewall consultants can also help you to maintain and debug older-generation Cisco security appliances. Progent's certified network security consultants can help you with policy creation and tuning based on industry best practices in order to establish a consistent and effective security profile that applies to all your devices anywhere.
Cisco's Firepower NGFW Firewalls
Cisco's Firepower NGFWs Firewalls provide a significant performance boost over Cisco's popular ASA 5500-X firewalls and include centralized management of modern cybersecurity capabilities such as application visibility and control (AVC), next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection, distributed denial of service (DDoS) mitigation, and multi-node sandboxing. For more information about Cisco's Firepower line of NGFWs Firewalls, visit Cisco Firepower firewalls integration experts.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco’s ASA 5500-X, ASA 5500, and PIX 500 firewall appliances offer combined firewall, IPsec VPN, and IPS capabilities in compact single-box devices, delivering a wide array of features to match the security requirements of companies ranging from small businesses to enterprises and Internet service providers. Cisco’s ASA 5500-X Series, ASA 5500, and PIX firewall appliances allow network security staffs to protect their network edge and offer secure remote connectivity while utilizing advanced administration mechanisms based on Cisco's industry-leading firewall technology.
Cisco’s ASA 5500 and PIX 500 firewall appliances have reached end-of-life (EOL) status but remain commonly deployed in smaller businesses and in a few larger networks. Cisco’s ASA 5500-X Series Next-Generation Firewalls deliver substantially more value and have superseded Cisco's ASA 5500 and PIX families of firewalls for new deployments. Still, Cisco's legacy firewall appliances, if properly managed, can offer a high level of security by supplying multiple features such as firewall, VPN, and IPS.
After Cisco's acquisition of Sourcefire, the whole line of ASA 5500-X firewalls can be configured to enable Firepower Services, built on Sourcefire's Snort technology, which is the market's most popular network intrusion protection system (IPS). Firepower services bring powerful new features such as advanced malware protection (AMP), URL filtering, dynamic threat analytics, and automation.
Progent's Cisco-certified network consultants can help you to maintain and debug legacy ASA 5500 Series and PIX firewall appliances and can also help you to plan and carry out a smooth migration to Cisco’s ASA 5500-X Series firewalls with Firepower Services. Progent can also assist you to plan, deploy, optimize, manage and troubleshoot new firewall ecosystems based on Cisco's current ASA 5500-X models with Firepower Services. Progent's firewall consultants can also help you to migrate from your Cisco ASA 5500-X deployment to Cisco's latest Firepower Next Generation Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive line of ASA 5500-X security appliances features an improved substitute for each rack-mountable unit in the previous ASA 5500 line of devices. Each ASA 5500-X firewall targets the identical market as the corresponding earlier models, which offers most plenty of choice for picking a firewall that aligns with their security requirements and budgets. All ASA 5500-X products are based on Cisco's proven stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore processors and support Cisco's advanced protection services. All devices in Cisco's ASA 5500-X product line provide consistent protection across any combination of physical, virtual, and cloud deployments.
For more details about Cisco's ASA 5500-X firewalls, Cisco Firepower services, and Progent's consulting for Cisco ASA security appliances, go to Cisco Firepower integration and debugging consulting
Cisco's Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X security appliances work with software or physical modules that support Cisco's Firepower Services, which provide layered protection against advanced attacks. Cisco's Firepower Services are powered by technology acquired by Cisco from Sourcefire. Key features of Firepower Services for ASA firewalls include:
- Layered protection against both familiar and new attacks
- Cisco's Advanced Malware Protection that utilizes big data techniques to discover and remediate intrusions
- Cisco's Next-Generation Intrusion Prevention System (NGIPS) that performs contextual analysis that looks at users, network infrastructure, software applications, and content to discover threats that incorporate simultaneous approaches
- High-resolution Application Visibility and Control that is familiar with thousands of apps and can automatically activate standard and custom IPS policies based on the severity of threats
Firepower Services for Cisco ASA firewalls provide multi-layered security
Simpler deployments of ASA 5500-X firewalls can be efficiently administered using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web utility which is provided with all ASA 5500-X models. ASDM includes a convenient web dashboard for configuring, administering, and debugging ASA 5500-X firewalls and modules.
For more complex deployments, ASA 5500-X appliances with Firepower can be administered with Cisco's Firepower Management Center, implemented as one or more physical units or virtual appliances. Firepower Management Center provides unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Advanced Malware Protection. Because of ongoing rebranding since Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names that include Defense Center, FireSIGHT Defense Center, and Cisco Firesight Management Center.
Firepower Management Center unifies event and policy control for Firepower firewalls
Cisco's Firepower Management Center offers features unavailable with Cisco's on-device Adaptive Security Device Manager tool. Extra features include expanded context awareness, Cisco's Advanced Malware Protection with mitigation for user devices, a dashboard that provides dynamic network infrastructure visualization, automated policy tuning driven by impact evaluation of attacks, advanced IPS, custom application detectors for Application Visibility and Control (AVC), customized health notifications, enhanced reporting options, and APIs for host input and database access. Hardware-dependent options such as clustering, stacking, switching, routing, VPN, and NAT must be managed via Cisco's ASA 5500-X on-device ASDM or the ASA CLI.
Cisco ASA 5500 Adaptive Security Appliances
Cisco Adaptive Security Appliances 5500 Series Firewalls build on technology developed for Cisco's PIX 500 family Security Appliance, Cisco's IPS 4200 family sensor, and the VPN 3000 Series concentrator. These solutions enable the Cisco Adaptive Security Appliances (ASA) Firewall product line to offer a platform that stops the broadest variety of threats. Cisco ASA 5500 Series Firewalls deliver application security, network containment, and clean Virtual Private Network functionality across the entire product portfolio. This breadth of protection allows defense of any network segment, which includes the most typical threat vectors like remote locations, LAN-connected internal users, and remote connected VPNs.
The expandable design of the Cisco ASA 5500 family enables you to add security services by installing security service modules (SSMs) and cards. These easy-to-install enhancements provide the ability to add Intrusion Protection and content protection functions like blocking virus, worms, and phishing attacks and executing data and URL filtering. Beside allowing your IT staff to respond quickly to new threat environments, the expandable architecture of the Cisco ASA 5500 Series also leverages your capital investment by prolonging the useful life of your security appliances. The Cisco ASA 5500 family also protects your investment in administrative staff training by utilizing the rich library of PIX 500 management tools and protocols such as the Cisco Adaptive Security Device Manager platform, secure command-line interface availability, verbose syslog, and Simple Network Management Protocol.
Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls provide a high-level of application protection via smart, application-sensitive inspection processes that analyze network flows at Layers 4-7. This results in a safer network covering Web, voice, and mobile wireless access. To protect against application-layer attacks and to provide stronger control over the programs and protocols used in their environments, these inspection engines incorporate extensive application and protocol knowledge and rely on security enforcement solutions that include anomaly detection and application and protocol state monitoring. Also incorporated are attack sensing and remediation technology including application/protocol command filtering and URL deobfuscation. Cisco Adaptive Security Appliances 5500 Series firewall inspection engines also deliver control over instant messaging and peer-to-peer file sharing, allowing organizations to police usage policies and free up network bandwidth for crucial business processes.
For more information about Progent's support services for ASA 5500 firewalls, go to ASA 5500 series firewalls configuration and debugging support.
PIX Firewall Appliances
Built around a hardened, specialized operating system that offers a wealth of security features, Cisco PIX firewall appliances offer a high level of protection and have been awarded EAL 4 status and ICSA Labs Firewall and IP Security (IPsec) certification. PIX firewalls provide security for a wide range of VoIP and additional mixed-media standards including H.323 v. 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol, Real-Time Streaming Protocol, and Media Gateway Control Protocol (MGCP), helping organizations to protect installations of a broad range of current and upcoming IP voice and multimedia applications.
Cisco PIX firewall appliances offer a variety of configuration, monitoring, and analysis features, providing businesses the flexibility to use the methods that best match their needs. Management solutions include centralized, policy-based administration tools, integrated web-accessible management, and compatibility with remote-monitoring standards like SNMP and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system provides a powerful Web-based control solution that greatly simplifies the deployment, in-place modification, and tracking of a specific Cisco PIX firewall without requiring any additional software other than a standard browser and Java plug-in to be installed on an administrator's PC.
Administrators can furthermore remotely set up, monitor, and troubleshoot Cisco PIX firewall appliances using a command-line interface (CLI). Secure command-line interface communication is available using several methods including Secure Shell (SSHv2) Protocol, Telnet through IPsec, and out-of-band via a console port. PIX security appliances also include robust automatic-update capabilities, a collection of revolutionary secure remote-management services that make sure that security configurations and software images are always up to date.
For additional information about Progent's support services for PIX 500 security appliances, visit Cisco PIX firewalls configuration and troubleshooting support.
Progent's Migration Support Services for Cisco Firewalls
Because Cisco has discontinued selling the PIX 500 and ASA 5500 families of firewalls, many businesses are concerned about depending on a key infrastructure mechanism that may stop being supported by Cisco. ASA 5500-X and Firepower NGFW Series security appliances offer the benefit of being current devices and also offer a number of functions and economic advantages in comparison to PIX devices. These benefits include substantially higher performance, optional SSL tunneling capability, and a modular architecture that protects your investment by allowing you to self-install more security features whenever you need them. Progent's CCIE-certified network engineers can help your company to assess the strategic value of for moving from PIX or Cisco ASA 5500 firewalls, design a migration plan that permits a quick and seamless changeover, assist you to install new ASA 5500-x Series or Firepower NGFW Series appliances, and offer online, consulting, and troubleshooting services.
Other Ways Progent Can Assist Your Business with Cisco Firewalls
Cisco Firepower NGFW Series, ASA Series, and PIX family security appliances provide a wealth of configuration, tracking, and analysis features which give you the ability to deploy these firewalls to align optimally with your company's needs. Progent's CCIE authorized network experts can show you how to configure and support a cost-effective infrastructure that incorporates Cisco firewalls and that offers world-class protection, fault tolerance, performance, and recoverability. Progent's GISA and CISM-premier IS security professionals can assist your business to create a security policy that makes sense for your environment and can set up your PIX or ASA firewall to enforce your security policies. Progent's risk assessment engineers can assess the strength of your current firewall solution and help determine the security of your whole information system environment. Progent’s Help Desk Call Center can deliver urgent remote troubleshooting for Cisco products and offer quick access to a Cisco expert.
Integration of Cisco and Third-party Security Technology
To find out about Progent's consulting and support services for additional Cisco products and technologies, select a topic:
To see additional information about Progent's professional help for Cisco technology, pick a subject:
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
For more information about Progent's consulting and support services for Cisco technology, call 1-800-993-9400 or visit Contact Progent.