Cisco is a perennial leader in delivering cutting-edge firewalls for the widest possible range of environments. Cisco's Firepower Next Generation Firewalls represent a modern firewall platform that combines sophisticated hardware, cloud services, and machine learning to anticipate, identify, and mitigate threats automatically. Progent's Cisco-certified CCIE firewall consultants can assist your organization to design and execute a smooth migration to Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and show you how to enhance Firepower appliances with Cisco's cloud-based services to build and centrally manage IT environments that include local offices, data centers, private clouds and public clouds. Progent can also assist you to manage and debug legacy Cisco security appliances. Progent's certified cybersecurity experts can help you with policy creation based on leading best practices so you can establish a consistent and effective security profile across all your devices anywhere.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower Next Generation Firewalls (NGFWs) deliver a significant performance boost over Cisco's popular ASA 5500-X firewalls and include centralized management of advanced cybersecurity capabilities like application visibility and control, next-generation intrusion protection with risk prioritization, advanced malware protection (AMP), distributed denial of service (DDoS) mitigation, and multi-node sandboxing. For details about Cisco's Firepower portfolio of Next Generation Firewalls, refer to Cisco Firepower Series firewalls integration experts.
Cisco's ASA 5500-X Series and Legacy Firewalls
Cisco’s ASA 5500-X, ASA 5500, and PIX firewalls offer integrated firewall, IPsec VPN, and intrusion prevention system capabilities in single-box packages, delivering a broad array of features to meet the security and compliance requirements of companies from small businesses to enterprises and Internet service providers. Cisco’s ASA 5500-X, ASA 5500 Series, and PIX 500 firewall appliances enable network security staffs to protect their network edge and offer secure offsite and mobile access while using advanced management mechanisms built on Cisco's world-class firewall technology.
Cisco’s ASA 5500 Series and PIX 500 firewall appliances have reached end-of-life (EOL) status but remain commonly used in small and mid-size organizations as well as in a few larger networks. Cisco’s ASA 5500-X Next-Generation Firewalls represent substantially more value and have supplanted Cisco's ASA 5500 and PIX 500 lines of firewalls for new deployments. However, Cisco's legacy firewall appliances, if properly maintained, continue to offer a high degree of security by providing multiple services including firewall, VPN tunneling, and IPS.
After Cisco's purchase of Sourcefire, the entire family of Cisco ASA 5500-X firewalls can be configured to support Firepower Services, based on Sourcefire's Snort technology, which is the market's most popular network intrusion protection system (IPS). Firepower services provide powerful new features including advanced malware protection (AMP), URL filtering, dynamic threat analytics, and security automation.
Progent's Cisco CCIE-premier network consultants can assist your organization to support and troubleshoot legacy ASA 5500 Series and PIX 500 firewalls and can also help you to plan and implement an efficient upgrade to Cisco’s ASA 5500-X Series firewalls with Firepower Services. Progent can also help you to design, configure, tune, administer and troubleshoot new firewall solutions based on Cisco's latest ASA 5500-X models with Firepower Services. Progent can also help your organization to upgrade from your Cisco ASA 5500-X Series solution to Cisco's latest Firepower Next Generation Firewalls (NGFWs).
Cisco's ASA 5500-X Firewall Product Family
Cisco's comprehensive family of ASA 5500-X firewalls features an enhanced replacement for every rack-mountable unit in the older ASA 5500 line of devices. Each ASA 5500-X model targets the identical environment as the corresponding earlier models, which offers most ample choice for picking a firewall that aligns with their security requirements and IT budgets. All ASA 5500-X firewalls are based on Cisco's proven stateful-inspection firewall technology and all include 64-bit hardware with multicore processors and are capable of running Cisco's powerful protection services. All models in Cisco's ASA 5500-X family provide consistent protection across any mix of physical, virtual, and cloud environments.
For additional details about Cisco's ASA 5500-X firewalls, Firepower services, and Progent's support for Cisco ASA 5500-X security appliances, see Firepower integration and debugging expertise
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X security appliances accept either software or physical modules that support Cisco's Firepower Services, which offer layered protection against sophisticated attacks. Cisco's Firepower Services are powered by innovative technology adopted by Cisco from Sourcefire. Key features of Firepower Services for ASA 5500-X firewalls include:
- Multi-layer defense against both familiar and zero-day attacks
- Advanced Malware Protection that uses big data techniques to find and mitigate security breaches
- A Next-Generation Intrusion Prevention System that performs contextual analysis that looks at users, network infrastructure, apps, and content to detect attacks that incorporate simultaneous vectors
- Fine-grained Application Visibility and Control that is familiar with thousands of apps and can automatically activate standard and customized IPS policies depending on the degree of threats
Firepower Services for Cisco ASA 5500-X firewalls provide multi-layered security
Simpler implementations of Cisco ASA 5500-X firewalls can be effectively managed via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility included with all ASA 5500-X models. ASDM provides a simple web console for configuring, administering, and troubleshooting ASA 5500-X devices and service modules.
For multi-device and multi-site deployments, ASA 5500-X appliances with Firepower Services can be managed using Firepower Management Center, implemented as one or several physical units or virtual appliances. Firepower Management Center offers centralized firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection (AMP). Because of ongoing rebranding since Cisco's purchase of Sourcefire Defense Center, Firepower Management Center has been delivered under several names including Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Firepower Management Center unifies event and policy management for Firepower firewalls
Cisco's Firepower Management Center provides capabilities unavailable with Cisco's on-device ASDM utility. Additional capabilities include expanded context awareness, Cisco's Advanced Malware Protection with mitigation for client devices, a dashboard that offers real-time infrastructure visualization, automated policy optimization driven by risk assessment of threats, advanced IPS, custom app discovery for Application Visibility and Control (AVC), customized health notifications, improved reporting features, and APIs for host input and databases. Hardware-dependent options such as clustering, stacking, switching, routing, VPN, and NAT must be managed using Cisco's ASA 5500-X on-box ASDM or the ASA command line interface.
Cisco ASA 5500 Adaptive Security Appliances
Cisco Adaptive Security Appliances Firewalls build on technology developed for the PIX 500 Series firewall, the IPS 4200 family Intrusion Prevention System, and the VPN 3000 family concentrator. These solutions converge on the Cisco Adaptive Security Appliances 5500 Series Firewall product line to offer a platform that defends against the widest range of attacks. Cisco Adaptive Security Appliances (ASA) Firewalls provide program protection, network containment and control, and clean Virtual Private Network functionality across the entire product line. This broad scope of protection allows the guarding of any network segment, including the most common attack conduits like remote locations, locally-connected internal users, and remote connected VPNs.
The scalable architecture of the ASA 5500 Series enables you to add services by installing service modules and security service cards (SSCs). These user-installable options provide the ability to add IPS and content protection services like blocking virus, worms, and phishing assaults and executing data and web filtering. Beside allowing you to react rapidly to new risk vectors, the expandable architecture of the ASA 5500 Series also protects your capital investment by prolonging the useful life of your security appliances. The ASA 5500 Series also leverages your investment in administrative staff training by supporting the rich set of PIX 500 management utilities and protocols such as the Cisco ASDM system, protected command-line interface access, verbose syslog, and Simple Network Management Protocol (SNMP).
Cisco Adaptive Security Appliances 5500 Series firewalls provide a high-level of application protection through intelligent, application-aware inspection engines that analyze traffic at Layers 4-7. The result is a more secure network covering Web, voice, and 3G-mobile wireless connectivity. To protect against application-layer attacks and to provide better policing of the applications and protocols utilized in their environments, Cisco's inspection engines integrate extensive application and protocol knowledge and employ protection enforcement solutions such as anomaly detection and application and protocol state monitoring. Also incorporated are assault sensing and remediation technology such as application/protocol command filtering and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also deliver control over instant messaging and tunneling applications, enabling businesses to enforce usage policies and recover bandwidth for crucial business processes.
For more details about Progent's support services for ASA 5500 security appliances, visit Cisco ASA 5500 firewalls integration and debugging services.
Cisco PIX Security Appliance Series
Built around a tested, purpose-built operating system that offers rich protection services, Cisco PIX firewall appliances offer a high level of protection and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IPsec qualification. PIX security appliances offer security for a broad range of VoIP and other multimedia standards including H.323 Version 4, Session Initiation Protocol (SIP), SCCP, Real-Time Streaming Protocol, and MGCP, enabling organizations to protect installations of a wide range of current and upcoming VoIP and multimedia applications.
PIX firewall appliances feature a variety of setup, monitoring, and troubleshooting features, providing businesses the flexibility to use the methods that most closely meet their needs. Management solutions include centralized, policy-based management utilities, integrated web-based administration, and support for remote-monitoring protocols such as Simple Network Management Protocol (SNMP) and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) interface provides a powerful Web-based control platform that greatly streamlines the deployment, in-place modification, and tracking of a single PIX firewall without requiring any extra software other than a standard Web browser and Java applet to be installed on an administrator's computer.
IT managers can also remotely set up, track, and analyze PIX security appliances via a command-line interface. Secure command-line interface (CLI) communication is available using several techniques such as Secure Shell (SSHv2) Protocol, Telnet through IP Security (IPsec), and out-of-band through a console port. PIX firewalls also include dependable auto-update capabilities, a collection of advanced secure remote-administration options that ensure firewall settings and software images are always current.
For additional details about Progent's support services for PIX firewalls, visit PIX 500 firewalls configuration and troubleshooting services.
Progent's Migration Consulting Support for Cisco Firewalls
Since Cisco has ceased offering the PIX and ASA 5500 product lines, many companies are concerned about relying on a critical infrastructure component that might stop being supported by Cisco. Cisco ASA 5500-X and Firepower Series firewalls offer the advantage of being current devices and also bring a number of technical and economic advantages in comparison to PIX devices. These benefits include substantially better throughput, optional Secure Sockets Layer tunneling support, and a modular design that protects your investment by enabling you to self-install new security services whenever you need them. Progent's Cisco certified experts can assist your company to determine the business value of for moving from PIX or ASA 5500 firewalls, create a migration plan that permits a fast and seamless upgrade, assist you to set up new ASA 5500-x or Firepower NGFW Series firewalls, and offer online, consulting, and technical support services.
Other Ways Progent Can Assist You with Cisco ASA and PIX Firewalls
Cisco Firepower Series, ASA Series, and PIX security appliances provide an array of configuration, tracking, and troubleshooting options which offer you the ability to set up these security appliances to align optimally with your business requirements. Progent's CCIE certified network consultants can help you to design a cost-effective network infrastructure that includes Cisco firewalls and that offers world-class protection, resilience, performance, and manageability. Progent's CISA and CISM-certified IS security consultants can assist your business to develop a security strategy appropriate for your environment and can set up your firewall to enforce your security policies. Progent's risk evaluation experts can assess the effectiveness of your current firewall solution and audit the security of your entire IS environment. Progent’s Help Desk support team can provide emergency remote troubleshooting for Cisco products and can give you fast access to a Cisco expert.
Integration of Cisco and Third-party Security Technology
To find out about Progent's consulting and support services for additional Cisco products and technologies, select a topic:
To find out more information concerning Progent's consulting support for Cisco products, pick a topic:
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
For more information about Progent's consulting and support services for Cisco technology, call 1-800-993-9400 or visit Contact Progent.