Cisco is a long-time front-runner in delivering cutting-edge firewall appliances for the broadest possible range of environments. Cisco's Firepower Next Generation Firewalls represent a modern cybersecurity platform that combines dedicated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to anticipate, identify, and respond to threats automatically. Progent's Cisco-certified CCIE firewall experts can assist your organization to design and carry out an efficient migration to Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX appliances and show you how to integrate Firepower appliances with Cisco's cloud-based services to create and centrally manage network environments that encompass local offices, data centers, private clouds and public clouds. Progent can also help you to maintain and debug older-generation Cisco security appliances. Progent's certified network security experts can assist you with policy creation and tuning driven by industry best practices so you can build a consistent and effective cybersecurity posture that applies to all your networked devices anywhere.
Cisco's Firepower Next Generation Firewalls
Cisco's extensive portfolio of Firepower Next-Generation firewalls delivers modern security and centralized control at prices, speed, and scale suitable for environments spanning branch offices and small organizations to global enterprises and service providers. Cisco's Firepower NGFWs Firewalls provide a significant performance improvement over Cisco's older firewalls and include unified management of modern cybersecurity capabilities such as application visibility and control (AVC), next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection, DDoS mitigation, and sandboxing.
All Firepower Next-Generation firewalls have a one-pass architecture and permit continuous analysis and retrospective detection, which makes it possible to provide outbreak management and to uncover patient zero. Firepower Next-Generation firewalls also have the option of URL Filtering and subscription-free sandboxing for finding elusive threats, behavioral indicators of compromise, and malware artifacts. Next-Generation IPS rule tuning and network firewall policy are performed automatically, requiring no time-consuming intervention by cybersecurity experts. All Firepower NGFW firewalls give you the option of running either Cisco Firepower Threat Defense (FTD) or Adaptive Security Appliance software. Unified deployment, logging, monitoring, and reporting capabilities can be controlled either by Cisco's Management Center or in the cloud with Defense Orchestrator.
Cisco Firepower 1000 Series NGFW Firewalls
Firepower NGFW 1000 Series Firewalls are targeted at small organizations, home offices, or branch offices. Appliances in this family offer improved value vs. corresponding Cisco ASA 5506-X to ASA 5525-X firewalls, delivering 4-6X faster firewall speed. Local management can be performed with Firepower Device Manager. These appliances feature a built-in 10/100/1000 Ethernet interface for network management, an RJ-45 console interface, a USB port, and 200 Gbytes of storage. Active/active and Active/standby high availability is supported as well as VPN load balancing. For more details, refer to Cisco Firepower 1000 Series NGFW firewalls consulting and management services.
Cisco Firepower 2100 Series NGFW Firewalls
Cisco's Firepower 2100 Series Next-Generation Firewalls are 1RU units designed for use at the Internet edge. Appliances in this series feature a dual multicore CPU architecture that allows them to offer 3-6X faster throughput than Cisco ASA 5545-X to ASA 5555-X models they are designed to succeed. Local management can be performed with Cisco Firepower Device Manager. All Firepower 2100 Series NGFW Firewalls incorporate 12 RJ45 interfaces and four SFP interfaces. These firewalls include one build-in 10M/100M/1GBASE-T Ethernet port for management, an RJ-45 console port, and one USB connection. Active/standby high availability is supported along with VPN load balancing. For additional specs, see Cisco Firepower 2100 Series Next-Generation firewalls consulting and management services.
Cisco Firepower 4100 Series Next-Generation Firewalls
Cisco's Firepower 4100 Series Next-Generation Firewalls are one-rack units designed for operation at high-performance data centers. Firewalls in this family deliver 5-10X faster throughput than the Cisco ASA 5585-X firewall they are engineered to succeed. Local management can be performed using Cisco Firepower Device Manager. All Firepower 4100 Series NGFW Firewalls have 8 built-in SFP+ interfaces and all accept a variety of add-in network modules for a maximum of 24 ports. All Firepower 4100 Series Next-Generation Firewalls offer VPN load balancing, high availability, and clustering of as many as six chassis. These firewalls feature an integrated 1Gb Ethernet interface for management, an RJ-45 console interface, and one USB connection. For additional details, visit Cisco Firepower 4100 Series Next-Generation firewalls consulting and management services.
Cisco Firepower 9300 Series Next-Generation Firewalls
Cisco's Firepower 9300 Series NGFW Firewalls are massively scalable and carrier-grade firewalls. The 3 Rack Units (3RU) chassis of Firepower 9300 Next-Generation Series firewalls accepts two network modules as well as three security modules. Fully loaded, the Firepower 9300 can hold 24 10-Gigabit SFP+ network interfaces or eight 100G interfaces. Intrachassis clustering of up to five chassis delivers up to 1.2 Tbps of firewall performance. The top-of-the-line Cisco Firepower 9300 SM-56 provides 70 Gbps firewall throughput and 27 Gbps IPsec VPN performance. The 9300 SM-56 allows 35 million simultaneous sessions, 490K new connections per second, and a maximum of 000 VPN peers.
Cisco's Firepower Services
Cisco's Firepower NGFW firewalls work with software or physical modules that support Cisco's Firepower Services, which offer layered defense against advanced threats. Firepower Services are powered by innovative technology acquired by Cisco from Sourcefire. Major capabilities of Firepower Services include:
- Multi-layer protection against familiar and new threats
- Advanced Malware Protection (AMP) that utilizes big data to find and remediate intrusions
- A Next-Generation Intrusion Prevention System (NGIPS) that performs contextual analysis that covers users, network infrastructure, software applications, and content to detect threats that use multiple approaches
- Fine-grained Application Visibility and Control that is familiar with thousands of applications and can automatically launch standard and customized IPS policies based on the degree of risk
Firepower Services for Next Generation firewalls provide multi-layered protection
Smaller deployments of Firepower Series security appliances can be effectively managed using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool included with all firewall models. ASDM includes an easy-to-use web console for deploying, administering, and debugging NGFW firewalls and service modules.
For more complex environments, Cisco's Next Gerneration appliances with Firepower Services can be administered using Cisco's Firepower Management Center, available as one or several physical or virtual devices. Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Because of ongoing rebranding since Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under several names including Cisco Defense Center, FireSIGHT Defense Center, and Cisco Firesight Management Center.
Firepower Management Center centralizes event and policy management for Firepower firewall appliances
Firepower Management Center appliance provides capabilities beyond those available with Cisco's on-device Adaptive Security Device Manager utility. Additional features include expanded context awareness, Cisco's Advanced Malware Protection (AMP) with remediation for user devices, a dashboard that provides dynamic network visualization, automated policy optimization based on risk assessment of attacks, comprehensive IPS, custom app detectors for Application Visibility and Control, customized health notifications, improved reporting features, and application interfaces for host input and databases. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be managed using either the on-box ASDM or the Firepower CLI.
Progent's Migration Consulting Services for Cisco Firepower Firewalls
Because Cisco has discontinued selling the PIX and ASA 5500 families of firewalls, many companies are uncomfortable with depending on a key security mechanism that may no longer be supported by Cisco. Firepower NGFW Series security appliances have the advantage of being current devices and also offer important functions and economic benefits in comparison to legacy firewalls. These advantages include substantially higher performance, optional Secure Sockets Layer tunneling capability, and a modular architecture that protects your investment by enabling you to self-install more security services when and if you require them. Progent's CCIE-certified experts can assist you to assess the business case for migrating from PIX 500 or Cisco ASA 5500 firewalls, create a migration process that allows for a quick and seamless upgrade, help you to configure new Firepower NGFW Series appliances, and provide remote training, consulting, and technical support services.
Additional Ways Progent Can Support Your Cisco Firewalls
Cisco Firepower NGFW Series security appliances provide an array of configuration, monitoring, and troubleshooting features that offer you the flexibility to configure these security appliances to align optimally with your company's needs. Progent's CCIE authorized network consultants can help you to build an efficient infrastructure that incorporates Cisco security appliances and that offers world-class security, resilience, performance, and recoverability. Progent's GISA and CISSP-ISSP-premier information security experts can assist your business to create a security strategy appropriate for your environment and can set up your PIX or ASA firewall to enforce your security strategy. Progent's security evaluation experts can evaluate the strength of your current firewall solution and audit the overall security of your entire information system environment. Progentís Help Desk support team can provide urgent online technical support for Cisco products and offer quick access to a Cisco CCIE expert.
Progent offers remote or on-premises support and can deliver as-needed expertise to help you resolve a challenging technical impasse or Progent can provide end-to-end project management and co-management support to ensure your network security initiative is completed on time and within budget.
To learn more details about Progent's professional support for Cisco technology, pick a subject:
Contact Progent for Cisco Firewall Solutions
To ask Progent about consulting help with Cisco Firepower NGFW firewalls, call 1-800-993-9400 or visit Contact Progent.