Cisco is a perennial leader in developing cutting-edge firewalls for the widest possible range of deployments. Cisco's Firepower Next Generation Firewalls represent a modern cybersecurity solution that marshals sophisticed hardware, cloud services, and machine learning to block, discover, and respond to cyber attacks without manual intervention. Progent's Cisco-certified CCIE-certified firewall consultants can help your organization to plan and carry out a smooth upgrade to Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and help you enhance Firepower appliances with Cisco's cloud-based services to build and centrally manage network environments that span branch offices, data centers, private clouds and public clouds. Progent's firewall consultants can also assist you to manage and debug older-generation Cisco firewalls. Progent's certified cybersecurity experts can assist you with policy creation driven by industry best practices in order to establish a consistent and effective cybersecurity profile that applies to all your endpoints at any location.
Cisco's Firepower Next Generation Firewall Appliances
Cisco's extensive line of Firepower NGFW firewall appliances delivers modern security and centralized management at prices, performance levels, and scale to fit environments ranging from telecommuters and small businesses to global enterprises and Internet service providers. Cisco's Firepower Next Generation Firewalls deliver a major performance boost compared to Cisco's older firewalls and offer centralized management of advanced security capabilities such as application visibility and control, next-generation intrusion protection (NGIPS) with intelligent prioritization of risks, advanced malware protection (AMP), DDoS mitigation, and sandboxing.
All Firepower NGFW firewalls have a single-pass design and permit uninterrupted inspection and retrospective detection, which allows the firewalls to initiate outbreak management and to pinpoint patient zero. Firepower Next-Generation firewalls also have the option of URL Filtering and sandboxing for finding elusive malware, behavioral indicators of compromise, and malware artifacts. Next-Generation IPS rule tuning and firewall policy creation are performed automatically, eliminating the need for manual intervention by cybersecurity specialists. All Firepower NGFW security appliances offer the option of using either Cisco Firepower Threat Defense or Cisco Adaptive Security Appliance software. Unified deployment, logging, system monitoring, and reporting capabilities can be controlled either via Cisco's Management Center or in the cloud with Defense Orchestrator.
Cisco Firepower 1000 Series Next-Generation Firewalls
Firepower Next-Generation 1000 Series Firewalls are intended for small businesses, telecommuters, or branches. Firewalls in this series deliver improved value vs. corresponding Cisco ASA 5506-X to ASA 5525-X models, providing 4-6X higher firewall throughput. Local management can be performed with Firepower Device Manager. 1000 Series firewalls feature an integrated 10/100/1000 RJ-45 Ethernet interface for network management, an RJ-45 console interface, a USB 3.0 Type-A interface, and 200 Gbytes of storage. High availability is provided as well as VPN load balancing. For additional details, refer to Cisco Firepower 1000 Series Next-Generation firewalls consulting and management services.
Cisco Firepower 2100 Series Next-Generation Firewalls
Cisco's Firepower 2100 Series Next-Generation Firewalls are 1RU appliances intended for use at the Internet edge. Devices in this family feature a dual multicore CPU design that enables them to deliver 3-6X faster throughput than Cisco ASA 5545-X to ASA 5555-X models they are engineered to replace. Onsite management can be done with Firepower Device Manager. All Firepower 2100 Series NGFW Firewalls include 12 RJ45 interfaces and four SFP ports. These firewalls include one build-in 10/100/1000 RJ-45 Ethernet port for network management, an RJ-45 console interface, and one USB interface. High availability is supported along with virtual private network load balancing. For more specs, see Cisco Firepower 2100 Series Next-Generation firewalls consulting and troubleshooting expertise.
Cisco Firepower 4100 Series NGFW Firewalls
Cisco's Firepower 4100 Series NGFW Firewalls are single-rack units intended for operation at the Internet edge or high-performance data centers. Devices in this family offer 5-10X faster throughput than the Cisco ASA 5585-X device they are engineered to succeed. Local management can be done with Cisco Firepower Device Manager. All Firepower 4100 Series NGFW Firewalls include 8 built-in SFP+ ports and all accept a selection of plug-in network modules for up to 24 ports. All Firepower 4100 Series NGFW Firewalls support virtual private network load balancing, high availability, and clustering of up to six chassis. These devices include an integrated 1 Gigabit Ethernet port for network management, one RJ-45 console interface, and one USB port. For more specs, see Cisco Firepower 4100 Series Next-Generation firewalls consulting and troubleshooting expertise.
Cisco Firepower 9300 Series NGFW Firewalls
Cisco's Firepower 9300 Series Next-Generation Firewalls are massively scalable and ultra-high performing firewalls. The 3RU enclosure of Firepower 9300 Next-Generation Series firewalls accepts two add-in network modules as well as three security modules. Altogether, the Firepower 9300 can support 24 10G Ethernet Enhanced Small Form-Factor Pluggable interfaces or eight 100G connections. Clustering of up to 5 chassis allows a total 1.2 Tbps of firewall performance. The top-of-the-line Cisco Firepower 9300 SM-56 delivers 70 Gbps firewall throughput and 27 Gbps IPsec VPN throughput. The unit allows 35 million simultaneous sessions, 490K new connections per second, and up to 20K VPN peers.
Cisco's Firepower Series firewalls work with software or hardware modules that enable Firepower Services, which provide layered defense against advanced attacks. Cisco's Firepower Services are powered by innovative technology acquired by Cisco from Sourcefire. Major capabilities of Firepower Services include:
- Multi-layer protection against familiar and zero-day threats
- Cisco's Advanced Malware Protection that uses big data to find and mitigate security breaches
- Cisco's Next-Generation Intrusion Prevention System that performs contextual analysis that looks at clients, network infrastructure, apps, and content to detect attacks that use multiple vectors
- Fine-grained Application Visibility and Control (AVC that is aware of thousands of apps and can automatically launch both standard and customized IPS policies based on the severity of risk
Firepower Services for NGFW firewalls offer multi-layered security
Smaller implementations of Firepower NGFW firewalls can be efficiently administered via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility provided with all NGFW firewall models. ASDM provides a simple web dashboard for configuring, managing, and troubleshooting NGFW devices and service modules.
For more complex deployments, NGFW appliances with Firepower Services can be managed using Cisco's Firepower Management Center, implemented as one or more physical units or virtual appliances. Cisco's Firepower Management Center offers centralized firewall management, Application Visibility and Control, advanced IPS, URL filtering, and Advanced Malware Protection. Because of ongoing rebranding since Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under several names that include Cisco Defense Center, FireSIGHT Defense Center, and FireSIGHT Management Center.
Cisco Firepower Management Center unifies event and policy control for Cisco Firepower firewalls
Firepower Management Center appliance offers capabilities beyond those available with Cisco's on-box ASDM utility. Extra features include greater context awareness, Advanced Malware Protection with remediation for client devices, a console that provides dynamic network visualization, automated policy tuning driven by risk evaluation of attacks, comprehensive IPS, custom app discovery for Application Visibility and Control (AVC), customized health notifications, enhanced reporting features, and application interfaces for host input and databases. Hardware-dependent options such as clustering, stacking, switching, routing, VPN, and NAT must be managed via the on-box ASDM or the Firepower CLI.
Progent's Migration Support for Cisco Next Generation Firewalls
Since Cisco has stopped selling the PIX and ASA 5500 product lines, many companies are uncomfortable with relying on a critical security mechanism that may stop being supported by Cisco. Firepower Series security appliances offer the benefit of being current devices and also offer multiple functions and economic benefits in comparison to legacy firewalls. These advantages include significantly better throughput, optional Secure Sockets Layer tunneling support, and a modular design that protects your investment by allowing you to self-install new security services when and if you need them. Progent's Cisco certified experts can help you to determine the strategic value of for migrating from PIX 500 or Cisco ASA 5500 security appliances, design a migration process that permits a quick and non-disruptive changeover, assist your IT staff to configure new Firepower Series firewalls, and offer remote training, consulting, and technical support services.
Other Ways Progent Can Support Your Cisco Firewalls
Cisco's Firepower NGFW Series firewalls provide a wealth of setup, monitoring, and analysis features that offer you the flexibility to configure these firewalls to align optimally with your company's needs. Progent's CCIE authorized network experts can show you how to configure and support a cost-effective infrastructure that includes Cisco firewalls and that provides advanced security, fault tolerance, throughput, and manageability. Progent's GISA and CISM-certified IS security professionals can help your business to develop a security strategy that makes sense for your environment and can set up your security appliance to enforce your security strategy. Progent's security assessment experts can assess the strength of your current firewall deployment and audit the security of your whole information system network. Progentís Help Desk Call Center can deliver urgent remote troubleshooting for Cisco products and offer fast access to a Cisco CCIE network engineer.
Progent can provide online or on-premises consulting services and is available for as-needed guidance to help your organization resolve a stubborn technical bottleneck or Progent can provide end-to-end project management and co-management support to ensure your firewall initiative is performed on time and on budget.
To learn additional information about Progent's consulting help for Cisco technology, select a subject:
Contact Progent for Cisco Firewall Solutions
To ask Progent about consulting help with Cisco Firepower NGFW firewalls, call 1-800-993-9400 or visit Contact Progent.