Cisco is a perennial front-runner in delivering cutting-edge firewalls for the broadest possible variety of environments. Cisco's Firepower NGFWs Firewalls represent an advanced cybersecurity platform that combines sophisticed hardware, cloud services, and machine learning to anticipate, discover, and mitigate threats automatically. Progent's Cisco-certified CCIE-certified firewall consultants can help your organization to plan and carry out a smooth migration to Cisco Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX appliances and help you enhance Firepower appliances with Cisco's subscription-based security services to create and centrally manage IT ecosystems that encompass branch offices, data centers, and cloud resources. Progent can also help you to manage and debug older-generation Cisco security appliances. Progent's certified cybersecurity experts can help you with policy creation driven by industry best practices in order to build a consistent cybersecurity posture that applies to all your devices at any location.
Cisco's Firepower NGFW Firewall Appliances
Cisco's comprehensive portfolio of Firepower Next-Generation firewalls offers modern security and centralized control at prices, speed, and expandability to fit environments ranging from telecommuters and small organizations to major enterprises and Internet service providers. Cisco's Firepower Next Generation Firewalls deliver a major performance improvement over Cisco's older firewalls and offer centralized control of advanced cybersecurity capabilities like application visibility, next-generation intrusion protection (NGIPS) with intelligent prioritization of risks, advanced malware protection (AMP), URL filtering, and multi-node sandboxing.
All Firepower Next-Generation firewalls incorporate a one-pass architecture and support uninterrupted inspection and retrospective detection, which makes it possible to provide outbreak controls and to uncover root causes. Firepower NGFW firewalls also have the option of URL Filtering and subscription-free sandboxing for detecting evasive and sandbox-aware malware, IoCs, and malware artifacts. Next-Generation IPS rule tuning and network firewall policy creation are performed automatically, eliminating the need for time-consuming intervention by IT security experts. All Firepower NGFW firewalls offer the choice of running either Firepower Threat Defense (FTD) or Cisco Adaptive Security Appliance (ASA) software. Unified deployment, logging, monitoring, and reporting capabilities can be controlled either via Management Center or in the cloud with Cisco Defense Orchestrator.
Cisco Firepower 1000 Series NGFW Firewalls
Firepower Next-Generation 1000 Series Firewalls are intended for small businesses, telecommuters, or branches. Firewalls in this series offer improved value vs. corresponding Cisco ASA 5506-X to ASA 5525-X models, delivering 4-6X higher firewall throughput. Local management can be performed with Firepower Device Manager. These appliances include a built-in 10/100/1000 Ethernet port for network management, an RJ-45 console port, a USB interface, and 200 GB of storage. Active/active and Active/standby high availability is supported as well as VPN load balancing. For additional details, visit Cisco Firepower 1000 Series Next-Generation firewalls consulting and management services.
Cisco Firepower 2100 Series NGFW Firewalls
Cisco's Firepower 2100 Series Next-Generation Firewalls are one-rack units intended for operation at the data center. Devices in this line feature a dual multicore processor architecture that allows them to offer 3-6X higher throughput than Cisco ASA 5545-X to ASA 5555-X firewalls they are engineered to succeed. Onsite management can be performed using Firepower Device Manager. All Firepower 2100 Series NGFW Firewalls include 12 RJ45 interfaces and four SFP ports. These firewalls include one build-in 10M/100M/1GBASE-T RJ-45 Ethernet interface for network management, an RJ-45 console port, and one USB 2.0 Type-A interface. High availability is supported as well as virtual private network load balancing. For more specs, visit Cisco Firepower 2100 Series NGFW firewalls consulting and management services.
Cisco Firepower 4100 Series NGFW Firewalls
Cisco's Firepower 4100 Series Next-Generation Firewalls are one-rack units intended for deployment at high-performance data centers. Firewalls in this family deliver 5-10X higher throughput than the Cisco ASA 5585-X firewall they are engineered to replace. Local management can be done with Firepower Device Manager. All Firepower 4100 Series Next-Generation Firewalls include 8 integrated SFP+ interfaces and all accept a variety of plug-in network modules for a maximum of 24 interfaces. All Firepower 4100 Series Next-Generation Firewalls offer VPN load balancing, high availability, and clustering of as many as six chassis. These security appliances feature a built-in 1Gb Ethernet interface for management, an RJ-45 console port, and one USB 2.0 port. For more details, visit Cisco Firepower 4100 Series Next-Generation firewalls consulting and management expertise.
Cisco Firepower 9300 Series NGFW Firewalls
Cisco's Firepower 9300 Series NGFW Firewalls are massively scalable and ultra-high performing firewalls. The 3 Rack Units (3RU) enclosure of Firepower 9300 Next-Generation Series firewalls accepts two add-in network modules as well as three security modules. Fully loaded, the Firepower 9300 can hold 24 10-Gigabit Ethernet Enhanced Small Form-Factor Pluggable ports or eight 100G interfaces. Intrachassis clustering of up to five chassis allows a total 1.2 Tbps of firewall throughput. The top-of-the-line Cisco Firepower 9300 SM-56 provides 70 Gbps firewall performance and 27 Gbps IPsec VPN throughput. The unit allows 35 million simultaneous sessions, 490K new connections per second, and a maximum of 20 VPN peers.
Cisco's Firepower NGFW security appliances work with software or physical modules that enable Cisco's Firepower Services, which provide layered protection against advanced threats. Cisco's Firepower Services are based on technology adopted by Cisco from Sourcefire. Major capabilities of Firepower Services include:
- Multi-layer defense against both familiar and zero-day attacks
- Advanced Malware Protection that utilizes big data techniques to find and mitigate security breaches
- Cisco's Next-Generation Intrusion Prevention System (NGIPS) that performs contextual analysis that looks at users, network infrastructure, software applications, and content to discover threats that incorporate simultaneous vectors
- High-resolution Application Visibility and Control that is aware of thousands of apps and can automatically activate standard and custom IPS policies depending on the degree of threats
Firepower Services for NGFW firewalls provide multi-layered threat protection
Simpler implementations of Firepower Next Generation firewalls can be effectively managed using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool included with all NGFW firewall versions. ASDM provides a simple web console for configuring, managing, and debugging NGFW devices and modules.
For multi-device and multi-site deployments, NGFW firewalls with Firepower Services can be administered using Firepower Management Center, available as one or more physical or virtual devices. Cisco's Firepower Management Center offers centralized firewall management, Application Visibility and Control, advanced IPS, URL filtering, and Advanced Malware Protection. Because of ongoing rebranding after Cisco's purchase of Sourcefire Defense Center, Firepower Management Center has been delivered under various names including Cisco Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Firepower Management Center centralizes event and policy control for Cisco Firepower firewall appliances
Cisco's Firepower Management Center appliance provides features beyond those available with Cisco's on-box Adaptive Security Device Manager tool. Extra features include greater context awareness, Cisco's Advanced Malware Protection with remediation for user devices, a dashboard that provides real-time infrastructure visualization, automated policy tuning driven by risk evaluation of threats, comprehensive IPS, custom application discovery for Application Visibility and Control, customized health notifications, enhanced reporting options, and application interfaces for host input and databases. Hardware-dependent options such as clustering, stacking, switching, routing, VPN, and NAT must be managed using Cisco's on-device ASDM or the Firepower CLI.
Progent's Migration Consulting for Cisco Firepower Firewalls
Because Cisco has ceased selling the PIX 500 and ASA 5500 families of firewalls, many businesses are uncomfortable with relying on a key security component that might stop being supported. Firepower NGFW Series firewalls offer the benefit of being current products and also bring important functions and economic advantages in comparison to legacy firewalls. These advantages include significantly better throughput, optional SSL tunneling capability, and an expandable architecture that guards your investment by allowing you to add more security services when and if you require them. Progent's CCIE-certified experts can help your company to assess the business value of for upgrading from PIX 500 or Cisco ASA 5500 firewalls, create a migration process that permits a quick and non-disruptive changeover, help your IT staff to deploy new Firepower Series firewalls, and offer online, consulting, and technical support services.
Other Ways Progent Can Support Your Cisco Firewalls
Cisco's Firepower NGFW Series firewalls provide a wealth of configuration, tracking, and analysis options which offer you the ability to set up these firewalls to match your business needs. Progent's CCIE authorized network professionals can assist you to design a cost-effective network infrastructure that incorporates Cisco firewall technology and that provides world-class protection, fault tolerance, throughput, and manageability. Progent's GISA and CISM-premier information security engineers can help you to develop a security policy that makes sense for your environment and can configure your PIX or ASA firewall to support your security policies. Progent's security evaluation consultants can evaluate the effectiveness of your current firewall solution and help determine the security of your whole IS network. Progentís Help Desk support team can provide urgent online troubleshooting for Cisco products and offer quick access to a Cisco expert.
Progent offers remote or on-premises consulting services and can deliver as-needed expertise to help you resolve a challenging IT bottleneck or Progent offers comprehensive project management and co-management services to make sure your network security initiative is performed on schedule and within budget.
To learn additional information about Progent's consulting help for Cisco solutions, pick a topic:
Contact Progent for Cisco Firewall Solutions
To ask Progent about consulting help with Cisco Firepower NGFW firewalls, call 1-800-993-9400 or visit Contact Progent.