Cisco is a perennial front-runner in developing state-of-the-art firewalls for the broadest possible variety of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) provide an advanced cybersecurity platform that marshals sophisticated hardware, cloud-based services, and machine learning to block, identify, and respond to threats without manual intervention. Progent's Cisco-certified CCIE firewall experts can help your organization to design and execute a smooth migration to Firepower firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX appliances and show you how to integrate Firepower firewalls with Cisco's cloud-based services to create and centrally control network ecosystems that include local offices, data centers, private clouds and public clouds. Progent's firewall consultants can also assist you to maintain and debug older-generation Cisco security appliances. Progent's certified cybersecurity experts can help you with policy creation and tuning driven by leading best practices in order to build a consistent cybersecurity posture that applies to all your endpoints anywhere.
Cisco's Firepower NGFW Firewalls
Cisco's Firepower NGFWs Firewalls provide a significant performance boost over Cisco's previous-generation ASA 5500-X security appliances and include centralized management and automation of modern cybersecurity capabilities such as application visibility, next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection (AMP), distributed denial of service (DDoS) mitigation, and sandboxing. For more information about Cisco's Firepower family of Next Generation Firewalls (NGFWs), visit Cisco Firepower Series firewalls consulting services.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500, and PIX 500 firewalls provide integrated firewall, IPsec VPN, and intrusion prevention system services in compact single-box devices, delivering a broad range of features to match the security requirements of companies ranging from small businesses to enterprises and ISPs. Cisco's ASA 5500-X Series, ASA 5500, and PIX 500 firewall appliances enable IT security staffs to protect their network edge and provide secure remote access while utilizing advanced administration tools based on Cisco's industry-leading firewall products.
Cisco's ASA 5500 Series and PIX 500 firewall appliances have reached end-of-life (EOL) but are still commonly used in smaller organizations and in a few enterprise data centers. The ASA 5500-X Next-Generation Firewalls represent substantially more bang for the buck and have supplanted the ASA 5500 and PIX 500 lines of firewalls for new installations. Still, Cisco's older model firewall appliances, if carefully managed, can offer a high degree of protection by supplying multiple services including stateful firewall, Virtual Private Network (VPN) connections, and IPS.
After Cisco's purchase of Sourcefire, the entire family of ASA 5500-X firewalls can be provisioned to enable Firepower Services, based on Sourcefire's Snort product, which is the world's most deployed intrusion protection system (IPS). Firepower services bring enhanced features such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-premier infrastructure consultants can help you to maintain and troubleshoot legacy ASA 5500 Series and PIX 500 firewall appliances and can also help you to plan and carry out an efficient upgrade to Cisco's ASA 5500-X Series firewalls with Firepower Services. Progent can also assist you to design, configure, optimize, manage and troubleshoot new firewall ecosystems based on Cisco's latest ASA 5500-X models with Firepower Services. Progent's firewall consultants can also assist you to upgrade from your Cisco ASA 5500-X Series deployment to Cisco's latest Firepower Next Generation Firewalls (NGFWs).
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive line of ASA 5500-X firewalls features an enhanced replacement for every rack-mountable unit in the previous ASA 5500 generation of devices. Each ASA 5500-X model is suited for the identical market as the associated earlier models, which offers most ample choice for selecting a solution that meets their security requirements and IT budgets. All ASA 5500-X firewalls are based on Cisco's tested stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore CPUs and are capable of running Cisco's advanced protection services. All models in Cisco's ASA 5500-X product line provide dependable protection across any combination of physical, virtual, and cloud deployments.
For more details about Cisco's ASA 5500-X firewalls, Cisco Firepower services, and Progent's consulting for Cisco ASA 5500-X firewalls, visit Firepower configuration and debugging expertise
Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X firewalls work with software or physical modules that enable Firepower Services, which provide layered defense against multi-vector attacks. Firepower Services are based on technology adopted by Cisco from Sourcefire. Major capabilities of Firepower Services for ASA firewalls include:
Simpler implementations of Cisco ASA 5500-X firewalls can be efficiently administered via Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool which is provided with all ASA 5500-X versions. ASDM includes a simple web console for configuring, administering, and troubleshooting ASA 5500-X firewalls and modules.
For multi-device and multi-site environments, ASA 5500-X firewalls with Firepower can be administered with Cisco's Firepower Management Center, available as one or more physical or virtual devices. Firepower Management Center provides centralized firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Advanced Malware Protection (AMP). Because of frequent rebranding after Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been delivered under several names including Cisco Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Firepower Management Center offers features unavailable with Cisco's on-box ASDM utility. Additional capabilities include greater context awareness, Cisco's Advanced Malware Protection with mitigation for user devices, a console that offers real-time infrastructure visualization, automated policy tuning based on impact evaluation of attacks, comprehensive IPS, custom application detectors for Application Visibility and Control (AVC), customized health notifications, enhanced reporting options, and application interfaces for host input and databases. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be handled using either Cisco's ASA 5500-X on-device ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Series Firewalls
Cisco ASA 5500 Series Firewalls build on engineering developed for the Cisco PIX 500 family Security Appliance, the IPS 4200 family sensor, and Cisco's VPN 3000 family concentrator. These solutions enable the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall product line to deliver a platform that stops the broadest range of threats. Cisco ASA 5500 Series Firewalls deliver program protection, local containment, and clean VPN functionality throughout the entire product line. This breadth of protection enables defense of any network section, which includes the most typical attack conduits like remote locations, LAN-attached internal users, and remote connected Virtual Private Networks.
Cisco Adaptive Security Appliances 5500 Series firewalls deliver robust application security through intelligent, application-sensitive inspection processes that analyze network flows at Layers 4-7. This results in a safer environment covering Web, voice, and mobile wireless connectivity. To protect networks against application-layer attacks and to provide better control over the applications and protocols used in their networks, Cisco's inspection engines integrate broad application and protocol knowledgebases and employ protection enforcement technologies that include anomaly detection and state tracking. Also incorporated are assault sensing and mitigation techniques including application and protocol command filters and content verification. Cisco Adaptive Security Appliances 5500 Series firewall inspection engines also provide management of instant messaging and tunneling applications, allowing businesses to enforce usage policies and recover bandwidth for vital business applications.
For additional information about Progent's support services for ASA 5500 firewalls, see Cisco ASA 5500 firewalls configuration and debugging services.
Cisco PIX Security Appliance Series
Based upon a tested, specialized software platform that delivers rich protection services, Cisco PIX firewall appliances provide excellent security and have been awarded EAL 4 status and ICSA Firewall and IPsec certification. PIX firewalls provide protection for a broad range of Voice over IP and additional multimedia standards such as H.323 Version 4, SIP, Cisco Skinny Client Control Protocol, RTSP, and MGCP, helping businesses to safeguard deployments of a broad range of current and upcoming Voice over IP and multimedia applications.
IT managers can also remotely set up, monitor, and troubleshoot PIX security appliances using a command-line interface. Secure command-line interface (CLI) access is available through several methods including SSHv2 Protocol, Telnet through IPsec, and out-of-band through a console port. PIX firewall appliances also include robust auto-update capabilities, a set of revolutionary protected remote-administration services that make sure that firewall settings and software images are always current.
For additional details about Progent's consulting services for PIX 500 security appliances, see Cisco PIX firewalls configuration and troubleshooting services.
Progent's Migration Support for Cisco Firewalls
Because Cisco has discontinued selling the PIX 500 and ASA 5500 families of firewalls, many companies are concerned about depending on a key infrastructure mechanism that might no longer be supported. Cisco ASA 5500-X and Firepower Series firewalls offer the benefit of being new devices and also bring several functions and economic advantages in comparison to PIX firewalls. These advantages include significantly better performance, optional SSL tunneling support, and an expandable design that protects your investment by enabling you to self-install more security features whenever you need them. Progent's CCIE-certified experts can help your company to determine the strategic case for migrating from PIX 500 or Cisco ASA 5500 firewalls, create a migration process that permits a quick and non-disruptive changeover, assist your IT staff to install new ASA 5500-x or Firepower NGFW Series firewalls, and provide online, consulting, and troubleshooting services.
Additional Ways Progent Can Help Your Business with Cisco ASA and PIX Security Appliances
Cisco's Firepower NGFW Series, ASA Series, and PIX family security appliances provide an array of configuration, monitoring, and analysis features that offer you the ability to set up these firewalls to align optimally with your business requirements. Progent's CCIE authorized network experts can help you to design a cost-effective network infrastructure that includes Cisco firewall technology and that provides advanced security, fault tolerance, performance, and manageability. Progent's CISA and CISM-premier IS security consultants can assist your business to create a security policy that makes sense for your environment and can configure your firewall to enforce your security policies. Progent's security assessment consultants can assess the strength of your current firewall deployment and audit the overall security of your whole IT environment. Progent's Help Desk Call Center can provide urgent remote troubleshooting for Cisco technology and offer quick access to a Cisco network engineer.
For additional details concerning Progent's engineering support for Cisco networking products, select a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
In order to ask Progent about technical expertise for Cisco products, phone