Cisco is a perennial leader in delivering cutting-edge firewall appliances for the widest possible variety of environments. Cisco's Firepower Next Generation Firewalls represent a modern cybersecurity solution that marshals dedicated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to block, discover, and mitigate threats without manual intervention. Progent's Cisco-certified CCIE-certified firewall experts can help you to plan and execute a smooth migration to Cisco Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX firewalls and help you integrate Firepower appliances with Cisco's cloud-based services to build and centrally control IT environments that include branch offices, data centers, and cloud resources. Progent's firewall consultants can also assist you to manage and debug older-generation Cisco firewalls. Progent's certified network security consultants can help you with policy creation and tuning driven by industry best practices so you can establish a consistent cybersecurity posture across all your networked endpoints anywhere.
Cisco's Firepower NGFW Firewalls
Cisco's Firepower NGFWs Firewalls deliver a significant performance boost over Cisco's previous-generation ASA 5500-X firewalls and include centralized management of modern cybersecurity capabilities like application visibility and control (AVC), next-generation intrusion protection (NGIPS) with intelligent prioritization of risks, advanced malware protection, DDoS mitigation, and sandboxing. For more information about Cisco's Firepower line of Next Generation Firewalls, refer to Firepower Series firewalls integration experts.
Cisco's ASA 5500-X Series and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500 Series, and PIX 500 firewall appliances provide integrated firewall, IPsec VPN, and IPS capabilities in single-box packages, delivering a broad range of features to meet the security and compliance needs of companies ranging from small and mid-size businesses to enterprises and ISPs. Cisco's ASA 5500-X, ASA 5500 Series, and PIX firewall appliances allow IT security staffs to defend their network perimeter and offer secure offsite and mobile connectivity while utilizing powerful administration mechanisms built on Cisco's industry-leading firewall products.
Cisco's ASA 5500 Series and PIX firewall appliances have reached end-of-life (EOL) status but are still commonly used in small and mid-size organizations and in some larger data centers. The ASA 5500-X Next-Generation Firewalls deliver significantly more value and have supplanted Cisco's ASA 5500 and PIX 500 families of firewalls for new installations. Still, Cisco's older model firewalls, if properly managed, can offer a high degree of security by providing a variety of security functions such as stateful firewall, VPN, and IPS.
Since Cisco's acquisition of Sourcefire, the whole family of Cisco ASA 5500-X devices can be provisioned to enable Firepower Services, based on Sourcefire's Snort technology, which is the world's most deployed network intrusion protection system (IPS). Firepower services provide enhanced capabilities including advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-certified network consultants can help you to maintain and debug older ASA 5500 and PIX firewall appliances and can also assist you to design and implement a smooth upgrade to Cisco's ASA 5500-X Series firewalls with Firepower Services. Progent can also assist you to design, integrate, tune, manage and troubleshoot new firewall ecosystems based on Cisco's current ASA 5500-X models with Firepower. Progent's firewall consultants can also assist your organization to migrate from your Cisco ASA 5500-X Series deployment to Cisco's latest Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's extensive line of ASA 5500-X security appliances includes an improved substitute for every rack-mountable unit in the previous ASA 5500 series of firewalls. Each ASA 5500-X firewall targets the same market as the corresponding earlier models, which gives most ample room for selecting a firewall that aligns with their security needs and budgets. All ASA 5500-X products are based on Cisco's proven stateful-inspection firewall technology and all include 64-bit hardware with multicore processors and are capable of running Cisco's advanced protection services. All devices in Cisco's ASA 5500-X product line deliver dependable security across any mix of physical, virtual, and cloud environments.
For additional details about Cisco's ASA 5500-X security appliances, Cisco Firepower services, and Progent's support for Cisco ASA firewalls, go to Cisco Firepower configuration and debugging expertise
Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X security appliances work with software or physical modules that enable Firepower Services, which provide layered defense against advanced attacks. Firepower Services are based on innovative technology acquired by Cisco from Sourcefire. Major features of Firepower Services for ASA firewalls include:
Smaller deployments of ASA 5500-X firewalls can be effectively administered via Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based tool provided with all ASA 5500-X models. ASDM provides a simple web dashboard for configuring, managing, and troubleshooting ASA 5500-X firewalls and service modules.
For multi-device and multi-site deployments, ASA 5500-X appliances with Firepower can be managed using Firepower Management Center, available as one or several physical or virtual devices. Firepower Management Center offers centralized firewall management, Application Visibility and Control (AVC, advanced IPS, URL filtering, and Cisco's Advanced Malware Protection (AMP). Due to frequent rebranding after Cisco's purchase of Sourcefire Defense Center, Firepower Management Center has been delivered under several names that include Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Cisco's Firepower Management Center offers capabilities unavailable with Cisco's on-box ASDM utility. Additional capabilities include greater context awareness, Advanced Malware Protection (AMP) with remediation for user devices, a console that offers real-time infrastructure visualization, automated policy optimization driven by impact evaluation of threats, comprehensive IPS, custom application detectors for Application Visibility and Control, customized health notifications, enhanced reporting features, and APIs for host input and databases. Hardware-dependent capabilities like clustering, stacking, switching, routing, VPN, and NAT must be managed via the on-device ASDM or the ASA CLI.
Cisco ASA 5500 Family of Firewalls
Cisco ASA Firewalls build on technology developed for Cisco's PIX 500 Series Security Appliance, Cisco's IPS 4200 Series sensor, and the VPN 3000 Series concentrator. These solutions enable the Cisco ASA 5500 Series Firewall product line to offer a firewall that defends against the broadest range of attacks. Cisco Adaptive Security Appliances Firewalls provide program protection, network containment and control, and clean VPN functionality across Cisco's product line. This breadth of protection enables the guarding of any network area, including the most common threat vectors such as remote locations, LAN-connected internal users, and off-site access Virtual Private Networks.
Cisco Adaptive Security Appliances (ASA) firewalls provide a high-level of application protection via smart, application-sensitive inspection processes that examine traffic at Layers 4-7. This produces a better protected environment covering Web, voice, and mobile wireless access. To defend networks against application-layer assaults and to provide stronger policing of the applications and protocols used in their environments, Cisco's inspection engines integrate broad application and protocol knowledge and rely on protection enforcement solutions that include protocol anomaly detection and state monitoring. Also incorporated are attack sensing and mitigation technology including application/protocol command filters and content verification. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide control over instant messaging and peer-to-peer file sharing, allowing organizations to enforce usage policies and recover bandwidth for critical business applications.
For additional details about Progent's consulting services for Cisco's ASA 5500 security appliances, go to ASA 5500 firewalls configuration and debugging consulting.
Cisco PIX Security Appliance Series
Built around a hardened, purpose-built OS that delivers rich security services, PIX firewall appliances provide excellent security and have been awarded Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IP Security (IPsec) qualification. Cisco PIX firewall appliances offer protection for a wide array of Voice over IP and additional mixed-media standards including H.323 v. 4, SIP, Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), enabling organizations to protect deployments of a wide array of current and next-generation VoIP and multimedia applications.
IT managers can also remotely set up, track, and analyze Cisco PIX firewall appliances using a CLI interface. Safe command-line interface (CLI) communication is available through a number of techniques such as Secure Shell Protocol, Telnet over IP Security, and out-of-band via a console port. Cisco PIX firewalls also include dependable auto-update capabilities, a set of advanced protected remote-administration options that ensure security configurations and software images are kept up to date.
For additional information about Progent's consulting services for PIX firewalls, go to Cisco PIX 500 firewalls integration and troubleshooting support.
Progent's Migration Consulting Support for Cisco Firewalls
Because Cisco has stopped selling the PIX 500 and ASA 5500 families of firewalls, many companies are uncomfortable with relying on a key security mechanism that may stop being supported by Cisco. ASA 5500-X and Firepower NGFW Series firewalls have the advantage of being current devices and also bring several functions and financial advantages in comparison to PIX devices. These advantages include substantially higher throughput, optional SSL VPN support, and an expandable architecture that protects your investment by allowing you to self-install more security features whenever you require them. Progent's Cisco experts can help you to determine the strategic case for moving from PIX or Cisco ASA 5500 security appliances, design a migration plan that permits a fast and non-disruptive upgrade, assist you to configure new ASA 5500-x Series or Firepower Series appliances, and provide online, consulting, and technical support services.
Additional Ways Progent Can Help Your Business with Cisco ASA and PIX Security Appliances
Cisco Firepower Series, ASA 5500 Series, and PIX family security appliances incorporate an array of setup, tracking, and analysis features that offer you the ability to deploy these firewalls to align optimally with your business requirements. Progent's CCIE authorized network consultants can help you to design an efficient infrastructure that incorporates Cisco firewalls and that provides world-class security, fault tolerance, performance, and recoverability. Progent's GISA and CISM-premier IS security experts can assist your business to develop a security policy that makes sense for your business and can set up your firewall to support your security policies. Progent's risk assessment engineers can assess the strength of your existing firewall solution and help determine the overall security of your entire IS network. Progent's Technical Response Center can deliver emergency online troubleshooting for Cisco technology and can give you fast access to a Cisco CCIE network engineer.
For additional information about Progent's professional support for Cisco solutions, pick a subject:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
To get in touch with Progent about technical help for Cisco products, call