Cisco is a long-time leader in developing cutting-edge firewall appliances for the widest possible variety of deployments. Cisco's Firepower NGFWs Firewalls provide an advanced firewall solution that combines sophisticated hardware, cloud services, and machine learning to anticipate, discover, and mitigate threats without manual intervention. Progent's Cisco-certified CCIE-certified firewall consultants can assist your organization to plan and carry out an efficient migration to Cisco Firepower firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX appliances and help you integrate Firepower firewalls with Cisco's subscription-based security services to build and centrally control network environments that span branch offices, data centers, and cloud resources. Progent's firewall consultants can also assist you to manage and debug older-generation Cisco security appliances. Progent's certified network security consultants can help you with policy creation and tuning driven by industry best practices so you can build a consistent security profile that applies to all your devices anywhere.
Cisco's Firepower NGFW Firewalls
Cisco's Firepower NGFWs Firewalls provide a major performance improvement over Cisco's popular ASA 5500-X firewalls and offer unified management of advanced security features like application visibility and control (AVC), next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection (AMP), distributed denial of service (DDoS) mitigation, and multi-node sandboxing. For more information about Cisco's Firepower line of NGFWs Firewalls, visit Firepower firewalls consulting services.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X Series, ASA 5500, and PIX firewall appliances provide integrated firewall, IPsec VPN, and intrusion prevention system capabilities in single-box devices, delivering a broad range of features to match the security and compliance requirements of organizations from small businesses to enterprises and Internet service providers. Cisco's ASA 5500-X Series, ASA 5500, and PIX firewall appliances allow network security teams to defend their network perimeter and provide secure remote access while using powerful management tools built on Cisco's industry-leading firewall technology.
Cisco's ASA 5500 and PIX firewalls have arrived at end-of-life status but are still widely used in small and mid-size businesses as well as in some larger networks. Cisco's ASA 5500-X Series Next-Generation Firewalls deliver significantly more value and have supplanted Cisco's ASA 5500 and PIX 500 lines of firewalls for new installations. However, Cisco's older model firewalls, if carefully managed, continue to deliver a high degree of security by providing multiple features such as stateful firewall, IPsec VPN, and IPS.
Following Cisco's purchase of Sourcefire, the whole line of Cisco ASA 5500-X firewalls can be provisioned to enable Firepower Services, built on Sourcefire's Snort product, which is the market's most popular network intrusion protection system. Firepower services bring powerful new capabilities such as advanced malware protection (AMP), URL filtering, dynamic threat analytics, and automation.
Progent's Cisco CCIE-certified infrastructure engineers can assist your organization to maintain and troubleshoot legacy ASA 5500 Series and PIX firewall appliances and can also assist you to design and carry out a smooth upgrade to Cisco's ASA 5500-X Series firewalls with Firepower Services. Progent can also assist you to design, deploy, tune, administer and troubleshoot new firewall solutions based on Cisco's latest ASA 5500-X models with Firepower. Progent's firewall consultants can also assist you to upgrade from your Cisco ASA 5500-X deployment to Cisco's latest Firepower Next Generation Firewalls (NGFWs).
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive line of ASA 5500-X security appliances features an enhanced replacement for every rack-mountable model in the previous ASA 5500 line of firewalls. Each ASA 5500-X model targets the same environment as the corresponding previous models, which gives most plenty of room for selecting a solution that meets their security needs and budgets. All ASA 5500-X firewalls are based on Cisco's tested stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and support Cisco's powerful protection services. All models in Cisco's ASA 5500-X family deliver consistent protection across any combination of physical, virtual, and cloud environments.
For additional information about ASA 5500-X security appliances, Cisco Firepower services, and Progent's consulting for Cisco ASA firewalls, go to Firepower configuration and debugging consulting
Cisco's Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls accept either software or physical modules that support Cisco's Firepower Services, which provide layered defense against advanced attacks. Cisco's Firepower Services are based on innovative technology adopted by Cisco from Sourcefire. Key capabilities of Firepower Services for ASA security appliances include:
Simpler deployments of ASA firewalls can be efficiently administered using Cisco's on-box Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web tool included with all ASA 5500-X models. ASDM provides a convenient web console for configuring, managing, and debugging ASA 5500-X devices and service modules.
For multi-device and multi-site deployments, ASA 5500-X appliances with Firepower Services can be administered using Cisco's Firepower Management Center, implemented as one or more physical or virtual appliances. Cisco's Firepower Management Center provides centralized firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Advanced Malware Protection (AMP). Because of ongoing rebranding since Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been delivered under several names that include Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Cisco's Firepower Management Center offers capabilities beyond those available with Cisco's on-device ASDM tool. Extra features include greater context awareness, Advanced Malware Protection (AMP) with mitigation for client devices, a console that provides dynamic network infrastructure visualization, automated policy optimization driven by impact assessment of attacks, comprehensive IPS, custom app discovery for Application Visibility and Control (AVC), customized health notifications, improved reporting options, and application interfaces for host input and databases. Hardware-dependent options such as clustering, stacking, switching, routing, VPN, and NAT must be managed using the on-device ASDM or the ASA CLI.
Cisco ASA 5500 Series Firewalls
Cisco ASA Firewalls leverage engineering developed for the PIX 500 firewall, the Cisco IPS 4200 Intrusion Prevention System, and the VPN 3000 model concentrator. These solutions converge on the Cisco Adaptive Security Appliances (ASA) 5500 Series Firewall family to offer a firewall that defends against the widest range of threats. Cisco Adaptive Security Appliances (ASA) Firewalls deliver application protection, local containment and control, and safe Virtual Private Network functionality throughout Cisco's product line. This breadth of security enables defense of any network section, which includes the most typical attack conduits like remote locations, locally-connected inside users, and remote connected VPNs.
Cisco Adaptive Security Appliances (ASA) firewalls deliver a high-level of application protection via intelligent, application-sensitive inspection processes that analyze network flows at Layers 4-7. This results in a better protected environment covering Web, voice, and mobile wireless access. To protect against application-layer assaults and to offer stronger control over the applications and protocols utilized in their environments, these inspection engines integrate extensive application and protocol knowledge and rely on protection enforcement technologies that include protocol anomaly detection and state tracking. Also included are attack detection and remediation techniques including application and protocol command filtering and URL deobfuscation. Cisco ASA firewall inspection engines also deliver control over instant messaging and tunneling applications, enabling organizations to enforce usage policies and conserve bandwidth for important business applications.
For additional information about Progent's consulting services for Cisco's ASA 5500 security appliances, go to Cisco ASA 5500 series firewalls configuration and debugging services.
Cisco PIX Firewall Appliances
Built upon a hardened, specialized operating system that offers a wealth of protection services, PIX firewall appliances provide a high level of security and have received EAL 4 status and ICSA Firewall and IP Security qualification. PIX firewall appliances offer security for a broad array of VoIP and additional mixed-media standards such as H.323 v. 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), enabling businesses to protect deployments of a wide array of current and next-generation Voice over IP and mixed-media applications.
Administrators can furthermore remotely set up, monitor, and analyze Cisco PIX firewall appliances via a command-line interface. Secure CLI interface communication is possible through several techniques such as SSHv2 Protocol, Telnet through IPsec, and out-of-band through a console port. Cisco PIX firewall appliances also include robust automatic-update features, a set of advanced secure remote-administration options that ensure firewall configurations and software images are kept up to date.
For more information about Progent's support services for PIX security appliances, visit PIX 500 firewalls configuration and troubleshooting support.
Progent's Migration Consulting Services for Cisco Firewalls
Because Cisco has ceased offering the PIX and ASA 5500 product lines, many businesses are concerned about relying on a key security component that might no longer be supported by Cisco. Cisco ASA 5500-X and Firepower NGFW Series firewalls have the advantage of being new devices and also bring several functions and budgetary benefits in comparison to PIX 500 firewalls. These advantages include significantly higher throughput, optional SSL VPN support, and an expandable architecture that guards your investment by allowing you to add new security services when and if you require them. Progent's Cisco network engineers can help you to assess the strategic value of for moving from PIX 500 or ASA 5500 firewalls, design a migration process that allows for a fast and seamless changeover, assist you to deploy new ASA 5500-x or Firepower NGFW Series appliances, and offer remote training, consulting, and troubleshooting services.
Other Ways Progent Can Help Your Business with Cisco ASA and PIX Firewalls
Cisco's Firepower NGFW Series, ASA 5500 Series, and PIX family security appliances provide a wealth of configuration, tracking, and analysis features that give you the flexibility to deploy these firewalls to match your company's requirements. Progent's CCIE authorized network professionals can help you to configure and support an efficient infrastructure that includes Cisco firewall technology and that offers world-class protection, resilience, throughput, and manageability. Progent's CISA and CISM-premier IS security engineers can assist your business to develop a security strategy appropriate for your environment and can set up your firewall to support your security strategy. Progent's security evaluation consultants can evaluate the strength of your current firewall solution and audit the overall security of your whole information system network. Progent's Help Desk support team can provide emergency remote troubleshooting for Cisco technology and can give you fast access to a Cisco network engineer.
To find out more information about Progent's engineering support for Cisco products, pick a topic:
Integration of Cisco and Third-party Firewall Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
If you wish to contact Progent about engineering assistance for Cisco technology, phone