Cisco is a long-time leader in delivering cutting-edge firewalls for the broadest possible range of deployments. Cisco's Firepower Next Generation Firewalls provide a modern firewall platform that combines sophisticated hardware, cloud services, and next-generation intrusion protection system (NGIPS) to block, discover, and respond to cyber attacks automatically. Progent's Cisco-certified CCIE firewall consultants can help you to plan and carry out a smooth upgrade to Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and help you enhance Firepower firewalls with Cisco's cloud-based services to create and centrally control IT ecosystems that include local offices, data centers, private clouds and public clouds. Progent's firewall consultants can also help you to manage and troubleshoot older-generation Cisco firewalls. Progent's certified cybersecurity experts can help you with policy creation and tuning based on industry best practices in order to build a consistent and effective cybersecurity posture across all your networked devices anywhere.
Cisco's Firepower Next Generation Firewalls
Cisco's Firepower NGFWs Firewalls deliver a major performance improvement over Cisco's popular ASA 5500-X security appliances and include unified control of modern security capabilities such as application visibility and control, next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection, URL filtering, and sandboxing. For more information about Cisco's Firepower portfolio of Next Generation Firewalls, visit Firepower Series firewalls integration services.
Cisco's ASA 5500-X Series and Legacy Firewalls
Cisco’s ASA 5500-X, ASA 5500, and PIX 500 firewall appliances offer combined firewall, VPN, and intrusion prevention system services in compact single-box packages, delivering a wide array of features to meet the security and compliance requirements of organizations from small and mid-size businesses to enterprises and Internet service providers. Cisco’s ASA 5500-X, ASA 5500 Series, and PIX 500 firewalls allow IT security teams to defend their network edge and offer safe remote access while using powerful management tools based on Cisco's industry-leading firewall products.
Cisco’s ASA 5500 and PIX 500 firewalls have reached end-of-life (EOL) status but remain commonly deployed in smaller businesses and in a few enterprise networks. The ASA 5500-X Next-Generation Firewalls represent substantially more value and have supplanted the ASA 5500 and PIX 500 lines of firewalls for new installations. Still, Cisco's older model firewall appliances, if properly managed, can offer a high degree of security by supplying multiple features including firewall, VPN tunneling, and IPS.
Following Cisco's acquisition of Sourcefire, the entire family of Cisco ASA 5500-X firewalls can be provisioned to enable Firepower Services, based on Sourcefire's Snort product, which is the market's most popular network intrusion protection system (IPS). Firepower services bring powerful new features such as advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco CCIE-premier network engineers can assist your organization to maintain and debug older ASA 5500 Series and PIX 500 firewalls and can also help you to plan and carry out a smooth upgrade to Cisco’s ASA 5500-X firewalls with Firepower Services. Progent can also assist you to plan, integrate, tune, administer and troubleshoot new firewall solutions based on Cisco's latest ASA 5500-X firewalls with Firepower. Progent can also assist your organization to migrate from your Cisco ASA 5500-X Series solution to Cisco's latest Firepower Next Generation Firewalls (NGFWs).
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive family of ASA 5500-X security appliances features an enhanced replacement for each rack-mountable unit in the older ASA 5500 line of devices. Each ASA 5500-X firewall is suited for the identical environment as the corresponding previous models, which offers most ample choice for picking a solution that meets their security needs and budgets. All ASA 5500-X firewalls build on Cisco's tested stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and are capable of running Cisco's powerful security services. All models in Cisco's ASA 5500-X product line deliver dependable protection across any mix of physical, virtual, and cloud deployments.
For more information about ASA 5500-X security appliances, Cisco Firepower services, and Progent's support for Cisco ASA security appliances, go to Firepower configuration and debugging expertise
Cisco's Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X security appliances accept software or physical modules that enable Cisco's Firepower Services, which offer layered protection against multi-vector attacks. Cisco's Firepower Services are powered by innovative technology adopted by Cisco from Sourcefire. Major features of Firepower Services for ASA 5500-X firewalls include:
- Layered defense against both familiar and zero-day attacks
- Advanced Malware Protection that utilizes big data techniques to find and remediate security breaches
- Cisco's Next-Generation Intrusion Prevention System (NGIPS) that performs contextual analysis that covers clients, network infrastructure, apps, and content to discover threats that incorporate simultaneous vectors
- High-resolution Application Visibility and Control that is aware of thousands of applications and can automatically activate standard and custom IPS policies depending on the severity of risk
Firepower Services for Cisco ASA 5500-X firewalls offer advanced multi-layered security
Smaller deployments of Cisco ASA 5500-X firewalls can be efficiently managed via Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility included with all ASA 5500-X versions. ASDM provides an easy-to-use web console for deploying, administering, and troubleshooting ASA 5500-X devices and modules.
For multi-device and multi-site deployments, ASA 5500-X appliances with Firepower Services can be managed using Firepower Management Center, available as one or several physical or virtual appliances. Cisco's Firepower Management Center offers unified firewall management, Application Visibility and Control, advanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Due to frequent rebranding since Cisco's acquisition of Sourcefire Defense Center, Firepower Management Center has been delivered under several names including Cisco Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Cisco Firepower Management Center unifies event and policy management for Firepower firewall appliances
Cisco's Firepower Management Center offers capabilities unavailable with Cisco's on-device Adaptive Security Device Manager utility. Extra features include greater context awareness, Cisco's Advanced Malware Protection with mitigation for user devices, a console that offers real-time network visualization, automated policy tuning based on impact assessment of threats, comprehensive IPS, custom application discovery for Application Visibility and Control, customized health alerts, enhanced reporting features, and application interfaces for host input and databases. Hardware-dependent options such as clustering, stacking, switching, routing, VPN, and NAT must be managed via Cisco's ASA 5500-X on-box ASDM or the ASA 5500-X CLI.
Cisco ASA 5500 Family of Firewalls
Cisco Adaptive Security Appliances Firewalls build on engineering developed for Cisco's PIX 500 Series Security Appliance, the IPS 4200 Series sensor, and Cisco's VPN 3000 Series concentrator. These solutions enable the Cisco ASA Firewall product line to deliver a platform that stops the widest variety of attacks. Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls provide program security, network containment and control, and safe VPN functionality throughout Cisco's product line. This breadth of protection enables the guarding of any network section, which includes the most common threat conduits such as remote sites, LAN-attached internal users, and remote connected Virtual Private Networks.
The expandable design of the ASA 5500 Series enables you to add features via security service modules and security service cards. These user-installable enhancements give you the option of adding IPS and content protection functions like filtering virus, worms, and phishing attacks and executing data and web filtering. In addition to allowing your IT staff to react quickly to the latest risk vectors, the extensible design of the Cisco ASA 5500 family also protects your capital investment by prolonging the life of your firewalls. The ASA 5500 family also protects your investment in IT team education by supporting the rich set of PIX management utilities and protocols such as the Cisco ASDM platform, secure command-line interface (CLI) access, verbose syslog, and SNMP.
Cisco Adaptive Security Appliances 5500 Series firewalls provide robust application security through intelligent, application-sensitive inspection engines that analyze network flows at Layers 4-7. This results in a more secure environment covering Web, voice, and 3G-mobile wireless connectivity. To protect against application-layer attacks and to offer stronger policing of the applications and protocols used in their networks, these inspection engines incorporate extensive application and protocol knowledge and rely on protection enforcement technologies such as protocol anomaly sensing and state tracking. Also incorporated are attack sensing and mitigation technology including application/protocol command filtering and URL deobfuscation. Cisco Adaptive Security Appliances firewall inspection engines also deliver management of IM and tunneling applications, enabling businesses to enforce usage policies and recover bandwidth for vital business processes.
For additional information about Progent's support services for Cisco's ASA 5500 security appliances, see ASA 5500 series firewalls configuration and troubleshooting services.
Based upon a tested, specialized OS that offers rich protection features, PIX security appliances provide excellent security and have received Common Criteria Evaluation Assurance Level 4 status and ICSA Firewall and IPsec certification. PIX firewalls offer security for a broad array of Voice over IP and other mixed-media conventions such as H.323 Version 4, Session Initiation Protocol, SCCP, Real-Time Streaming Protocol, and Media Gateway Control Protocol (MGCP), enabling organizations to safeguard deployments of a broad array of contemporary and upcoming Voice over IP and video applications.
PIX firewalls offer a wealth of configuration, tracking, and troubleshooting features, providing IT managers the flexibility to use the techniques that most closely meet their requirements. Management solutions include common, policy-based administration utilities, integrated web-based management, and support for remote-monitoring standards such as Simple Network Management Protocol and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) interface offers a powerful Web-accessible control platform that significantly simplifies the deployment, ongoing configuration, and monitoring of a specific PIX firewall without the need of any additional software other than an ordinary Web browser and Java applet to be installed on a manager's computer.
Administrators can also remotely set up, monitor, and troubleshoot Cisco PIX security appliances via a CLI interface. Secure command-line interface (CLI) access is possible using several techniques such as Secure Shell Protocol, Telnet through IP Security (IPsec), and out-of-band via a console port. Cisco PIX firewalls also include dependable automatic-update capabilities, a set of advanced protected remote-management options that ensure firewall configurations and software images are kept current.
For additional details about Progent's consulting services for PIX 500 firewalls, visit Cisco PIX firewalls configuration and troubleshooting services.
Progent's Migration Consulting Support for Cisco Firewalls
Because Cisco has stopped selling the PIX and ASA 5500 product lines, many businesses are uncomfortable with relying on a key infrastructure mechanism that may no longer be supported. ASA 5500-X and Firepower Series security appliances have the benefit of being new products and also offer several technical and budgetary benefits in comparison to PIX firewalls. These benefits include substantially better throughput, optional Secure Sockets Layer VPN capability, and an expandable architecture that guards your investment by allowing you to self-install more security features whenever you require them. Progent's Cisco certified experts can help you to determine the business value of for migrating from PIX or ASA 5500 security appliances, create a migration process that allows for a fast and seamless changeover, help your IT staff to set up new ASA 5500-x or Firepower NGFW Series firewalls, and offer online, consulting, and troubleshooting services.
Additional Ways Progent Can Help You with Cisco Firewalls
Cisco Firepower Series, ASA Series, and PIX security appliances provide an array of setup, monitoring, and troubleshooting features that offer you the ability to set up these firewalls to align optimally with your business requirements. Progent's CCIE certified network professionals can help you to design an efficient network infrastructure that includes Cisco security appliances and that provides world-class security, fault tolerance, performance, and manageability. Progent's GISA and CISM-certified IS security experts can assist your business to develop a security strategy appropriate for your business and can set up your security appliance to support your security strategy. Progent's risk evaluation experts can evaluate the effectiveness of your existing firewall solution and validate the security of your entire IS environment. Progent’s Help Desk Call Center can provide emergency online technical support for Cisco products and offer quick access to a Cisco expert.
To learn additional information concerning Progent's engineering support for Cisco solutions, pick a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
If you wish to contact Progent about consulting support for Cisco networking, call 1-800-993-9400 or see Contact Progent.