Cisco is a long-time leader in developing cutting-edge firewalls for the broadest possible range of deployments. Cisco's Firepower Next Generation Firewalls (NGFWs) provide a modern firewall platform that marshals dedicated hardware, cloud-based services, and next-generation intrusion protection system (NGIPS) to block, identify, and mitigate threats without manual intervention. Progent's Cisco-certified CCIE-certified firewall experts can help you to plan and carry out a smooth upgrade to Firepower firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX appliances and show you how to integrate Firepower appliances with Cisco's subscription-based security services to create and centrally control network environments that span branch offices, data centers, private clouds and public clouds. Progent can also assist you to maintain and troubleshoot legacy Cisco security appliances. Progent's certified cybersecurity consultants can help you with policy creation based on industry best practices so you can build a consistent cybersecurity posture that applies to all your endpoints anywhere.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower Next Generation Firewalls (NGFWs) provide a significant performance boost over Cisco's previous-generation ASA 5500-X security appliances and include centralized management of modern security capabilities such as application visibility and control (AVC), next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection, distributed denial of service (DDoS) mitigation, and sandboxing. For more information about Cisco's Firepower portfolio of NGFWs Firewalls, visit Cisco Firepower firewalls integration experts.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco's ASA 5500-X, ASA 5500, and PIX firewall appliances provide integrated firewall, IPsec VPN, and intrusion prevention system (IPS) capabilities in single-box packages, delivering a wide array of features to meet the security and compliance requirements of organizations ranging from small businesses to enterprises and ISPs. Cisco's ASA 5500-X, ASA 5500 Series, and PIX firewall appliances enable IT security teams to protect their network perimeter and provide secure remote access while utilizing powerful administration mechanisms based on Cisco's industry-leading firewall technology.
Cisco's ASA 5500 Series and PIX firewall appliances have arrived at end-of-life status but are still widely used in small and mid-size businesses and in a few larger data centers. The ASA 5500-X Next-Generation Firewalls represent significantly more bang for the buck and have superseded the ASA 5500 and PIX families of firewalls for new deployments. However, Cisco's older model firewalls, if carefully maintained, can offer a high degree of protection by providing a variety of features such as firewall, VPN tunneling, and IPS.
Since Cisco's acquisition of Sourcefire, the entire line of Cisco ASA 5500-X firewalls can be configured to support Firepower Services, built on Sourcefire's Snort technology, which is the market's most deployed intrusion protection system. Firepower services bring enhanced features including advanced malware protection (AMP), URL filtering, dynamic threat analytics, and security automation.
Progent's Cisco CCIE-certified network engineers can assist your organization to support and debug legacy ASA 5500 and PIX firewall appliances and can also help you to design and carry out an efficient migration to Cisco's ASA 5500-X firewalls with Firepower. Progent can also assist you to design, integrate, tune, administer and debug new firewall solutions based on Cisco's current ASA 5500-X firewalls with Firepower Services. Progent can also help your organization to upgrade from your Cisco ASA 5500-X Series deployment to Cisco's latest Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Firewall Product Family
Cisco's extensive family of ASA 5500-X firewalls includes an improved replacement for each rack-mountable model in the older ASA 5500 series of devices. Each ASA 5500-X firewall is suited for the identical environment as the corresponding earlier models, which gives most ample room for picking a firewall that meets their security requirements and budgets. All ASA 5500-X firewalls build on Cisco's tested stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore processors and are capable of running Cisco's powerful security services. All models in Cisco's ASA 5500-X family provide dependable protection across any mix of physical, virtual, and cloud deployments.
For additional information about Cisco's ASA 5500-X firewalls, Firepower services, and Progent's support for Cisco ASA firewalls, see Cisco Firepower integration and debugging consulting
Cisco's Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X firewalls accept either software or physical modules that support Firepower Services, which provide layered defense against sophisticated threats. Cisco's Firepower Services are powered by technology acquired by Cisco from Sourcefire. Key capabilities of Firepower Services for ASA 5500-X firewalls include:
Simpler deployments of Cisco ASA firewalls can be effectively administered using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web-based utility which is provided with all ASA 5500-X versions. ASDM includes a convenient web console for configuring, administering, and debugging ASA 5500-X appliances and modules.
For multi-device and multi-site deployments, ASA 5500-X firewalls with Firepower can be managed with Firepower Management Center, available as one or several physical or virtual devices. Cisco's Firepower Management Center offers unified firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Advanced Malware Protection. Due to ongoing rebranding since Cisco's acquisition of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under several names that include Defense Center, FireSIGHT Defense Center, and Cisco Firesight Management Center.
Cisco's Firepower Management Center offers features beyond those available with Cisco's on-device ASDM tool. Additional features include expanded context awareness, Cisco's Advanced Malware Protection with remediation for client devices, a dashboard that offers dynamic network infrastructure visualization, automated policy tuning based on risk assessment of attacks, comprehensive IPS, custom app detectors for Application Visibility and Control (AVC), customized health notifications, improved reporting options, and application interfaces for host input and databases. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be managed using the on-box ASDM or the ASA command line interface.
Cisco ASA 5500 Adaptive Security Appliances
Cisco ASA Firewalls build on technology developed for the PIX 500 Series firewall, the Cisco IPS 4200 family sensor, and the VPN 3000 family concentrator. These solutions converge on the Cisco ASA 5500 Series Firewall product line to offer a platform that defends against the widest range of attacks. Cisco Adaptive Security Appliances (ASA) Firewalls provide program protection, local containment and control, and clean VPN functionality across the entire product portfolio. This broad scope of security allows the guarding of any network area, including the most typical threat vectors like remote sites, locally-attached inside users, and remote connected Virtual Private Networks.
Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls deliver robust application protection through smart, application-aware inspection engines that analyze traffic at Layers 4-7. This results in a better protected network including Web, voice, and mobile wireless connectivity. To defend against application-layer assaults and to provide stronger policing of the applications and protocols used in their environments, Cisco's inspection engines integrate broad application and protocol knowledgebases and rely on security enforcement solutions such as protocol anomaly sensing and application and protocol state monitoring. Also incorporated are assault detection and mitigation techniques including application and protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also provide control over instant messaging and tunneling applications, enabling businesses to enforce usage policies and preserve bandwidth for crucial business processes.
For additional information about Progent's consulting services for Cisco's ASA 5500 firewalls, go to Cisco ASA 5500 series firewalls configuration and troubleshooting consulting.
Cisco PIX Security Appliance Series
Built upon a tested, purpose-built software platform that delivers rich protection features, Cisco PIX firewalls offer a high level of protection and have received Common Criteria Evaluation Assurance Level 4 status and ICSA Firewall and IP Security (IPsec) qualification. PIX security appliances provide security for a wide range of VoIP and other mixed-media standards including H.323 v. 4, SIP, Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol (MGCP), helping organizations to protect deployments of a broad array of contemporary and next-generation Voice over IP and multimedia applications.
Administrators can furthermore remotely set up, track, and analyze PIX security appliances using a command-line interface (CLI). Safe CLI interface access is available using several techniques such as SSHv2 Protocol, Telnet through IP Security, and out-of-band through a console port. Cisco PIX firewall appliances also include robust auto-update features, a set of revolutionary protected remote-administration options that make sure that firewall settings and software images are always up to date.
For more information about Progent's consulting services for PIX 500 security appliances, see Cisco PIX firewalls integration and debugging support.
Progent's Migration Support Services for Cisco Firewalls
Since Cisco has discontinued offering the PIX and ASA 5500 product lines, many companies are concerned about relying on a key infrastructure component that might no longer be supported by Cisco. Cisco ASA 5500-X and Firepower NGFW Series security appliances have the advantage of being new products and also bring a number of functions and economic advantages in comparison to PIX 500 firewalls. These advantages include significantly better throughput, optional Secure Sockets Layer VPN capability, and an expandable architecture that protects your investment by enabling you to add more security features when and if you need them. Progent's Cisco certified network engineers can assist your company to assess the business value of for upgrading from PIX or ASA 5500 firewalls, design a migration plan that allows for a fast and non-disruptive upgrade, assist you to configure new ASA 5500-x or Firepower NGFW Series appliances, and provide remote training, consulting, and technical support services.
Other Ways Progent Can Help You with Cisco ASA and PIX Security Appliances
Cisco Firepower NGFW Series, ASA 5500 Series, and PIX family firewalls provide a wealth of configuration, tracking, and troubleshooting options which offer you the flexibility to set up these security appliances to match your company's needs. Progent's CCIE authorized network experts can show you how to build a cost-effective infrastructure that incorporates Cisco security appliances and that offers advanced security, resilience, performance, and manageability. Progent's CISA and CISSP-ISSP-premier information security consultants can help you to develop a security strategy appropriate for your environment and can set up your PIX or ASA firewall to support your security strategy. Progent's risk evaluation consultants can evaluate the effectiveness of your existing firewall deployment and validate the security of your whole information system environment. Progent's Help Desk Call Center can deliver urgent online troubleshooting for Cisco technology and can give you fast access to a Cisco network engineer.
To find out additional information about Progent's engineering help for Cisco solutions, choose a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
In order to contact Progent about engineering support for Cisco products, call