Cisco is a perennial front-runner in delivering cutting-edge firewall appliances for the broadest possible range of environments. Cisco's Firepower NGFWs Firewalls provide an advanced cybersecurity solution that marshals sophisticated hardware, cloud services, and machine learning to anticipate, identify, and respond to threats without manual intervention. Progent's Cisco-certified CCIE-certified firewall experts can help your organization to plan and execute an efficient upgrade to Firepower Series firewalls from Cisco's legacy ASA 5500-X, ASA 5500, or PIX firewalls and help you enhance Firepower appliances with Cisco's security services to create and centrally control IT ecosystems that span local offices, data centers, private clouds and public clouds. Progent's firewall consultants can also assist you to maintain and troubleshoot legacy Cisco firewalls. Progent's certified cybersecurity experts can help you with policy creation based on leading best practices in order to establish a consistent and effective cybersecurity posture across all your networked endpoints anywhere.
Cisco's Firepower Next Generation Firewall Appliances
Cisco's Firepower Next Generation Firewalls provide a major performance improvement over Cisco's previous-generation ASA 5500-X security appliances and offer centralized control of modern security features like application visibility, next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection (AMP), distributed denial of service (DDoS) mitigation, and multi-node sandboxing. For details about Cisco's Firepower family of NGFWs Firewalls, visit Firepower Series firewalls consulting services.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco’s ASA 5500-X Series, ASA 5500 Series, and PIX 500 firewall appliances offer combined firewall, IPsec VPN, and IPS capabilities in single-box packages, delivering a broad array of features to meet the security and compliance needs of companies ranging from small businesses to enterprises and Internet service providers. Cisco’s ASA 5500-X Series, ASA 5500 Series, and PIX firewall appliances enable network security teams to protect their network edge and offer secure remote access while using powerful administration mechanisms built on Cisco's industry-leading firewall products.
Cisco’s ASA 5500 and PIX 500 firewall appliances have arrived at end-of-life but are still commonly deployed in small and mid-size businesses and in a few larger networks. The ASA 5500-X Next-Generation Firewalls deliver substantially more value and have supplanted Cisco's ASA 5500 and PIX lines of firewalls for new installations. Still, Cisco's legacy firewall appliances, if properly maintained, can offer a high level of protection by providing a variety of services such as firewall, IPsec VPN, and IPS.
Since Cisco's acquisition of Sourcefire, the whole line of ASA 5500-X firewalls can be configured to support Firepower Services, based on Sourcefire's Snort product, which is the market's most popular intrusion protection system (IPS). Firepower services bring powerful new features including advanced malware protection (AMP), URL filtering, real-time threat analytics, and security automation.
Progent's Cisco-certified infrastructure consultants can help your organization to maintain and debug older ASA 5500 Series and PIX firewall appliances and can also help you to plan and implement an efficient migration to Cisco’s ASA 5500-X firewalls with Firepower. Progent can also assist you to design, integrate, tune, manage and troubleshoot new firewall solutions built on Cisco's current ASA 5500-X models with Firepower Services. Progent can also help you to migrate from your Cisco ASA 5500-X solution to Cisco's latest Firepower Next Generation Firewalls (NGFWs).
Cisco's ASA 5500-X Series Firewalls
Cisco's comprehensive family of ASA 5500-X security appliances features an enhanced replacement for every rack-mountable model in the older ASA 5500 line of devices. Each ASA 5500-X firewall targets the same market as the corresponding previous models, which gives most plenty of room for selecting a firewall that aligns with their security requirements and IT budgets. All ASA 5500-X firewalls are based on Cisco's proven stateful-inspection firewall technology and all include purpose-built 64-bit hardware with multicore processors and support Cisco's advanced protection services. All models in Cisco's ASA 5500-X family provide dependable protection across any combination of physical, virtual, and cloud deployments.
For more details about ASA 5500-X security appliances, Cisco Firepower services, and Progent's support for Cisco ASA firewalls, see Firepower integration and troubleshooting consulting
Cisco's Firepower Services for ASA 5500-X Firewalls
Cisco ASA 5500-X security appliances work with either software or hardware modules that enable Cisco's Firepower Services, which provide layered defense against multi-vector attacks. Firepower Services are powered by innovative technology adopted by Cisco from Sourcefire. Key capabilities of Firepower Services for ASA 5500-X security appliances include:
Simpler implementations of Cisco ASA 5500-X firewalls can be efficiently administered via Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web utility which is provided with all ASA 5500-X models. ASDM provides a convenient web console for configuring, managing, and debugging ASA 5500-X firewalls and modules.
For more complex environments, ASA 5500-X firewalls with Firepower Services can be managed with Cisco's Firepower Management Center, available as one or more physical or virtual appliances. Firepower Management Center provides centralized firewall management, Application Visibility and Control (AVC, enhanced IPS, URL filtering, and Cisco's Advanced Malware Protection. Due to ongoing rebranding after Cisco's purchase of Sourcefire Defense Center, Cisco's Firepower Management Center has been offered under several names including Cisco Defense Center, Cisco Firesight Defense Center, and FireSIGHT Management Center.
Firepower Management Center provides features beyond those available with Cisco's on-device Adaptive Security Device Manager utility. Extra capabilities include expanded context awareness, Cisco's Advanced Malware Protection (AMP) with remediation for client devices, a dashboard that provides dynamic network visualization, automated policy tuning based on risk assessment of threats, advanced IPS, custom application discovery for Application Visibility and Control (AVC), customized health alerts, enhanced reporting options, and application interfaces for host input and databases. Hardware-dependent capabilities such as clustering, stacking, switching, routing, VPN, and NAT must be handled via the on-device ASDM or the ASA 5500-X command line interface.
Cisco ASA 5500 Adaptive Security Appliances
Cisco Adaptive Security Appliances (ASA) Firewalls build on engineering developed for the PIX 500 Series firewall, the Cisco IPS 4200 Series sensor, and the VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances 5500 Series Firewall product line to offer a firewall that stops the broadest range of attacks. Cisco Adaptive Security Appliances (ASA) Firewalls deliver application security, network containment and control, and clean VPN connectivity across the entire product line. This broad scope of security enables defense of any network segment, including the most common attack conduits such as remote locations, LAN-attached internal users, and off-site access Virtual Private Networks.
Cisco ASA 5500 Series firewalls deliver a high-level of application protection through intelligent, application-aware inspection processes that analyze traffic at Layers 4-7. This results in a more secure network including Web, voice, and 3G-mobile wireless services. To defend against application-layer assaults and to offer better control over the programs and protocols utilized in their environments, Cisco's inspection engines integrate extensive application and protocol knowledge and rely on security enforcement technologies that include anomaly detection and application and protocol state tracking. Also included are attack detection and remediation techniques such as application/protocol command filtering and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also provide control over instant messaging and peer-to-peer file sharing, allowing organizations to enforce usage policies and free up bandwidth for important business applications.
For additional details about Progent's consulting services for Cisco's ASA 5500 firewalls, go to Cisco ASA 5500 series firewalls integration and debugging services.
PIX Security Appliance Series
Based around a tested, specialized OS that delivers a wealth of security services, PIX firewall appliances provide a high level of security and have received Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IPsec qualification. Cisco PIX security appliances offer protection for a broad array of Voice over IP and additional multimedia conventions such as H.323 Version 4, SIP, Cisco Skinny Client Control Protocol (SCCP), RTSP, and Media Gateway Control Protocol, helping businesses to protect deployments of a wide range of contemporary and upcoming Voice over IP and mixed-media applications.
IT managers can also remotely configure, track, and analyze PIX firewall appliances using a CLI interface. Secure command-line interface access is available using several techniques including Secure Shell (SSHv2) Protocol, Telnet over IP Security, and out-of-band through a console port. PIX security appliances also include robust auto-update features, a set of revolutionary secure remote-administration services that make sure that security configurations and software images are always current.
For additional details about Progent's consulting services for PIX firewalls, see PIX firewalls configuration and troubleshooting services.
Progent's Migration Consulting for Cisco Firewalls
Since Cisco has discontinued offering the PIX 500 and ASA 5500 product lines, many companies are uncomfortable with relying on a critical infrastructure mechanism that might no longer be supported. Cisco ASA 5500-X and Firepower NGFW Series firewalls have the advantage of being new devices and also bring several technical and budgetary benefits in comparison to PIX firewalls. These advantages include substantially higher performance, optional SSL tunneling support, and a modular design that guards your investment by allowing you to self-install new security features whenever you require them. Progent's Cisco certified experts can help your company to determine the business case for upgrading from PIX 500 or ASA 5500 security appliances, create a migration process that permits a fast and non-disruptive changeover, help you to install new ASA 5500-x Series or Firepower NGFW Series appliances, and offer online, consulting, and troubleshooting services.
Other Ways Progent Can Assist You with Cisco ASA and PIX Security Appliances
Cisco Firepower NGFW Series, ASA Series, and PIX family security appliances provide an array of configuration, tracking, and analysis features which give you the flexibility to set up these firewalls to match your company's requirements. Progent's CCIE authorized network professionals can help you to build a cost-effective infrastructure that incorporates Cisco firewall technology and that provides advanced security, resilience, performance, and recoverability. Progent's CISA and CISSP-ISSP-certified information security professionals can assist you to develop a security policy that makes sense for your situation and can configure your firewall to support your security strategy. Progent's security assessment engineers can evaluate the strength of your existing firewall deployment and validate the security of your entire information system environment. Progent’s Technical Response Center (TRC) can provide emergency remote technical support for Cisco technology and offer quick access to a Cisco CCIE expert.
To find out more information about Progent's professional help for Cisco products, pick a topic:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
In order to contact Progent about technical assistance for Cisco products, phone