Cisco Certified Network Consultants

Cisco PIX security appliances and ASA 5500 Series firewalls combine comprehensive firewall, intrusion defense, and VPN functionality in a cost-effective, one-box package. Both of these product families have been superseded by the ASA 5500-X family of security appliances with Firepower. (See configuration and troubleshooting help with ASA 5500-X firewalls with Firepower Services.) Still, PIX and previous-generation ASA 5500 model firewalls are extensively deployed and continue to offer small and mid-size companies a viable firewall environment.

PIX and legacy ASA 5500 firewalls offer powerful client and application policy support, mutlivector attack defense, and safe connectivity services. The enhanced intelligence sharing of integrated protection features in a single package provides customers deploying these aggregated firewalls the benefits of enhanced protection, reduced cost of ownership, and minimal management expense.

Cisco PIX firewalls and Cisco's ASA 5500 Series combine with Cisco IOS Firewall, the FWSM for Catalyst 6500 Series switches, and Cisco 7600 Series routers as parts of Cisco's flexible, self-contained firewall line. Based on an expandable, building-block platform, each offering is equipped with a specific array of options to provide better security to a variety of network situations. These solutions can be independently installed to protect certain areas of the connectivity infrastructure, or can be grouped for a systematic, defense-in-depth strategy following the design leading practices described in the Cisco SAFE framework. Rounding out the modular firewall product line, Cisco has developed a comprehensive security management portfolio, spanning Cisco security device and IOS security features and embedded device managers, to standalone management utilities, moving to ensure that customers can effectively use their Cisco protection solution investments.

PIX Security Appliance Series
PIX firewall appliances deliver robust policy enforcement, multi-source invasion defense, and secure networking services in economical, easy-to-deploy solutions. These purpose-built appliances offer a broad range of integrated security and connectivity capabilities including application-aware firewall features, Voice over IP and multimedia protection, robust multi-location and remote-access IP Security VPN connectivity, high availability, intelligent networking services, and versatile administration options. The PIX Security Appliance Series product line ranges from compact plug-and-go desktop units for small or at home offices to stackable high-bandwidth appliances with ROI for enterprise and ISP customers, PIX firewalls provide dependable security, speed, and availability for environments of all sizes.

Based around a hardened, specialized operating system that offers a wealth of security services, PIX firewalls provide a high level of security and have received Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IPsec certification. PIX firewall appliances provide security for a wide range of VoIP and other multimedia conventions including H.323 Version 4, Session Initiation Protocol, Cisco Skinny Client Control Protocol (SCCP), RTSP, and Media Gateway Control Protocol, enabling businesses to safeguard deployments of a broad array of current and next-generation VoIP and video applications.

Cisco PIX firewalls feature a wealth of configuration, tracking, and analysis options, providing IT managers the flexibility to use the methods that most closely match their requirements. Management solutions include common, policy-based administration tools, integrated web-based management, and compatibility with remote-monitoring standards such as SNMP and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system offers a world-class web-accessible control platform that significantly streamlines the installation, ongoing configuration, and monitoring of a single Cisco PIX firewall without the need of any additional utility other than a standard web browser and Java plug-in to be running on a manager's PC.

IT managers can furthermore remotely configure, monitor, and troubleshoot Cisco PIX security appliances using a command-line interface. Safe command-line interface (CLI) access is possible through several methods including Secure Shell (SSHv2) Protocol, Telnet through IP Security (IPsec), and out-of-band via a console port. PIX firewalls also have dependable auto-update capabilities, a collection advanced secure remote-administration services that make sure that security settings and software images are always up to date.

Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco Adaptive Security Appliances (ASA) Firewalls are purpose-built devices that incorporate advanced, industry-leading security and Virtual Private Network services plus an adaptive design. The end product is a robust, versatile network protection appliance better suited to defend small and medium business (SMB) and enterprise networks and, simultaneously, reduce the total installation and maintenance expenses previously required for this high level of protection.

Cisco Adaptive Security Appliances (ASA) firewalls deliver robust application security through intelligent, application-sensitive inspection processes that analyze network flows at Layers 4-7. This produces a more secure network covering web, voice, and mobile wireless services. To protect environments from application-layer attacks and to offer businesses greater policing of the applications and protocols used in their environments, these inspection engines incorporate extensive application and protocol knowledgebases and rely on protection enforcement solutions such as anomaly detection and state tracking. Also included are attack sensing and remediation technology such as application/protocol command filters and URL deobfuscation. Cisco ASA firewall inspection engines also deliver control over IM and tunneling applications, enabling organizations to police usage policies and recover network bandwidth for critical business processes.

At the same time as improving network security, Cisco ASA firewalls also lower deployment and support costs. By providing broad Virtual Private Network and security services, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as the the only platform for many uses, allowing platform commonality. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as a converged threat-prevention appliance at the datacenter by leveraging its access control, process inspection, and malicious assault mitigation capabilities. The Cisco ASA 5500 Series firewall can also be used as a dedicated remote access solution utilizing its Virtual Private Network features. Alternatively, the Cisco Adaptive Security Appliances firewall serves capably in the network interior for interdepartmental access management and to defend against malware internal users may inadvertently release into the network. In small business and branch office environments, the Cisco ASA 5500 Series firewall acts as a total solution device offering complete intrusion defense and Virtual Private Network services while fitting within the cost structure and operational demands of such situations.

This adaptive single-device, many-solution design reduces the total number of appliances that need to be installed and maintained while providing a common operating and administrative system throughout all deployments. This approach simplifies the education of configuration, monitoring, troubleshooting, and protection staff. To further minimize operations costs, Cisco Adaptive Security Appliances firewalls are also exceptionally network aware, enabling them to insert seamlessly into the network without interfering with legitimate traffic and applications.

How Progent's Consultants Can Help You with Cisco PIX and ASA Security Appliances
Cisco ASA Series adaptive security appliances and PIX family security appliances provide an array of configuration, tracking, and troubleshooting features that offer you the ability to set up these firewalls to align optimally with your business needs. Progent's CCIE certified network experts can assist you to maintain your existing infrastructure that includes Cisco ASA and/or PIX firewall technology and that offers protection, fault tolerance, throughput, and manageability. Progent's firewall experts can also help you to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISM-certified IS security professionals can help your business to create a security policy appropriate for your business and can set up your firewall to enforce your security policies. Progent's security assessment engineers can evaluate the strength of your existing firewall deployment and audit the overall security of your entire IT environment. Progent's Technical Response Center (TRC) can deliver emergency online troubleshooting for Cisco technology and offer fast access to a Cisco CCIE network engineer.

To see additional details concerning Progent's professional help for Cisco products, pick a topic:

• Overview of Progent's Cisco Network Support
• Fast Remote Support from a CCIE Network Engineer
• Cisco Firepower Series Firewalls: Integration and Management Expertise
• Cisco ASA 5500-X Firewalls with Cisco Firepower: Consulting and Management Expertise
• Cisco ASA 5500 Series Firewall Management Help
• Cisco Routers Configuration and Troubleshooting Services
• Cisco Wireless Consulting Services
• Aironet Wireless APs Consulting Help
• Cisco Small Business 100, 300 and 500 WiFi APs Consulting Expertise
• Cisco Catalyst 802.11ax Wi-Fi 6/6E Wireless Access Points Solution Design, Configuration and Debugging Support
• Cisco WiFi Controllers Experts
• Cisco Meraki Wireless APs Deployment Help
• Cisco Unified Communications Manager (CUCM or Unified CM) and CallManager Consulting and Technical Support
• Cisco Voice over IP Phones and IP Video Desktop Phones Consulting Services and Wireless VoIP Phone Integration
• Cisco Jabber and Management Services
• Catalyst Switches Deployment Expertise
• Nexus Switches Support and Troubleshooting Expertise
• Meraki MS Switches Deployment Expertise
• Cisco VPN and Network Security Consulting Assistance
• SIP and CUBE Integration Solutions: SIP Trunking and Cisco CUBE Integration Consulting
• Cisco Duo MFA Two-factor Authentication Services for Teleworkers
• Design Expertise for Cisco-powered Data Centers
• Network Optimization Services for Service Providers
• Centralized Cloud-based and Hybrid Management Techniques for Cisco-based Environments

• Palo Alto Networks PA-Series Firewalls Consulting
• Check Point Software Consulting
• Barracuda CloudGen Firewall Consulting
• Watchguard Consulting
• Juniper Networks NetScreen and SSG Firewall Consulting
• SonicWall Consulting
• Fortinet FortiGate Firewall Consulting
• Symantec Raptor Consulting