Cisco Network Consultants

Cisco PIX firewalls and ASA Series adaptive security appliances combine next-generation firewall, intrusion defense, and Virtual Private Network (VPN) technologies in a cost-effective, one-box format. Both of these product lines have been superseded by the ASA 5500-X family of security appliances with Firepower. (See integration and debugging support for Cisco AA 5500-X firewalls with Firepower Services.) Still, PIX and previous-generation Cisco ASA 5500 model firewalls are extensively used and continue to provide small and mid-size companies a reliable firewall solution.

PIX and legacy ASA 5500 firewalls deliver powerful client and application policy support, mutlivector assault protection, and secure connectivity features. The enhanced knowledge sharing of consolidated security features in a stand-alone platform offers customers deploying these integrated solutions the advantages of enhanced security, reduced cost of ownership, and smaller maintenance expense.

PIX firewalls and the ASA 5500 product line join IOS Firewall, the FWSM for Catalyst 6500 family switches, and 7600 Series routers as components of Cisco's flexible, self-contained firewall line. Engineered with a scalable, modular approach, each offering is equipped with a particular array of options to deliver better security to different networking situations. These products can be individually deployed to secure certain facets of the connectivity infrastructure, or can be combined for a systematic, protection-in-depth strategy following the design leading practices described in the Cisco SAFE framework. Completing the modular firewall product line, Cisco provides a complete security management offering, ranging from Cisco security device and IOS Software security features and built-in device managers, to standalone management applications, moving to ensure that businesses can productively manage their Cisco security solution purchases.

PIX Security Appliance Series
PIX Security Appliance Series offer reliable user and application policy support, multivector attack protection, and safe connectivity features in affordable, out-of-the-box modules. These specialized appliances offer a wealth of integrated security and networking capabilities including process-aware firewall services, Voice over IP and multimedia security, reliable multi-site and remote-connectivity IP Security Virtual Private Network networking, fault tolerance, smart networking features, and versatile management solutions. The PIX Security Appliance Series family ranges from small plug-and-go appliances for small offices or at home offices to stackable gigabit appliances with investment protection for enterprise and ISP customers, Cisco PIX firewalls provide high levels of protection, speed, and reliability for environments of any size.

Built upon a tested, purpose-built operating system that offers rich security features, Cisco PIX firewall appliances offer a high level of protection and have earned Common Criteria Evaluation Assurance Level (EAL) 4 status and ICSA Labs Firewall and IPsec qualification. PIX firewall appliances provide security for a wide array of Voice over IP and other mixed-media conventions such as H.323 v. 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, RTSP, and Media Gateway Control Protocol, helping businesses to protect deployments of a wide range of current and upcoming VoIP and multimedia applications.

Cisco PIX firewalls offer a wealth of configuration, tracking, and analysis features, providing businesses the versatility to use the methods that most closely meet their requirements. Management solutions include common, policy-based management utilities, integrated web-accessible management, and compatibility with remote-tracking standards like Simple Network Management Protocol and syslog. The integrated ASDM system offers a world-class web-accessible management solution that significantly simplifies the deployment, ongoing modification, and monitoring of a single Cisco PIX security appliance without the need of any additional utility beyond an ordinary browser and Java plug-in to be running on a manager's computer.

IT managers can also remotely set up, track, and troubleshoot Cisco PIX firewall appliances using a command-line interface (CLI). Secure command-line interface access is possible using several techniques such as SSHv2 Protocol, Telnet through IP Security, and out-of-band via a console port. Cisco PIX security appliances also include robust automatic-update features, a set advanced protected remote-management options that ensure firewall settings and software images are kept current.

Cisco ASA 5500 Series Firewalls
Cisco Adaptive Security Appliances Firewalls are specially engineered solutions that bring together market-proven, industry-leading security and VPN services plus a flexible architecture. The result is a robust, multifunction network security solution better suited to protect small and medium business (SMB) and enterprise networks and, simultaneously, lower the total installation and maintenance costs formerly required for this high degree of security.

Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls provide strong application protection via smart, application-aware inspection engines that examine traffic at Layers 4-7. This produces a more secure network covering web, voice, and mobile wireless access. To defend environments against application-layer assaults and to offer organizations greater policing of the programs and protocols used in their networks, these inspection engines integrate extensive application and protocol knowledgebases and rely on protection enforcement technologies such as protocol anomaly sensing and state tracking. Also included are assault detection and remediation technology such as application/protocol command filters and content verification. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide management of instant messaging and peer-to-peer file sharing, allowing businesses to police usage policies and conserve network bandwidth for important business applications.

At the same time as improving security, Cisco ASA 5500 Series firewalls also decrease installation and operational expenses. By providing extensive VPN and protection functions, the Cisco Adaptive Security Appliances firewall can be a single device for a multitude of uses, allowing platform standardization. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as a converged threat-prevention appliance at a central location by taking advantage of its access control, application inspection, and malware remediation technologies. The Cisco Adaptive Security Appliances firewall can also be used as a dedicated remote connectivity solution utilizing its Virtual Private Network capabilities. As an alternative, the Cisco ASA 5500 Series firewall operates capably in the network interior for interdepartmental connectivity control and to guard against malicious assaults internal workers might unwittingly introduce into the environment. For small business and branch office networks, the Cisco Adaptive Security Appliances firewall serves as a total solution platform providing comprehensive threat prevention and Virtual Private Network services while fitting within the cost structure and operational models of these situations.

This adaptive single-device, many-solution approach reduces the number of devices that need to be installed and maintained while providing a standard operating and administrative environment across all installations. This approach streamlines the education of setup, tracking, troubleshooting, and security personnel. To further reduce operations costs, Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls are also highly network conscious, enabling these devices to insert gracefully into the network without disrupting authorized traffic and applications.

How Progent's Cisco Certified Experts Can Help You with Cisco Firewalls
Cisco's ASA Series adaptive security appliances and PIX security appliances incorporate an array of setup, monitoring, and troubleshooting features which give you the flexibility to set up these firewalls to match your company's needs. Progent's CCIE authorized network experts can help you to maintain your current infrastructure that incorporates Cisco ASA or PIX firewall technology and that offers protection, resilience, performance, and recoverability. Progent can also assist you to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.

Progent's CISA and CISSP-ISSP-certified information security professionals can help your business to develop a security strategy appropriate for your situation and can set up your firewall to enforce your security policies. Progent's risk assessment professionals can assess the effectiveness of your current firewall deployment and audit the overall security of your entire information system network. Progent's Help Desk support team can deliver urgent remote technical support for Cisco products and can give you fast access to a Cisco network engineer.

To learn more details about Progent's professional help for Cisco technology, pick a topic:

• Introduction to Progent's Cisco Consulting Services
• Fast and Affordable Remote Support from a CCIE Network Engineer
• Cisco Firepower Series Firewalls: Configuration and Troubleshooting Services
• Cisco ASA 5500-X Firewall with Cisco Firepower Services: Consulting and Management Support
• ASA 5500 Firewall Management Help
• Cisco Routers Configuration and Troubleshooting Expertise
• Cisco Wireless Network Design Help
• Aironet Wireless Access Points Deployment Support
• Cisco Small Business 100, 300 and 500 Wireless APs Consulting Help
• Cisco Catalyst 802.11ax Wi-Fi 6/6E Access Points Planning, Deployment and Troubleshooting Expertise
• Cisco WiFi Controllers Integration Consulting
• Cisco Meraki APs Consulting Help
• Cisco Unified Communications Manager (CUCM or Unified CM) and Cisco CallManager Configuration and Troubleshooting
• Cisco VoIP Phones and IP Video Desktop Phones Consulting Services and Cisco Wireless IP Phone Solutions
• Cisco Jabber Configuration and Troubleshooting Services
• Cisco Catalyst Switches Deployment Expertise
• Nexus Switches Configuration and Maintenance Expertise
• Meraki MS Switches Configuration and Maintenance Services
• Cisco Security and VPN Integration Assistance
• SIP and CUBE Integration Solutions: SIP Trunking and CUBE Integration Consulting
• Cisco Duo MFA Two-factor Authentication Services for Telecommuters
• Design and Support for Cisco-based Data Centers
• Infrastructure Design Expertise for Service Providers
• Centralized Cloud-based and Hybrid Network Management Solutions for Cisco-powered Environments