Cisco's PIX family firewalls and Cisco ASA 5500 Series firewalls combine next-generation firewall, intrusion protection, and Virtual Private Network (VPN) technologies in a cost-effective, one-cabinet format. Both product lines have been replaced by the ASA 5500-X series of security appliances with Firepower. (Refer to integration and troubleshooting expertise for Cisco AA 5500-X firewalls with Firepower Services.) Still, both PIX and earlier-generation Cisco ASA 5500 model adaptive security appliances are widely used and continue to provide small and mid-size companies a viable security solution.
Cisco PIC and the original ASA 5500 firewalls offer powerful client and application policy support, mutlivector attack defense, and secure connectivity features. The enhanced intelligence sharing of integrated security features in a stand-alone package offers customers implementing these aggregated firewalls the benefits of advanced security, lower TCO, and minimal maintenance expense.
PIX firewalls and the ASA 5500 product line join Cisco IOS Firewall, the Firewall Services Module for Cisco Catalyst 6500 switches, and Cisco 7600 family routers as components of Cisco's versatile, integrated firewall line. Based on an expandable, modular platform, each device is equipped with a specific array of options to deliver more efficient security to a variety of network environments. These solutions can be independently installed to protect certain areas of the network environment, or can be combined for a systematic, defense-in-depth approach based on the design leading practices outlined in the Cisco SAFE framework. Completing the integrated firewall solutions, Cisco provides a comprehensive security management offering, spanning Cisco security device and Cisco IOS Software security features and built-in appliance managers, to standalone management applications, moving to make sure that customers can productively use their Cisco protection solution purchases.
Cisco PIX Security Appliance Series
Cisco PIX firewalls offer robust policy support, multivector attack protection, and secure networking features in cost-effective, simple-to-configure modules. These purpose-built appliances provide a broad range of built-in protection and connectivity capabilities including application-aware firewall features, VoIP and multimedia security, robust multi-location and remote-access IPcec Virtual Private Network connectivity, high availability, intelligent networking features, and versatile management solutions. The PIX firewall family ranges from compact plug-and-play devices for small or home offices to modular high-bandwidth appliances with investment protection for enterprise and ISP customers, PIX firewall appliances deliver dependable protection, speed, and reliability for network environments of all sizes.
Built upon a hardened, specialized software platform that offers a wealth of security features, Cisco PIX firewalls provide a high level of security and have received EAL 4 status and ICSA Labs Firewall and IP Security qualification. PIX security appliances provide protection for a wide array of VoIP and other multimedia standards such as H.323 Version 4, Session Initiation Protocol, SCCP, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), enabling businesses to protect deployments of a broad array of contemporary and next-generation Voice over IP and video applications.
PIX firewall appliances offer a variety of setup, tracking, and troubleshooting options, providing businesses the versatility to utilize the techniques that most closely match their needs. Administrative options include centralized, policy-based management tools, integrated web-based administration, and support for remote-monitoring protocols like Simple Network Management Protocol (SNMP) and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system offers a world-class web-accessible control solution that significantly streamlines the deployment, ongoing configuration, and tracking of a specific Cisco PIX firewall without requiring any extra utility beyond an ordinary browser and Java applet to be running on an administrator's computer.
Administrators can also remotely set up, track, and analyze PIX firewalls using a CLI interface. Safe command-line interface (CLI) access is available using several techniques such as Secure Shell Protocol, Telnet through IP Security, and out-of-band through a console port. PIX firewalls also have dependable automatic-update features, a collection advanced protected remote-management options that make sure that firewall configurations and software images are kept current.
Cisco ASA 5500 Series Firewalls
Cisco ASA Firewalls are purpose-built devices that incorporate advanced, industry-leading security and VPN support with a flexible architecture. The result is a robust, multifunction network security solution better able to protect small and midsize business (SMB) and larger networks and, simultaneously, reduce the total deployment and maintenance costs previously associated with this enhanced degree of protection.
Cisco Adaptive Security Appliances (ASA) Firewalls build on engineering behind Cisco's PIX 500 family firewall, the Cisco IPS 4200 family sensor, and the Cisco VPN 3000 family concentrator. These technologies converge on the Cisco ASA Firewall family to offer a firewall that stops a broad range of attacks. Cisco Adaptive Security Appliances Firewalls deliver program protection, network containment and control, and clean Virtual Private Network functionality throughout the entire product line. This broad scope of protection enables defense of any network section, including the most common attack vectors such as remote sites, LAN-attached internal users, and remote connected Virtual Private Networks.
Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls deliver a high-level of application protection through smart, application-aware inspection processes that analyze traffic at Layers 4-7. This results in a more secure environment including web, voice, and mobile wireless access. To protect environments against application-layer attacks and to offer businesses more policing of the programs and protocols utilized in their environments, Cisco's inspection engines incorporate extensive application and protocol knowledgebases and employ protection enforcement solutions that include anomaly sensing and state monitoring. Also incorporated are assault detection and mitigation technology including application/protocol command filtering and content verification. Cisco Adaptive Security Appliances firewall inspection engines also deliver control over instant messaging and tunneling applications, allowing organizations to enforce usage policies and conserve network bandwidth for crucial business applications.
While increasing network security, Cisco ASA firewalls also lower installation and support expenses. By offering broad Virtual Private Network and security functions, the Cisco Adaptive Security Appliances (ASA) firewall can be used as the the only platform for a multitude of uses, allowing product commonality. The Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as a consolidated threat-protection appliance at the datacenter by taking advantage of its access control, process inspection, and malware mitigation technologies. The Cisco Adaptive Security Appliances (ASA) firewall can also be used as a dedicated remote access device utilizing its VPN capabilities. Alternatively, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall serves capably in the network interior for interdepartmental access management and to guard against malicious assaults inside users may unwittingly release into the network. In small company and satellite office environments, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall serves as a total solution device providing complete intrusion defense and VPN services while fitting within the cost structure and operational demands of these deployments.
This versatile one-platform, many-use approach minimizes the number of devices that must be installed and managed while providing a common operating and administrative system throughout all installations. This architecture streamlines the education of setup, tracking, support, and security staff. To further reduce operations costs, Cisco ASA 5500 Series firewalls are also exceptionally network conscious, enabling these devices to insert seamlessly into the network without interfering with legitimate data flow and applications.
How Progent's Cisco Certified Experts Can Help Your Business with Cisco PIX and ASA Security Appliances
Cisco ASA Series firewalls and PIX family security appliances incorporate an array of setup, tracking, and analysis options that offer you the flexibility to deploy these firewalls to align optimally with your business needs. Progent's CCIE authorized network professionals can assist you to support your existing network infrastructure that incorporates Cisco ASA or PIX firewall technology and that offers protection, resilience, performance, and manageability. Progent can also help your organization to migrate to ASA 5500-X firewalls with Firepower Services.
Progent's CISA and CISSP-ISSP-certified information security consultants can assist you to develop a security strategy appropriate for your environment and can set up your security appliance to enforce your security strategy. Progent's risk evaluation consultants can assess the effectiveness of your current firewall solution and validate the security of your whole IT network. Progentís Technical Response Center (TRC) can deliver emergency remote technical support for Cisco technology and offer fast access to a Cisco expert.
To find out additional information concerning Progent's professional expertise for Cisco networking products, pick a subject:
In order to contact Progent about professional support for Cisco networking, call 1-800-993-9400 or visit Contact Progent.