Cisco's PIX security appliances and ASA 5500 Series adaptive security appliances integrate next-generation firewall, intrusion defense, and Virtual Private Network (VPN) functionality in an affordable, one-cabinet format. Both product families have been replaced by the ASA 5500-X family of security appliances with Firepower. (See integration and debugging support for Cisco AA 5500-X firewalls with Firepower Services.) Still, PIX and previous-generation ASA 5500 Series adaptive security appliances are extensively used and continue to provide small and mid-size organizations a viable firewall environment.
Cisco PIC and legacy ASA 5500 firewalls offer powerful user and program policy enforcement, mutlivector assault defense, and secure access features. The enhanced intelligence sharing of consolidated protection services in a single platform offers customers implementing these integrated solutions the advantages of advanced security, lower cost of ownership, and minimal maintenance expense.
PIX security appliances and Cisco's ASA 5500 family combine with Cisco IOS Firewall, the FWSM for Catalyst 6500 Series switches, and Cisco 7600 Series routers as parts of Cisco's versatile, self-contained firewall line. Based on an expandable, modular approach, each device is equipped with a particular array of options to deliver better protection to different network environments. These products can be individually deployed to secure certain areas of the network environment, or can be grouped for a systematic, protection-in-depth approach based on the architecture leading practices outlined in Cisco's SAFE Blueprint. Rounding out the integrated firewall solutions, Cisco provides a comprehensive security management catalog, ranging from Cisco security device and Cisco IOS Software security features and built-in device controllers, to self-contained management utilities, helping to ensure that customers can productively manage their Cisco protection infrastructure purchases.
PIX Firewall Appliances
Cisco PIX Security Appliance Series deliver robust user and application policy support, multi-source invasion defense, and safe connectivity features in cost-effective, simple-to-configure solutions. These specialized appliances provide a broad range of integrated security and connectivity services including application-aware firewall services, Voice over IP and multimedia protection, robust site-to-site and remote-access IP Security VPN connectivity, fault tolerance, smart networking services, and versatile management solutions. The Cisco PIX firewall Appliance product line spans small plug-and-play desktop units for small and home offices to stackable gigabit appliances with ROI for large business and ISP customers, PIX firewall appliances deliver dependable security, speed, and reliability for environments of all sizes.
Built upon a tested, specialized operating system that delivers rich security features, PIX firewall appliances offer a high level of protection and have received EAL 4 status and ICSA Firewall and IP Security certification. Cisco PIX firewalls provide security for a wide array of VoIP and other multimedia standards such as H.323 Version 4, Session Initiation Protocol, SCCP, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol (MGCP), helping organizations to safeguard installations of a broad range of current and upcoming IP voice and mixed-media applications.
Cisco PIX firewalls feature a wealth of configuration, tracking, and troubleshooting options, providing IT managers the flexibility to utilize the methods that best match their requirements. Administrative solutions include centralized, policy-based administration utilities, integrated web-accessible management, and compatibility with remote-tracking standards such as Simple Network Management Protocol and syslog. The integrated Adaptive Security Device Manager interface offers a world-class web-based management solution that greatly streamlines the installation, in-place modification, and tracking of a specific PIX firewall without the need of any extra software beyond a standard browser and Java applet to be installed on a manager's computer.
IT managers can furthermore remotely configure, monitor, and analyze PIX firewall appliances via a command-line interface. Secure CLI interface communication is possible using several methods such as Secure Shell Protocol, Telnet over IPsec, and out-of-band through a console port. PIX firewalls also include robust automatic-update capabilities, a set of secure remote-administration services that make sure that security configurations and software images are always current.
Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco Adaptive Security Appliances 5500 Series Firewalls are specially engineered devices that incorporate advanced, best-of-breed security and VPN support plus a flexible design. The end product is a robust, multifunction network security appliance better able to defend small and medium company and larger networks and, simultaneously, reduce the overall installation and maintenance expenses formerly associated with this high level of security.
Cisco ASA 5500 Series Firewalls leverage technology developed for Cisco's PIX 500 Series Security Appliance, the IPS 4200 sensor, and the VPN 3000 family concentrator. These technologies converge on the Cisco Adaptive Security Appliances 5500 Series Firewall family to offer a firewall that stops a broad range of threats. Cisco Adaptive Security Appliances 5500 Series Firewalls deliver program protection, network containment, and safe Virtual Private Network connectivity across Cisco's product line. This breadth of protection allows the guarding of any network area, which includes the most common threat vectors such as remote locations, locally-connected inside users, and remote access VPNs.
Cisco ASA firewalls provide strong application protection via smart, application-aware inspection processes that examine traffic at Layers 4-7. This produces a more secure network covering web, voice, and mobile wireless access. To protect environments against application-layer assaults and to give organizations greater control over the applications and protocols used in their environments, Cisco's inspection engines integrate broad application and protocol knowledge and employ protection enforcement technologies that include protocol anomaly detection and application and protocol state tracking. Also incorporated are assault detection and mitigation technology including application and protocol command filters and content verification. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also provide control over instant messaging and peer-to-peer file sharing, enabling organizations to police usage policies and preserve bandwidth for crucial business processes.
At the same time as increasing network protection, Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls also lower deployment and support costs. By offering extensive Virtual Private Network and security services, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as the the only platform for many environments, enabling product commonality. The Cisco ASA firewall can be deployed as a converged attack-prevention device at the datacenter by taking advantage of its connectivity control, process inspection, and malware mitigation technologies. The Cisco Adaptive Security Appliances 5500 Series firewall can also be used as a dedicated remote connectivity device utilizing its Virtual Private Network features. Alternatively, the Cisco Adaptive Security Appliances 5500 Series firewall operates capably inside the network for inter-office access control and to guard against worms, viruses, and other malicious code inside users may unwittingly introduce into the network. For small company and satellite office environments, the Cisco Adaptive Security Appliances 5500 Series firewall serves as an all-in-one platform offering complete intrusion prevention and VPN services while fitting within the budgets and performance demands of these deployments.
This adaptive one-platform, multiple-use design minimizes the number of devices that must be deployed and managed while offering a common functional and administrative environment across all those deployments. This architecture streamlines the training of configuration, monitoring, support, and security staff. To further reduce operations costs, Cisco ASA 5500 Series firewalls are also exceptionally network conscious, enabling these devices to insert gracefully into the network without interfering with legitimate traffic and processes.
How Progent's Consultants Can Assist Your Business with Cisco PIX and ASA Security Appliances
Cisco's ASA Series adaptive security appliances and PIX firewalls provide an array of configuration, monitoring, and analysis options which give you the flexibility to configure these security appliances to match your company's requirements. Progent's CCIE certified network professionals can help you to maintain your current infrastructure that incorporates Cisco ASA or PIX firewall technology and that offers protection, fault tolerance, throughput, and manageability. Progent can also help you to migrate to ASA 5500-X firewalls with Firepower Services.
Progent's GISA and CISM-certified information security consultants can assist your business to develop a security policy that makes sense for your environment and can set up your PIX or ASA firewall to support your security strategy. Progent's security evaluation consultants can evaluate the strength of your existing firewall solution and help determine the security of your whole IT network. Progentís Help Desk support team can provide urgent online troubleshooting for Cisco technology and offer quick access to a Cisco expert.
For additional information concerning Progent's engineering assistance for Cisco technology, select a subject:
In order to ask Progent about engineering support for Cisco products, call 1-800-993-9400 or refer to Contact Progent.