Cisco's PIX firewalls and ASA Series firewalls integrate comprehensive firewall, intrusion defense, and VPN features in an economical, one-box package. Both product families have been superseded by the ASA 5500-X line of firewalls with Firepower. (Refer to integration and debugging help with ASA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and previous-generation ASA 5500 model adaptive security appliances are widely deployed and continue to deliver small and mid-size companies a reliable security environment.
PIX and legacy ASA 5500 firewalls deliver robust client and program policy support, mutlivector assault protection, and safe access services. The enhanced knowledge sharing of consolidated security features in a stand-alone package offers customers deploying these aggregated solutions the benefits of advanced protection, lower TCO, and minimal management costs.
PIX firewalls and Cisco's ASA 5500 Series combine with Cisco IOS Firewall, the Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series switches, and 7600 family routers as parts of Cisco's flexible, integrated firewall solutions. Based on a scalable, modular approach, each device is designed with a specific feature set to provide better protection to a variety of networking environments. These solutions can be independently deployed to protect certain areas of a connectivity environment, or can be combined for a layered, defense-in-depth strategy following the design leading practices outlined in Cisco's SAFE Blueprint. Rounding out the modular firewall solutions, Cisco has developed a comprehensive security management portfolio, spanning Cisco security appliance and Cisco IOS security features and built-in appliance managers, to self-contained management utilities, moving to make sure that businesses can productively use their Cisco security solution purchases.
PIX Security Appliance Series
PIX Security Appliance Series deliver robust user and application policy support, multi-source invasion defense, and safe networking features in affordable, easy-to-deploy solutions. These specialized appliances offer a broad range of built-in protection and connectivity capabilities including process-aware firewall features, VoIP and multimedia security, robust site-to-site and remote-connectivity IPcec VPN connectivity, excellent resiliency, smart networking features, and flexible management options. The Cisco PIX firewall product line ranges from compact plug-and-go appliances for small and home offices to modular gigabit products with ROI for enterprise and ISP customers, Cisco PIX firewall appliances deliver high levels of protection, speed, and availability for environments of any size.
Based around a tested, purpose-built software platform that offers a wealth of security services, PIX security appliances provide a high level of protection and have earned EAL 4 status and ICSA Labs Firewall and IPsec qualification. PIX security appliances provide protection for a broad range of VoIP and other mixed-media conventions such as H.323 Version 4, SIP, SCCP, Real-Time Streaming Protocol (RTSP), and Media Gateway Control Protocol, enabling businesses to protect deployments of a wide array of contemporary and upcoming IP voice and video applications.
PIX firewall appliances offer a variety of configuration, tracking, and analysis options, giving IT managers the versatility to use the methods that most closely match their requirements. Management solutions include centralized, policy-based administration utilities, integrated web-based administration, and compatibility with remote-monitoring standards like SNMP and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) system provides a world-class web-accessible management solution that greatly streamlines the installation, in-place modification, and monitoring of a specific Cisco PIX firewall without the need of any extra utility other than a standard browser and Java applet to be running on an administrator's computer.
IT managers can also remotely set up, monitor, and analyze PIX security appliances via a CLI interface. Safe command-line interface (CLI) communication is possible through several techniques including SSHv2 Protocol, Telnet over IP Security, and out-of-band through a console port. Cisco PIX security appliances also include dependable automatic-update features, a collection advanced protected remote-management options that ensure security configurations and software images are always current.
Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco Adaptive Security Appliances (ASA) 5500 Series Firewalls are specially engineered solutions that incorporate advanced, best-of-breed security and VPN support plus a flexible architecture. The result is a powerful, multifunction network security appliance better suited to protect small and midsize company and enterprise networks and, simultaneously, reduce the total installation and operations costs formerly required for this enhanced degree of security.
Cisco Adaptive Security Appliances firewalls provide a high-level of application security via intelligent, application-sensitive inspection engines that analyze traffic at Layers 4-7. This results in a more secure environment covering web, voice, and mobile wireless access. To protect environments against application-layer attacks and to give businesses greater policing of the applications and protocols used in their environments, these inspection engines incorporate broad application and protocol knowledge and rely on protection enforcement technologies that include protocol anomaly detection and state monitoring. Also included are assault detection and remediation techniques including application/protocol command filtering and content verification. Cisco ASA 5500 Series firewall inspection engines also deliver management of instant messaging and tunneling applications, allowing businesses to enforce usage policies and conserve bandwidth for important business applications.
At the same time as increasing network protection, Cisco Adaptive Security Appliances firewalls also decrease installation and operational expenses. By providing extensive VPN and security functions, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be used as the single device for a multitude of environments, allowing product standardization. The Cisco Adaptive Security Appliances firewall can be deployed as a converged attack-protection appliance at the datacenter by taking advantage of its connectivity control, process inspection, and malware remediation capabilities. The Cisco Adaptive Security Appliances firewall can also be deployed as a specialized remote connectivity solution using its VPN capabilities. As another option, the Cisco Adaptive Security Appliances (ASA) firewall serves equally well in the network interior for inter-office access management and to guard against worms, viruses, and other malicious code internal workers might inadvertently release into the network. In small business and satellite office networks, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall acts as an all-in-one device offering comprehensive threat prevention and VPN services while fitting within the budgets and operational demands of such situations.
This versatile one-device, multiple-solution design reduces the number of appliances that need to be installed and managed while providing a common functional and management system across all those installations. This approach simplifies the training of configuration, monitoring, troubleshooting, and security personnel. To further minimize maintenance expenses, Cisco ASA 5500 Series firewalls are also highly network aware, allowing them to insert seamlessly into the environment without interfering with authorized data flow and processes.
How Progent's Cisco Certified Experts Can Assist Your Business with Cisco Firewalls
Cisco ASA 5500 Series adaptive security appliances and PIX security appliances provide an array of setup, monitoring, and analysis options which give you the flexibility to deploy these security appliances to align optimally with your business requirements. Progent's CCIE authorized network professionals can show you how to support your existing infrastructure that incorporates Cisco ASA or PIX security appliances and that provides protection, fault tolerance, throughput, and recoverability. Progent can also help your organization to migrate to ASA 5500-X firewalls with Firepower Services.
Progent's CISA and CISSP-ISSP-certified IS security experts can assist you to develop a security policy that makes sense for your environment and can configure your firewall to support your security policies. Progent's risk assessment experts can evaluate the strength of your existing firewall deployment and audit the overall security of your entire information system network. Progent's Help Desk Call Center can deliver urgent remote technical support for Cisco products and can give you quick access to a Cisco CCIE expert.
To see more information concerning Progent's engineering expertise for Cisco products, pick a topic: