Cisco PIX family firewalls and Cisco ASA 5500 Series adaptive security appliances combine next-generation firewall, intrusion protection, and Virtual Private Network functionality in an economical, single-cabinet package. Both product lines have been replaced by Cisco's ASA 5500-X family of firewalls with Firepower. (See configuration and troubleshooting support for Cisco AA 5500-X firewalls with Firepower Services.) Still, PIX and previous-generation Cisco ASA 5500 Series firewalls are extensively used and continue to offer small and mid-size companies a reliable firewall solution.
Cisco PIC and legacy ASA 5500 firewalls deliver robust user and program policy enforcement, mutlivector assault protection, and secure connectivity features. The increased intelligence sharing of consolidated protection features in a single platform provides users deploying these integrated solutions the advantages of enhanced protection, reduced cost of ownership, and minimal management expense.
Cisco PIX security appliances and the ASA 5500 Series combine with IOS Firewall, the Firewall Services Module for Catalyst 6500 Series switches, and 7600 family routers as components of Cisco's versatile, integrated firewall product. Based on an expandable, modular approach, every offering is equipped with a specific feature set to deliver more efficient protection to a variety of networking environments. These products can be independently deployed to secure specific facets of the connectivity infrastructure, or can be combined for a systematic, protection-in-depth approach based on the architecture leading practices outlined in Cisco's SAFE framework. Completing the integrated firewall product line, Cisco has developed a complete security management offering, ranging from Cisco security appliance and IOS Software security features and built-in appliance controllers, to self-contained management programs, helping to make sure that businesses can productively use their Cisco security infrastructure purchases.
Cisco PIX Firewall Appliances
Cisco PIX Security Appliance Series deliver reliable policy enforcement, multi-source attack protection, and safe networking features in cost-effective, simple-to-configure modules. These specialized appliances provide a wealth of integrated protection and connectivity capabilities such as application-aware firewall services, VoIP and multimedia security, reliable multi-location and remote-connectivity IP Security VPN connectivity, excellent resiliency, smart networking services, and versatile management solutions. The Cisco PIX Security Appliance Series family ranges from compact plug-and-go devices for small and at home offices to modular high-bandwidth appliances with ROI for enterprise and service-provider customers, Cisco PIX firewalls provide dependable security, performance, and reliability for networks of all sizes.
Based upon a hardened, specialized software platform that delivers rich security features, PIX security appliances provide a high level of security and have earned Common Criteria Evaluation Assurance Level 4 status and ICSA Labs Firewall and IPsec qualification. Cisco PIX firewall appliances provide security for a wide array of VoIP and other multimedia conventions including H.323 Version 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol, RTSP, and MGCP, enabling businesses to protect installations of a broad range of contemporary and upcoming VoIP and multimedia applications.
Cisco PIX firewalls feature a variety of setup, tracking, and troubleshooting options, providing IT managers the versatility to utilize the methods that most closely meet their needs. Administrative options include common, policy-based management utilities, integrated web-based administration, and support for remote-tracking standards like SNMP and syslog. The integrated ASDM system provides a powerful web-based control platform that greatly simplifies the deployment, in-place modification, and monitoring of a specific PIX firewall appliance without the need of any extra software other than a standard browser and Java plug-in to be running on an administrator's PC.
IT managers can also remotely configure, monitor, and analyze PIX firewall appliances via a command-line interface. Safe CLI interface communication is possible using a number of techniques such as Secure Shell Protocol, Telnet over IPsec, and out-of-band through a console port. Cisco PIX firewalls also include robust automatic-update features, a set of secure remote-management options that ensure security configurations and software images are always up to date.
Cisco Adaptive Security Appliances 5500 Series Firewalls
Cisco ASA 5500 Series Firewalls are specially engineered solutions that incorporate market-proven, best-of-breed security and Virtual Private Network support with an adaptive architecture. The result is a powerful, versatile network protection appliance better able to defend small and medium business and enterprise networks and, at the same time, reduce the total installation and operations costs previously required for this enhanced level of protection.
Cisco Adaptive Security Appliances Firewalls leverage technology behind the Cisco PIX 500 Security Appliance, the Cisco IPS 4200 Intrusion Prevention System, and Cisco's VPN 3000 model concentrator. These solutions converge on the Cisco Adaptive Security Appliances 5500 Series Firewall product line to deliver a platform that stops a broad range of threats. Cisco Adaptive Security Appliances 5500 Series Firewalls provide program protection, network containment, and clean Virtual Private Network functionality across Cisco's product line. This breadth of protection allows defense of any network section, including the most common threat vectors such as remote locations, locally-connected inside users, and off-site access VPNs.
Cisco Adaptive Security Appliances firewalls deliver robust application protection through intelligent, application-aware inspection processes that examine network flows at Layers 4-7. This results in a more secure network including web, voice, and mobile wireless connectivity. To protect networks from application-layer assaults and to give businesses more policing of the applications and protocols utilized in their networks, these inspection engines integrate extensive application and protocol knowledge and rely on protection enforcement technologies such as protocol anomaly detection and application and protocol state monitoring. Also incorporated are attack detection and remediation techniques including application/protocol command filtering and content verification. Cisco Adaptive Security Appliances 5500 Series firewall inspection engines also provide control over instant messaging and tunneling applications, allowing organizations to enforce usage policies and free up network bandwidth for important business applications.
While increasing security, Cisco Adaptive Security Appliances (ASA) 5500 Series firewalls also decrease deployment and operational costs. By offering extensive Virtual Private Network and protection functions, the Cisco Adaptive Security Appliances (ASA) 5500 Series firewall can be a the only platform for many environments, allowing platform standardization. The Cisco Adaptive Security Appliances (ASA) firewall can be used as a consolidated threat-prevention device at the datacenter by leveraging its connectivity control, process inspection, and malware remediation capabilities. The Cisco ASA 5500 Series firewall can also be deployed as a dedicated remote connectivity device utilizing its Virtual Private Network capabilities. Alternatively, the Cisco ASA firewall serves equally well in the network interior for interdepartmental access control and to guard against malicious assaults internal workers may inadvertently release into the network. For small company and satellite office environments, the Cisco ASA firewall serves as a total solution device offering comprehensive threat prevention and Virtual Private Network services while fitting within the budgets and performance demands of these situations.
This adaptive single-platform, many-solution approach reduces the total number of appliances that must be installed and maintained while providing a common operating and administrative environment throughout all installations. This architecture streamlines the education of configuration, tracking, troubleshooting, and security staff. To further reduce operations expenses, Cisco Adaptive Security Appliances 5500 Series firewalls are also highly network aware, enabling these devices to integrate gracefully into the environment without disrupting legitimate data flow and processes.
How Progent Can Help You with Cisco PIX and ASA Security Appliances
Cisco ASA 5500 Series firewalls and PIX firewalls incorporate an array of configuration, monitoring, and analysis options which give you the flexibility to deploy these security appliances to align optimally with your company's requirements. Progent's CCIE authorized network experts can show you how to support your current network infrastructure that includes Cisco ASA or PIX security appliances and that provides security, resilience, throughput, and recoverability. Progent's firewall experts can also assist your organization to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.
Progent's CISA and CISSP-ISSP-premier information security professionals can help you to develop a security strategy appropriate for your business and can set up your security appliance to enforce your security policies. Progent's security evaluation professionals can assess the strength of your current firewall deployment and validate the security of your whole information system network. Progent’s Help Desk support team can provide emergency remote troubleshooting for Cisco technology and offer fast access to a Cisco CCIE expert.
To see more details about Progent's professional support for Cisco technology, select a topic:
If you wish to ask Progent about engineering help for Cisco products, phone 1-800-993-9400 or refer to Contact Progent.