Cisco's PIX family security appliances and Cisco ASA Series firewalls integrate next-generation firewall, intrusion protection, and VPN technologies in a cost-effective, single-cabinet format. Both of these product lines have been replaced by Cisco's ASA 5500-X line of security appliances with Firepower Services. (See integration and debugging support for ASA 5500-X firewalls with Firepower Services.) Nevertheless, both PIX and first-generation ASA 5500 Series adaptive security appliances are widely used and continue to provide small and mid-size organizations a viable security environment.
Cisco PIC and the original ASA 5500 firewalls offer robust client and application policy support, mutlivector assault protection, and safe access services. The enhanced knowledge sharing of integrated security features in a stand-alone package provides customers deploying these integrated firewalls the advantages of advanced protection, reduced cost of ownership, and smaller maintenance expense.
PIX security appliances and the ASA 5500 Series combine with IOS Firewall, the Firewall Services Module for Catalyst 6500 Series switches, and 7600 routers as components of Cisco's flexible, integrated firewall line. Engineered with a scalable, building-block approach, every offering is equipped with a specific feature set to provide more efficient protection to a variety of networking environments. These solutions can be independently installed to protect specific areas of a network infrastructure, or can be grouped for a layered, protection-in-depth approach based on the architecture leading practices outlined in Cisco's SAFE framework. Completing the modular firewall product line, Cisco has developed a complete security management portfolio, spanning Cisco security appliance and IOS security features and built-in appliance managers, to self-contained management utilities, moving to make sure that customers can productively use their Cisco protection solution purchases.
PIX Firewalls
Cisco PIX Security Appliance Series offer reliable user and application policy enforcement, multi-source invasion defense, and secure connectivity services in cost-effective, easy-to-deploy modules. These specialized devices offer a wealth of built-in security and connectivity services such as application-aware firewall features, Voice over IP and multimedia protection, robust multi-site and remote-access IP Security VPN connectivity, excellent resiliency, smart networking services, and flexible management options. The Cisco PIX firewall Appliance family spans compact plug-and-play appliances for small offices and at home offices to modular gigabit appliances with ROI for enterprise and ISP customers, PIX Security Appliance Series provide high levels of security, speed, and reliability for environments of any size.
Based around a tested, purpose-built operating system that offers rich security services, Cisco PIX firewall appliances provide a high level of security and have earned EAL 4 status and ICSA Firewall and IP Security certification. Cisco PIX firewall appliances provide protection for a broad array of Voice over IP and additional multimedia standards including H.323 v. 4, SIP, Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), and MGCP, helping businesses to protect installations of a wide array of contemporary and next-generation Voice over IP and multimedia applications.
Cisco PIX firewall appliances offer a variety of configuration, monitoring, and troubleshooting options, giving IT managers the flexibility to utilize the methods that best meet their requirements. Administrative solutions include centralized, policy-based management utilities, integrated web-based management, and compatibility with remote-monitoring standards like Simple Network Management Protocol (SNMP) and syslog. The integrated Cisco Adaptive Security Device Manager (ASDM) interface provides a world-class web-accessible management solution that significantly simplifies the installation, in-place modification, and monitoring of a specific PIX firewall without requiring any additional utility beyond an ordinary browser and Java plug-in to be installed on a manager's computer.
IT managers can also remotely configure, monitor, and troubleshoot Cisco PIX firewall appliances via a command-line interface. Secure CLI interface communication is possible through several methods such as Secure Shell Protocol, Telnet over IPsec, and out-of-band through a console port. Cisco PIX security appliances also include robust auto-update capabilities, a collection advanced secure remote-management services that make sure that firewall settings and software images are kept current.
Cisco ASA 5500 Series Firewalls
Cisco ASA 5500 Series Firewalls are purpose-built devices that incorporate advanced, best-of-breed protection and Virtual Private Network services with a flexible design. The result is a robust, versatile network protection appliance better suited to protect small and midsize company and enterprise networks and, at the same time, reduce the total deployment and operations costs formerly required for this high level of protection.
Cisco Adaptive Security Appliances (ASA) firewalls provide strong application security through smart, application-sensitive inspection engines that analyze network flows at Layers 4-7. This results in a safer environment covering web, voice, and mobile wireless connectivity. To protect networks against application-layer assaults and to give organizations more control over the programs and protocols utilized in their networks, Cisco's inspection engines incorporate extensive application and protocol knowledge and rely on protection enforcement solutions such as protocol anomaly detection and state monitoring. Also included are assault detection and mitigation technology including application and protocol command filters and content verification. Cisco Adaptive Security Appliances (ASA) firewall inspection engines also deliver control over instant messaging and peer-to-peer file sharing, allowing organizations to enforce usage policies and preserve network bandwidth for important business applications.
While increasing security, Cisco ASA firewalls also lower installation and operational expenses. By offering broad Virtual Private Network and protection services, the Cisco Adaptive Security Appliances 5500 Series firewall can be used as the the only platform for a multitude of environments, enabling product commonality. The Cisco ASA 5500 Series firewall can be deployed as a consolidated threat-prevention appliance at the datacenter by leveraging its access control, process inspection, and worm, virus, and other malware remediation capabilities. The Cisco ASA 5500 Series firewall can also be used as a dedicated remote connectivity device utilizing its VPN features. As another option, the Cisco Adaptive Security Appliances 5500 Series firewall performs equally well inside the network for interdepartmental access management and to guard against worms, viruses, and other malicious code inside users might inadvertently introduce into the environment. In small company and branch office environments, the Cisco ASA 5500 Series firewall serves as an all-in-one platform offering complete threat prevention and Virtual Private Network functionality while fitting within the budgets and operational models of these deployments.
This versatile one-platform, many-solution design reduces the total number of appliances that need to be deployed and managed while offering a standard operating and administrative system across all those installations. This architecture simplifies the education of setup, tracking, support, and protection personnel. To further minimize operations expenses, Cisco Adaptive Security Appliances (ASA) firewalls are also exceptionally network conscious, enabling these devices to integrate seamlessly into the environment without disrupting authorized data flow and applications.
How Progent Can Assist Your Business with Cisco Firewalls
Cisco ASA Series firewalls and PIX family security appliances provide a wealth of configuration, monitoring, and analysis features that offer you the ability to set up these firewalls to align optimally with your business needs. Progent's CCIE certified network professionals can help you to support your current network infrastructure that incorporates Cisco ASA or PIX firewall technology and that provides security, resilience, throughput, and recoverability. Progent's firewall experts can also help you to upgrade to Cisco ASA 5500-X firewalls with Firepower Services.
Progent's GISA and CISM-certified IS security experts can help you to develop a security policy appropriate for your environment and can set up your security appliance to enforce your security strategy. Progent's security assessment consultants can assess the effectiveness of your current firewall solution and validate the overall security of your entire information system network. Progent's Help Desk Call Center can deliver urgent remote troubleshooting for Cisco technology and can give you quick access to a Cisco CCIE network engineer.
To find out additional information concerning Progent's consulting support for Cisco networking products, choose a subject: