n n n

Cisco ASA Implementation

Customer Need

  1. Old Juniper SSG firewall lacked Layer 7 visibility, and other NGFW capabilities such as content/URL filtering, and malware protection. The legacy firewall was not setup with High Availiabilty (HA) unit for redundancy.
  2. The client was not able to see what kind of applications were going in and out of the network.
  3. The network was not protected against malware, or intrusion attacks.
  4. The network also lacked the resiliency that redundant firewalls provide.
  5. The Juniper firewall reached EOL status.
  6. The client was experiencing an unbalanced routing issue, where the Email Security Appliance (ESA) was sending and receiving traffic on two different interfaces.



  1. The new firewall needed to provide Next-Gen (NGFW) capabilities, and meet the potential growth for Internet bandwidth usage
  2. A pair of the Cisco ASA firewalls with FirePOWER services was chosen as the solution
  3. The ASA has Next-Gen (NGFW) capabilities that addressed all the short comings from the old Juniper firewall
  4. The Email Security Appliance was re-configured to route traffic in and out of the same interface


s4nets worked with a local healthcare provider who was experiencing a malware and intrusion attack due to unprotected network.  The network was lacking resilience which was a direct result of not having redundant firewalls. Unfortunately, the firewall that was in place lacked Application Layer (Layer 7) visibility and other Next-Gen (NGFW) capabilities, such as content or URL filtering and malware protection. The firewall was also close to reaching its End-of-Life status, meaning no future upgrades would be released for the unit. Additionaly, the client was experiencing unbalanced routing issues.


Equipped with over ten years of experience in enterprise networking and the knowledge of how to properly integrate the firewalls into the network, s4nets engineers designed and implemented the new firewall network. The team implemented the new solution by providing Next-Gen Firewall capabilities to meet the potential growth for internet bandwidth usage. The implementation of the project provided a better business continuity without an outage due to hardware failure. The new firewall provided resiliency, and NGFW capabilities to protect the client’s network from malware and malicious activities.



  1. The redundant ASA with FirePOWER services now provides resiliency, and Next-Gen (NGFW) capabilities to protect the client’s network from malware and malicious activities
  2. The Hospital was able to de-commission the IronPort Web Sescurity Appliance, since the ASA with FirePOWER now provides URL-filter services
  3. The client now has application level visibility into exactly what kind of traffic is going in and out of their network
  4. The redundant units provide better business continuity, preventing an outage due to hardware failure



Network Security


June 23, 2017