Cisco IOS Security Reviews

We employ a firewall to safeguard our secret clusters within our infrastructure. Additionally, we utilize panels such as Internet panels, which handle a substantial amount of security traffic, including handheld products. This setup extends to our routers and connector switches as well. 

There is a positive impact on security, particularly the intrusion feature, which helps keep the solution concealed and secure. It's a valuable aspect of the solution that we find favorable, and it enhances overall security across the board.

We’ve implemented the Cisco firewall along with additional security licenses. These licenses have been configured and the system is adequately protected. The entire process takes some time, but the most time-consuming part is creating the region and applying the necessary security policies to it.

I have been using Cisco IOS Security for some time.

It is a scalable solution.

The technical support is good. 

I find their configuration somewhat complex, which has led to some challenges on our end. Additionally, there's an issue with false positives. While they aren't major, they do have a significant impact and contribute to higher costs. We aim to minimize or optimize these aspects of the solution. It takes less than one day to deploy the solution. 

It is worth it.

We need to pay for the license and it is expensive.

If you want to improve our infrastructure, you should consider implementing Cisco with appropriate configuration, along with a software-defined network and architecture.

I rate the overall solution an eight out of ten. 

The primary use case of the solution is firewall protection.

The most valuable feature is endpoint protection.

The security of the solution has room for improvement.

The solution is complex and can be more user-friendly.

The stability and scalability can be improved.

I have been using the solution for over one year.

The solution is not stable.

The solution doesn't have the proper bandwidth source to be scalable.

The initial setup is straightforward.

The deployment takes about two hours.

I give the solution a six out of ten.

We have over 1,000 people using the solution in our organization.

We require around ten people for the deployment and maintenance of the solution.

I do not recommend the solution because it is not secure and is complex.

Some of our uses for this product are on-premise-based and then some are cloud-based. Mostly, we are cloud-based right now because we are getting away from physical architecture moving forward into the cloud as is Cisco. It allows going from considering CapEx (Capital Expenditure) to OpEx (Operating Expense, Operating Expenditure). That is one of the important things that it allows us to do. It is easier to have solutions cloud-based when it makes sense. All the updates and maintenance get taken care of on their side which is a benefit.  

On the cloud, we have both public and private services. It depends on what we are doing. If we have a client that is a hospital, they have got to be HIPAA (Health Insurance Portability and Accountability Act) compliant. We also recommend private cloud services for some huge retailers that have to be PCI (Payment Card Industry) compliant.  

We use it mostly just for prevention. Basically to prevent unauthorized use of network resources. They use it for routing capabilities, threat mitigation, worms, and viruses. A lot of times, it is used for the network application layer threat.  

The solution does not do anything for us directly as we use it with other clients. We are a large IT company. We hear from clients who tell us what they want. We just find solutions for what they tell us they need. Everyone has a different flavor of what they are looking for and what they are looking to fix.  

The Cisco IOS (Internetwork Operating System) firewalls are mostly set up for branch offices in small to medium business environments or for managed services. Those are the clients we usually use this solution for. It is usually only used for a specific thing to fill a specific need. It might be NAT (Network Address Translation), it might be a guideline or restrictions, it might be that they can have the option to make a solution work on cloud or on-premises. It could be deployed so they have the option to either use CapEx or OpEx. It helps to create options for those types of things.  

I would say that the most valuable thing is probably the Application Visibility and Control which is how it controls the application traffic on the network. I like the IPS (Intrusion Prevention System), the IOS content filtering, and the NAT network translation. I like the way it completely integrates branch offices in our perimeter security.  

A few things have room for improvement in your opinion. That would start with cost. Cisco products are more expensive than the competition, but the additional cost usually gets absorbed by the name recognition. Most people have Cisco or have familiarity with it, so they go with it. If they want the top quality product, they immediately feel comfortable with the Cisco name brand. That is where we come in as consultants. We bend over backward to make product comparisons and framing for solving the needs posed by an organization. I see something is a better fit for them that they could use. It would reduce their CapEx, their expenses, and it would fit them better all at the same time. The client may still want Cisco despite the recommendation that we make. But usually, that is what it is. Cisco fits, and if they want to spend the money, we make sure that it is within their budget. They feel more comfortable with Cisco, and they have had Cisco in the past, so we go with Cisco then.  

Cisco is great. A lot of the tech companies are doing really well. But Cisco is still in the forefront. They are on top of this category of products. I can not think of anything else they could do because they cover pretty much everything that you would need a firewall for. Then you get Cisco's support behind the products.  

I would think it would be a lot better for us and we could make more money if we try to recommend that clients put drop-in boxes at every location. But we do not choose to do that unless there is a purpose for it. In most cases, we would prefer clients to go the OpEx route. It takes a lot to offset the cost of Cisco so if they are going to do a cloud solution, their costs are metered per month by whatever solution they have. That is a lot better for projecting costs, and then there is the benefit of everything being upgraded in the cloud for them. They do not have to worry about anything. It just works.  

We have been using Cisco for as long as Cisco has been around. It is hard to answer the question of when, exactly, we started using this product because they have been upgrading or changing the product as it evolved over the years. It is basically the same foundation and they build upon that over time. I can just say that we have been either using this product or something very similar for a long time.  

Cisco IOS Security is stable, very stable.  

The capabilities for scalability with this product are huge. It is very scalable.  

A lot of our clients have a small main office with accounting and human resources that are headquarter-based. Most of them have other remote sites and branch offices. Whether it is a bank or a finance company, it is easy for employees in those particular roles to be able to pull applications down. It takes a lot of stuff off what would have to be handled by the network firewall. They do not have to worry about so many threats when they are bringing up applications to use and if there are compliance or regulating issues that they have to be aligned with. But that is the type of environment where this product can be used to scale effectively.  

Cisco's technical support is very good. There are a couple of competing products that I know do not have support that is as good. Palo Alto does not have particularly good technical support, for example, but most of the rest of them do. Even so, Cisco is head-and-shoulders above all of them.  

For tech support, independent of the cost of the product, I would definitely give Cisco a ten-out-of-ten.  

We just had a client go with Cisco Meraki and we put a couple of those in. Then we had a Cisco Nexus installation and they topped that by integrating it with perimeter firewalls for their remote locations or branches.  

We currently use really any brand of product in consideration for our consultations. There is not any particular brand we are married to, and we have used them all, pretty much. We do not use all the solutions ourselves. We get feedback from our clients and the companies we do work for. All the clients that we get give us pretty good feedback on the recommendations and the products that they end up using. Otherwise, they would be angry with us. What we recommend has to fit their particular niche and that is what we have to be good at identifying.  

For instance, if a client comes to me and describes how their organization is set up, we react to that. If they say they are a finance company and they have accounting and finance concerns, there are some pain points that they are going to have solved. One of those is application-specific. Then you have to layer that with your regulatory concerns. HIPAA compliance is something I encounter with finance companies, banks, and medical facilities. Those types of companies do very well with CloudGenix because CloudGenix is application-specific. If you put their firewalls in place, those would be a good fit for that type of client. For everything else — manufacturing and all the others and things like that — Cisco would be number one. They outweigh the competition in terms of different companies that they fit niches for better because of the range and flexibility of the solutions.  

If the client's needs are application-based, then we start looking at another way with another solution. But Cisco does great with being PCI and HIPAA compliant and all that, but if you only consider Cisco for every installation, that means you are pulling everything from one pool. You are not looking closely at the specifics.  

I think that the initial setup is very straightforward. Most of the firewalls are straightforward and not too complex. When you are setting up a network with something like Merakis, or if you are looking at working with CloudGenix, then that is where you start to get a separation of difficulty in installation and will notice that it becomes a little bit harder to set up.  

My advice to people and companies considering this solution is to just do the research. Do compatibility research to compare with the other solutions that are out there. Definitely make sure that the firewall you choose is designed for your network architecture, application-layer attacks, and virus and worm protection. If that coverage is what you are looking for and you have an analog phone system. You might not be ready to go to VoIP (Voice over Internet Protocol) yet because you do not want to lose the phones that you have got. Some people add to that base as they scale. We can use something called SIPs (Session Initiation Protocol), for connecting all those analog phones to the VoIP. That is a good indicator that a Cisco firewall will be a good solution for you because it protects the unified communication and guards the SIPs, endpoints, and call-control resources.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall as a ten, for sure, if you consider its advantages over the competition. If you add in pricing, I would have to lower that to a nine-out-of-ten. Price is the only place that I figure Cisco could do something. Or if they could offset the cost of their boxes using a cloud solution. We had a client do that. They had boxes, but they were trying to figure a better way to scale. I suggested to them that they just move the areas that they were scaling to the cloud. They did it with the new branches they have added, and now they are waiting to phase out their boxes. They will eventually move over to a complete cloud-based firewall solution.  

I use Cisco IOS Security. We install it for people. We have a very small network station. We don't use Cisco IOS Security very often, but we install it for clients. 

We use Cisco IOS Security mostly for routers to route off the firewall. It's a next-generation device. With firewalls, we can connect the solution for the mail cloud. 

We've deployed with Fortinet FortiGate. We don't use it much. We use Cisco IOS Security to manage for enterprise clients.

Our primary use case for this solution is in the insurance industry.

Cisco IOS Security has not improved my organization. We use it for our clients. It helps their workers to be more secure in operations.

We interpret the additional protection to be very important now. Cisco IOS Security is used with client mobile devices on the firewall.

We don't love everything about the product. For now, it's what we're using. It's okay. It is difficult to set up. The training is okay. The pricing is standard.

It will be great if they can make it more easy to use the features. The interface is not user-friendly, but a normal IT technician can handle it.

Most of the features only work with Cisco equipment. It's about connectivity. Most of their features are meant for Cisco. You cannot integrate them with any other vendor.

Cisco needs to be more flexible with the integration of other solutions.

It's not stable if you don't have Cisco gear in your network. If you don't have Cisco equipment within your network, you cannot access powerful pieces of the software.

The scalability of Cisco IOS Security is good. It's very fast. It's not universal because most of the features require you to have Cisco equipment in your network. 

If you ask technical support on how to solve some issues, it does help. We do fine with Cisco support. It comes with the equipment.

We provide our clients with six months of in-house support. We pay Cisco for it. The support is okay.

The initial setup is straightforward, but when it comes to complex settings like the firewall, it is not easy. Most of the features that come with it work only with Cisco devices.

You have to have experience before you try to use it. You need to make sure you have it your router by Cisco. Some features only work with Cisco equipment.

What we do is we set up everything. We have to go on-site. It doesn't take time to deploy it. The time required to work on the project can take up to two weeks.

We did the setup mostly with our team. We are consultants. We worked with a reseller. Cisco has an integrator software team too.

Our licensing costs for the solution are on an annual basis. It should be every five years.

On a scale from 1 to 10, I would rate Cisco IOS Security at 9/10.

The solution is the core of our network to implement, for example, Cisco Eyes, since we have Cisco Eyes on our network. At the core and access layers, we also use the solution for all our configurations concerning admission control into the network.

The solution is easy to use. It provides hotkeys that help you remember commands you've forgotten about.

I would like upgrading iOS to be a bit easier. If you want the old version to continue running, that should be a bit easier. People have made many apps to do that online, but if Cisco could have that at the click of a button to quickly download or upload it, after which everything starts to work, that would be good. Sometimes, setting up your TFTB is difficult even though there are tools now. There should be something that would make it much easier where I just have to download, upload it into the iOS, and start it up.

I've used the solution for about eight to ten years.

The solution is very stable.

The solution is very scalable. We have about 500 users on this solution.

The solution is easy to set up if you know what to do. You can copy all the content and slam it into the switch if you have a configuration. After five to ten minutes at most, the switch is ready.

The initial setup is not much of a problem if you have an existing configuration. You just need to copy and paste. But if you're designing things, you might need a consultant.

We mostly need technical people for the solution to support users. Most of the issues we have are the Mac and our Cisco Eye. Sometimes, the user's password will expire, and the user must be called to connect them back. Sometimes, Eye does not allow the users to work, and we need to clear the ports and things like that. That's a bit of the experience where we have one challenge after another, but we are finding our way around it. Regarding the number of technical staff, we need a password administrator who does the configuration and then support guys who ensure that all the endpoints have access to the network.

You might need some level of support depending on what you're doing. Because even if it is in a cloud environment, as long as you understand the setup of what you want, you're good to go.

I rate the solution an eight out of ten. Before now, there were things that you could log in and get them to do for you. Because we have Smart Net for our devices, that's the way to go most of the time because you are sure that at the click of a button, Cisco will always be there to help.

We use Cisco IOS Security for firewalls and security purposes. Cisco has licenses that allow you to create registered ports.

The product's stability is good.

The weakness of Cisco's products is that it has higher prices for even its lowest configurations. Cisco has to come a little forward with its products. Cisco very slowly introduces and implements the products, unlike other brands.

I have 10 years of experience with Cisco IOS Security. 

It is a very good product stability-wise, even if it is an entry-level product.

We have our own digital team who deploys the solution, but the support team is fine.

It is not an easy product and doesn’t have a plug-in system. Only experienced people can integrate it with other functions. It has a different set of protocols that need to be followed during the deployment, as compared to Aruba. It requires experience to deploy and the team needs to have knowledge of all specifications. 

I have global customers who have applied this product. People who are buying this solution should know that they need and have the required solutions. I recommend Cisco IOS Security only for enterprises because it is expensive and involves complex implementation processes. It is not the easiest product available in the market and requires a strong infrastructure and an experienced workforce. Small and medium companies don’t have the required resources to apply this product and a lot of licensing is involved for each port. Given the price, stability, features, and other factors, I would rate it an eight out of ten. 

We use Cisco IOS Security to segregate IT and OT environments.

Cisco IOS Security is very robust and works very well. Once set up and operational, very limited human interaction is required with the device to run it for years. We deployed the solution, activated certain features, and forgot about it. We didn't have the necessary tools to monitor and maintain the solution actively.

Cisco IOS Security's monitoring is rather rudimentary and could be improved.

I have been using Cisco IOS Security for around 15 years.

I rate Cisco IOS Security a ten out of ten for stability.

Less than fifty users were using Cisco IOS Security in my previous organization.

The initial setup for Cisco IOS Security is relatively straightforward compared to other firewalls. We had two people, including myself and a network specialist, for the deployment and maintenance of Cisco IOS Security.

We implemented the solution in-house.

Cisco IOS Security got the job done. The solution was secure and stable. So we got a decent return on investment.

I look at companies and what they specialize in, and Cisco never really specialized in security. Other companies have security as their core focus. I will not be deploying any Cisco security devices in the near future.

Overall, I rate Cisco IOS Security a seven out of ten.

Primarily, we were looking for security solutions for a specific project and another one after that.

Compared to other products I've used, it offers greater stability and performance, along with a wider range of features. Plus, the VPN connection portal scan works flawlessly, which was a big plus for us.

Some GUI modules have extended prices compared to other vendors, which isn't ideal.

Cisco is a scalable product, but it is expensive compared to other vendors. Huawei, Netgear, and FortiGate all offer scalable solutions at a lower cost. There is room for improvement in licensing. 

I've been using Cisco IOS security for quite some time. Everything worked smoothly without any issues.

I would rate the stability an eight out of ten.

It is a scalable product. We have about 15 devices implemented across the company.

We can get technical support from Cisco directly or the support community. It was customer-friendly. 

Positive

It has easy installation. I didn't face any complex configurations, whether in the program itself, firewalls, routers, or switches.  

Our current firewall isn't cloud-based, so we rely on both standalone firewalls and independent ones. Some features have cloud-based deployment options, but that's not our main concern.

Deployment time really depends on the specific project scope. Let's say you have a project with 100 users and need the full installation implemented. That might take around a week, including design, installation, and finalizing the project. However, if you only need specific changes or process implementations, it could be as quick as two days.

We need one architect, two engineers, and one technician for this project.

Cisco comes with a premium reputation, and while it's certainly not the cheapest option. Compared to other products like Huawei, Netgear, or even Fortinet, which are cheaper than Cisco. 

We pay yearly for the license. 

I would recommend this product if it fits the budget. Overall, I would rate the solution an eight out of ten.