We use Cisco IOS Security for integration purposes. We have Cisco features and Cisco devices in our organization. We use it as an integration system for Cisco devices.
IT proffesional at Ambo university
A leading security solution that integrates easily with other Cisco products
Pros and Cons
- "Cisco products are very secure and integrate easily with other devices."
- "The graphical user interface or the GUI could be better. Beginners can use some devices with the GUI, but some security devices are configured using CLI. It would also be better if it had its own Intrusion Protection Service and Intrusion Detection Service on the server."
What is our primary use case?
What is most valuable?
Cisco products are very secure and integrate easily with other devices.
What needs improvement?
The graphical user interface or the GUI could be better. Beginners can use some devices with the GUI, but some security devices are configured using CLI. It would also be better if it had its own Intrusion Protection Service and Intrusion Detection Service on the server.
For how long have I used the solution?
I have been using Cisco IOS Security for more than three years.
Buyer's Guide
Cisco IOS Security
November 2024
Learn what your peers think about Cisco IOS Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
Cisco IOS Security has been stable so far.
What do I think about the scalability of the solution?
The device is not scalable because the device was manufactured with a specific product specification. To scale, you have to plan and add more devices. We have about 12,000 users.
How are customer service and support?
They are supportive and have the technical skills to support us. If I have challenges with a Cisco product, they help me based on their subscription fee.
On a scale from one to five, I would give Cisco technical support a five.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is straightforward for IT users. It takes about one hour to implement this solution because we have to upgrade the framework on some of the devices.
On a scale from one to five, I would give the initial setup a five.
What's my experience with pricing, setup cost, and licensing?
Cisco IOS Security is not very expensive, and pricing depends on where you live. It's affordable for both individuals and institutions.
On a scale from one to five, I would give Cisco's pricing a four.
What other advice do I have?
We chose Cisco because the company has an excellent market rating, users are familiar with Cisco, and they can deploy Cisco products. Using Cisco also improves the security mechanism of all devices from end to end.
On a scale from one to ten, I would give Cisco IOS Security an eight.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Presale Agent
Beneficial posturing, scales well, and helpful support
Pros and Cons
- "The most valuable feature of Cisco IOS Security is posturing."
- "Cisco IOS Security could improve by having more compatibility with other Cisco solutions."
What is our primary use case?
The main purpose of Cisco IOS Security is for our data center. It connects each node and user to the network.
What is most valuable?
The most valuable feature of Cisco IOS Security is posturing.
What needs improvement?
Cisco IOS Security could improve by having more compatibility with other Cisco solutions.
For how long have I used the solution?
I have been using Cisco IOS Security for approximately three years.
What do I think about the stability of the solution?
Cisco IOS Security is a stable solution.
What do I think about the scalability of the solution?
The scalability of Cisco IOS Security is good. I can increase and decrease elements when needed.
We have approximately 45,000 people that can use the solution. Additionally, We have approximately 1,000 IT managers, technicians, and other users who directly use this solution.
How are customer service and support?
The support from Cisco IOS Security was very helpful.
I rate the support from Cisco IOS Security a four out of ten.
Which solution did I use previously and why did I switch?
I previously used another similar solution.
How was the initial setup?
I can do all the implementation of the solutions through the Cisco DNA Center. I can manage the Cisco IOS Security configuration. The whole process can be complex. Additionally, when we cannot connect to the internet we need to do manual configuration.
The full setup can take a couple of hours. However, initially, it took to use a couple of weeks.
What about the implementation team?
We did the implementation of Cisco IOS Security in-house.
We have two service engineers that are involved in the deployment and maintenance of the solution. They have the appropriate training needed to support the solution.
What other advice do I have?
I rate Cisco IOS Security an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Cisco IOS Security
November 2024
Learn what your peers think about Cisco IOS Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Chief Technology Officer at Future Point Technologies
Good performance, documentation, and support but is lacking a few features
Pros and Cons
- "The hardware is pretty stable. It's also a very good product performance-wise. Initially, it wasn't mature like a firewall and there were other leaders, but now they have included almost all the features of next-generation security. Basically, it's a good product to work with."
- "I would love it if it has a link-by-link feature, integration with Unified Threat Management (UTM), and load balancers. They haven't got any link-by-link feature right now, which can be a very attractive option. This link-by-link feature can also be made available for Cisco's UTM firewalls. The link-by-link feature is available in some of the other firewalls. Currently, integration with UTM is missing. Cisco IOS Security also doesn't have the load balancers and a few things that need to be done to get a good UTM firewall. Normally, other firewalls have UTM. As a next-generation firewall, it's good, but as a UTM, it has to do some work."
What is our primary use case?
We basically use it for security. It can be used as the internet as well as the data center security firewall.
What is most valuable?
The hardware is pretty stable. It's also a very good product performance-wise.
Initially, it wasn't mature like a firewall and there were other leaders, but now they have included almost all the features of next-generation security. Basically, it's a good product to work with.
What needs improvement?
I would love it if it has a link-by-link feature, integration with Unified Threat Management (UTM), and load balancers.
They haven't got any link-by-link feature right now, which can be a very attractive option. This link-by-link feature can also be made available for Cisco's UTM firewalls. The link-by-link feature is available in some of the other firewalls.
Currently, integration with UTM is missing. Cisco IOS Security also doesn't have the load balancers and a few things that need to be done to get a good UTM firewall. Normally, other firewalls have UTM. As a next-generation firewall, it's good, but as a UTM, it has to do some work.
For how long have I used the solution?
We have been working with this solution for around 15 years now.
What do I think about the stability of the solution?
Cisco IOS Security is very stable.
What do I think about the scalability of the solution?
It's pretty scalable. The hardware is good, and it's scalable.
How are customer service and technical support?
The main reason for going with Cisco is their support. They have very skilled people and a very good support structure as compared to many other companies. They invest heavily in support maintenance.
We are pretty comfortable with Cisco technical support, but with the new acquisitions, they also need to ramp up their support. For the older Cisco IOS and other stuff, they have very mature teams, but with the new acquisitions, sometimes it takes time to do the transition up to that level. For example, when Cisco acquired Sourcefire for the firewall, it took some time for Sourcefire to act like Cisco's other products. So, support is good, but still, there is a learning curve involved with new acquisitions and their support.
How was the initial setup?
The initial setup was complex when we compare it with some other vendors.
The setup is easy if you have good knowledge. As compared to the earlier types, it is very easy now, and the major stuff is graphical. It's pretty easy, and we don't need a lot of people, at least one to two people for backup are good enough to manage the firewalls.
What's my experience with pricing, setup cost, and licensing?
Cisco IOS Security is for medium and large enterprises. When we talk about the price as well, it's more suitable for medium and large enterprises, but recently they included a few good SMB options. They have introduced a cheaper version of it in the last year with SMB option, which can be looked into for small enterprises, but it's more suited towards the large enterprises and medium enterprises.
Which other solutions did I evaluate?
We prefer selling Cisco firewalls. We also sell Fortinet. Because Cisco's presence in our country is very good as compared to Fortinet and Palo Alto, the local customers seem comfortable with Cisco.
When we talk about Cisco, definitely the hardware is more reliable and scalable as compared to others. The support is also pretty good. These are the two good things. Definitely, Cisco Firewall is all around pretty good as compared to Fortinet.
What other advice do I have?
We work with Cisco, and we top-rate Cisco firewalls to be sold and deployed. This is because they have good trading and expertise available. Cisco IOS Security is pretty reliable, and it also has really good documentation.
It sometimes requires a slightly higher technical expertise to implement all the features as compared to other firewalls. Therefore, users definitely have to be trained first to get proper knowledge. Definitely, IOS security is well-documented, and it's pretty reliable. I'd advise just to make sure that they have adequate knowledge.
The learning curve is slightly longer because it's a slightly complex product as compared to Fortinet, but feature-wise, it's very good.
I would rate Cisco IOS Security a seven out of ten. It is a good product with scope for features such as link-by-link, integration with UTM, and load balancers.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Engineer Data Center at a comms service provider with 1,001-5,000 employees
A straightforward initial setup with good technical support
Pros and Cons
- "Technical support for this solution is very good."
- "In the next release of this solution, we would like to see support for the 100BT and 7000 models."
How has it helped my organization?
This has improved the way our organization operates very well.
What is most valuable?
The most valuable feature is the support that we get.
What needs improvement?
In the next release of this solution, we would like to see support for the 100BT and 7000 models.
We have experienced bugs in the solution.
What do I think about the stability of the solution?
This solution is stable.
What do I think about the scalability of the solution?
I would rate the scalability of this solution at about eighty percent.
How are customer service and technical support?
Technical support for this solution is very good.
How was the initial setup?
The initial setup of this solution is straightforward.
What about the implementation team?
We deployed this solution ourselves.
What was our ROI?
There is a return on investment with this solution.
What's my experience with pricing, setup cost, and licensing?
The licenses for this solution are expensive.
What other advice do I have?
This is a good solution, and one that I recommend, but sometimes we have bugs.
I would rate this solution a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Operational Risk Manager at a financial services firm with 1,001-5,000 employees
Scalability and some enhancement to our security posture have been key for us
Pros and Cons
- "The most valuable feature is the scalability. The nice thing with the bigger vendors is that they're very good at scale."
- "I would like to see much more embedded security that works and that isn't a bolt-on."
What is our primary use case?
We use it for routing and switching, VPNs, connectivity to some degree, and firewalls.
How has it helped my organization?
In certain spots it has improved our security program's maturity, for example around virtualization and network segmentation.
What is most valuable?
The most valuable feature is the scalability. The nice thing with the bigger vendors is that they're very good at scale.
What needs improvement?
I would like to see much more embedded security that works and that isn't a bolt-on.
What do I think about the stability of the solution?
It's pretty stable. The stability has been good.
How are customer service and technical support?
I would rate the technical support at eight out of ten. We've had a lot of good feedback.
Which solution did I use previously and why did I switch?
Different products come and go but we've been using Cisco for 20 years.
What about the implementation team?
We use every consulting firm and probably most integrators, depending on the project. On any day it could be Deloitte, Accenture, etc.
What was our ROI?
I'm sure we've seen ROI. Routing is better than picking up a file, carrying it to you and handing it to you. But it's been in place for quite a long time.
What other advice do I have?
Look at this solution and figure out what you're trying to accomplish. You should probably augment it with some other vendors as well. I'm not a big single-vendor type of person. I don't think anyone does it perfectly well. With Cisco, you bring them in for their core competencies which are routing, switching, and virtual networking. Then you augment it with some security vendors that have been doing security the entire time.
I would rate it at eight out of ten. It's not a ten because of the criticisms around security.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Pre Sales Engineer at IKUSI
Gives us better efficiency and is a secure option for platforms and gateways
Pros and Cons
- "Cisco IOS allows us to keep the same security features as our principal offices."
- "I think setup could be one area for improvement, because sometimes we don't have people inside so we have to move to the place."
What is our primary use case?
We use this solution to connect branch offices and keep the security on each one.
How has it helped my organization?
Cisco IOS allows us to keep the same security features as our principal offices.
What is most valuable?
We can access control lists and VPN tunneling.
It gives us better efficiency.
What needs improvement?
I think setup could be one area for improvement.
I would also like to see them add integration with cloud solutions like Umbrella, as well as some monitoring improvements. This would let us connect a new platform and cloud solution for a site.
What do I think about the stability of the solution?
Cisco's high stability is a well known feature.
What do I think about the scalability of the solution?
It is scalable. We can go to another platform and keep the same functionality.
How are customer service and technical support?
I think we have great support from Cisco for this. I haven't used it personally, but I have heard good things.
Which solution did I use previously and why did I switch?
I think we used Firepower. We work specifically with Cisco.
What about the implementation team?
I think the initial setup was simple. We have a lot of documentation and a guide that we can follow.
What was our ROI?
Thinking about the ease of managing these platforms and the technical support that we have, we can avoid extra costs and investments. We've saved time allowing our staff to work on other things that have saved money overall.
What other advice do I have?
My advice is that this is a very secure option for platforms and gateways using the Cisco IOS security feature.
I would rate Cisco IOS as ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Network Engineer at Transportation
EEM is a valuable feature for turning a Cisco device into a programmable device.
What is most valuable?
EEM (Embedded Event Manager) is a software component of Cisco IOS.
I found that EEM is a handy feature [but it is an underdog for the end user] if fine tuning of monitoring is required or if you would like to turn a Cisco device (switch or router) into a programmable device (without fancy words like ACI or Python, etc.). It is low level but efficient and money saving. It is available by default (but check the IOS feature support first). For curious minds, it could be used in combination with IP SLA and tracking features, a network engineer Swiss army knife.
How has it helped my organization?
- Increased monitoring level for KPIs normally not tracked by network management systems.
- Ability to correlate events and report back in a predefined format/customized message on the switch.
- Making a Cisco switch act as a network event sensor is enhancing visibility on the network.
What needs improvement?
- Tailored monitoring/notifications and some sort of added intelligence moved now to the edge of the network. (Actually, it could be done at any point of network: core, distribution, or access.)
What do I think about the scalability of the solution?
As it is a tailored solution, it is not very scalable, but this is a trade off; you need a hammer or a scalpel. And EEM is a scalpel.
What's my experience with pricing, setup cost, and licensing?
No licenses but what comes with the features of IOS.
Which other solutions did I evaluate?
Before choosing this product, we evaluated other options. I looked for a tailored solution.
What other advice do I have?
The competition (like Juniper) do offer similar approaches (scripting capabilities, but I did not look into the details). The question is that in many cases, users are not extending their expertise to adopt these money/time-saving features that vendors provide with their OSs.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Field Solutions Engineer at a computer software company with 1,001-5,000 employees
IPsec technology allows our clients to be more agile in their connectivity, but the technical support response times should be better
Pros and Cons
- "What I have used the most and received the most benefit from is the IPsec technology."
- "With respect to user-friendliness, it is a command-line interface and those with such experience will get along just fine, whereas others may struggle."
What is our primary use case?
We are a reseller and Cisco IOS Security is one of the network security products that we offer to our clients. The primary use case is securing connectivity between sites. Examples of this are between a site and a data center, or a site and a cloud provider.
How has it helped my organization?
DMVPN as a technology, not necessarily for security, has allowed my customers to be more agile in their connectivity, without having to rely on a hub-and-spoke topology. Rather, they can leverage a full mesh topology, which is essentially SD-WAN.
IPsec allows us to overlay that, which means we can obfuscate the underlying infrastructure, whatever the transports are. Whether it is a secure private transport like MPLS or just public internet, we can commoditize the underlying transports and trust that everything is secured from prying eyes.
What is most valuable?
What I have used the most and received the most benefit from is the IPsec technology. It overlays on DMVPN tunnels and being able to secure these object-based tunnels is good because they perform significantly better than traditional IPsec tunnels.
What needs improvement?
With respect to user-friendliness, it is a command-line interface and those with such experience will get along just fine, whereas others may struggle. My expectation is that it will remain a primarily command-line-based technology.
The biggest annoyance is probably the quality control of the code. They have to make sure that they are better at vetting bugs and software issues before they release code to the general public.
For how long have I used the solution?
I have been working with this product for the past ten years.
What do I think about the stability of the solution?
It is not the most stable system that I have worked with.
What do I think about the scalability of the solution?
I don't think that scalability is much of an issue.
Our clients are small enterprise-level organizations, typically between 1,000 and 5,000 knowledge workers.
How are customer service and technical support?
The technical support is pretty good and I would rate them an eight out of ten. If anything, they should work on their response times for critical cases.
Which solution did I use previously and why did I switch?
I would say that 80% of my experience is with Cisco products.
How was the initial setup?
The initial setup is fairly complex, although it depends on the feature sets that you're looking for. Cisco IOM is probably the most complex part of it because it involves setting up all of the QoS policies, performance-routing policies, and performance-routing domains.
From a DMVPN over IPsec perspective, it is pretty straightforward.
What's my experience with pricing, setup cost, and licensing?
Price is certainly something that the IOS technology has fallen behind the competition on.
What other advice do I have?
My advice for anybody who is implementing this product is to ensure that they don't overlook the technical overhead that is required to get it set up and keep it running. From an SD-WAN perspective, there are more user-friendly options out there, so they are going to have their own shortcomings. However, if you're going down the route of a Cisco command-line-based solution then make sure that you're prepared to have the staff on hand to manage it or instead, have a trusted partner that you work with and has the expertise to manage it.
From a feature-set perspective, as long as Cisco continues down the path of combining features from its products onto the unified platform, it will have all the features you need.
It's a good product and it does exactly what it's intended to do, but there and stability issues and the price is expensive.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Cisco IOS Security Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
OPNsense
Cisco Secure Firewall
Palo Alto Networks NG Firewalls
Juniper SRX Series Firewall
Fortinet FortiOS
KerioControl
Juniper vSRX
Buyer's Guide
Download our free Cisco IOS Security Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Which is the best network firewall for a small retailer?
- When evaluating Firewalls, what aspect do you think is the most important to look for?
- Cyberoam or Fortinet?
- Fortinet, Palo Alto or Check Point?
- If you could go back, would you change your decision to buy that firewall and why?
- Sophos XG vs Fortigate UTM
- Can you recommend a solution to replace Cyberoam 200ing Firewall?