Cisco IOS Security Reviews

We use this solution to connect branch offices and keep the security on each one.

Cisco IOS allows us to keep the same security features as our principal offices.

We can access control lists and VPN tunneling.

It gives us better efficiency.

I think setup could be one area for improvement.

I would also like to see them add integration with cloud solutions like Umbrella, as well as some monitoring improvements. This would let us connect a new platform and cloud solution for a site.

Cisco's high stability is a well known feature.

It is scalable. We can go to another platform and keep the same functionality.

I think we have great support from Cisco for this. I haven't used it personally, but I have heard good things.

I think we used Firepower. We work specifically with Cisco.

I think the initial setup was simple. We have a lot of documentation and a guide that we can follow.

Thinking about the ease of managing these platforms and the technical support that we have, we can avoid extra costs and investments. We've saved time allowing our staff to work on other things that have saved money overall.

My advice is that this is a very secure option for platforms and gateways using the Cisco IOS security feature.

I would rate Cisco IOS as ten out of ten.

Cisco IOS Security has many good features, but compared to other solutions, it has a more user-friendly interface with steps to apply and manage rules. Another good part of the solution is that it's more straightforward.

An area for improvement in Cisco IOS Security is the performance because it's not as stable sometimes. There's also some latency in the solution, which could be improved. Cisco IOS Security integrates with other solutions, but you'll encounter many errors after integration, so this is another area for improvement.

I'd like to see enhanced performance and a simplified setup in the next version of Cisco IOS Security.

I've been working with Cisco IOS Security for more than five years.

Cisco IOS Security isn't as stable.

Cisco IOS Security isn't as scalable, but it's okay. It's suitable for enterprise companies.

The technical support for Cisco IOS Security is very good. The support team responds every time.

Setting up Cisco IOS Security wasn't very easy because it's not a standalone solution. The setup requires merging rules and integration with other solutions, which could take some time.

The pricing for Cisco IOS Security is reasonable compared to other Cisco products.

I'm working with Cisco products such as firewalls, ISE, routers, data centers, FTD, and most of the Cisco technologies. I have experience with Cisco IOS Security as well.

My company is a partner and reseller of Cisco products.

My customers, particularly enterprise customers, use Cisco IOS Security.

My advice to others looking into implementing Cisco IOS Security is to do a POC first. It would help to be careful about performance, latency, and management issues with Cisco IOS Security.

I'd rate Cisco IOS Security as seven out of ten.

We primarily use the solution as a VPN concentrator. It's the main VPN concentrator for all remote connections.

The compatibility is high with many open protocols. We use it for Radiant. We use it for any kind of network access protocols as well. 

The solution is very user-friendly and easy to deal with. We find working with both the Command-Line and the Viewer very, very straightforward.

It's quite stable. We find it more stable than other options.

It would be ideal if the solution had more capacity. Right now, we are almost hitting the maximum capacity of the product. If they could provide more capacity for the same product, that would be great.

I've been using the solution for over ten years. At more than a decade, it's been a long time.

The solution is extremely stable. We find it much more stable than other options. It doesn't crash or freeze. There aren't issues with glitches. It is completely reliable.

Currently, we have over 7,000 users that utilize this solution.

We do plan to increase usage in the future.

Technical support is very, very good under Cisco. It's one of the other advantages of using their product. They are very helpful, responsive, and knowledgeable. We've very satisfied with the level of service they provide to us.

We previously used Juniper. Juniper has improved a lot over the last little while, however, we still prefer Cisco.

I was not part of the installation process. That was handled by another team entirely. That said, they didn't take a lot of time to get everything up and running. It was, if I recall correctly, less than one week to put it up and test it and make all the configuration adjustments. Deployment was fast and it's my understanding that the whole process from beginning to end was straightforward.

We only needed two people and they were able to handle both deployment and maintenance. They are engineers.

I don't know the exact licensing costs. It's not something I deal with directly, and therefore I don't have any access to the information in regards to pricing and payments.

We're just a customer and end-user. We don't have a business relationship with Cisco.

We're using the latest version of the solution in our organization right now.

We use both cloud and on-premises deployments, however, currently, we tend to use more on-premises deployments.

I would recommend the solution. Overall, I would rate it at an eight out of ten.

We use Cisco IOS for security prevention. It enables us to check the network.

I didn't think that they would put servers in the DMZ. It also protects us from hackers; we haven't had any issues with them.

I've found their network routing to be very good.

It is also stable, has good scalability and is easy to use. 

I wish it would be more like the next generation firewall technology. There should be more selection between the application and filtering.

I would appreciate updates to reporting, in terms of data entry.

We have been using Cisco IOS for more than eight years.

We don't have any issues with stability. Cisco is always stable.

Scalability is easy.

We have a contract with the representative of DEO support, not just Cisco. So we have local support. If we have any issue, they respond to us directly by phone.

The initial setup was easy. There are step-by-step instructions, like many of their other products.

The solution is definitely valuable for us.

The licensing is on a subscription basis, and it is fairly costly. I would prefer a one-time payment.

My advice is to take this firewall. It is really good. I would rate Cisco IOS as eight out of ten.

The next-generation firewalls, like UTM, have paper-thin single boxes. They should follow the same projects, like the next-generation firewall. They have everything like 40GBs in a single box, along with filtering applications, like VPN and SSN. They also have reporting features.

We use it for endpoint security, to control access to our edge level. Basically, Cisco IOS checks the identity of each endpoint (printers, etc.). There's a specific group allowing the printer to immediately connect to the network. Also, if there is a laptop, for example, then the IOS will tell you, okay this is a laptop, please add the user name and password to access the network. Once it gets authenticated with IOS, they will still do something like posturing, checking the compliance list. For example, if a laptop doesn't have an updated antivirus or updated patches - if it's non-compliant with any one of those things, the system will reject it and isolate it in a special network, so it cannot access our network. 

Previously, anyone in the organization would see any data point in the wall. They could just go and connect their machine with that data point and could access the network. But now, even if someone came and tried that, they will not be given access. Because Cisco IOS will ask for the identity. So, you will now need to give your identity. If you are not part of the organization, you will not be given access.

I think it's a complicated product. It is very complicated, especially in the design. If in some way you mess up the logic and design, you can really mess up and you will hate your life. The dashboard is actually very complicated. There's a lot of options. They don't need to do this. They need to make it more simple. Going to the direct point, showing what to do, where to configure, how to make the policy. They need to simplify the dashboard management more. Also, they need to improve the dashboard statistics. We need to see the statistics in a more organized way and clear. Reporting features, I think are also missing. It should be there.

Maybe they need to add in posturing. Cisco is able to check if a device is updated or not. Taking action to isolate it outside the network, and then requesting automatically for the updates to that system would be helpful. It's something in automation they can improve.

I have been using the solution for 1 year.

Initially, we faced some stability problems with the wifi systems. And sometimes it authenticates, sometimes it doesn't. But, overall, it's 90% stable. It's not causing many problems, because, no one is touching that. No one is touching that box.

Their support was very bad. We have a very bad experience on the support. They take too much time requesting logs, and they are not coming directly online to resolve the issues. They keep asking about a lot of things. And they know that we are not expert in the system. So, we are wasting our time. And it takes time to respond. Sometimes one single issue will stay on the stack for three weeks, just to resolve it. The last ticket for me reached six weeks, not three weeks even. They are not like that in all products. Just this product.

The initial setup was very complicated. For the initial setup, you need to configure the TAC servers and assigning the password, user name and the group for authenticating, etc. The deployment took more than three months.

We used a vendor. We are not doing anything ourselves except for the basic things. We are using the vendors to do this. Not everything is handled by vendors; only, again, for the complicated products. We try to approach the integrators to do it.

I did not evaluate other options. I was thinking maybe Aruba might be a good option, but I did not switch over to it actually because Cisco's a big company and known in the market.

Even now, we are not fully utilizing the features because it'll add complicated things. I would rate this solution 7 out of 10 because of both support and interface. After this experience, next time in any project we are going to go more secure. 

EEM (Embedded Event Manager) is a software component of Cisco IOS.

I found that EEM is a handy feature [but it is an underdog for the end user] if fine tuning of monitoring is required or if you would like to turn a Cisco device (switch or router) into a programmable device (without fancy words like ACI or Python, etc.). It is low level but efficient and money saving. It is available by default (but check the IOS feature support first). For curious minds, it could be used in combination with IP SLA and tracking features, a network engineer Swiss army knife.

• Increased monitoring level for KPIs normally not tracked by network management systems.
• Ability to correlate events and report back in a predefined format/customized message on the switch.
• Making a Cisco switch act as a network event sensor is enhancing visibility on the network.

• Tailored monitoring/notifications and some sort of added intelligence moved now to the edge of the network. (Actually, it could be done at any point of network: core, distribution, or access.)

As it is a tailored solution, it is not very scalable, but this is a trade off; you need a hammer or a scalpel. And EEM is a scalpel.

No licenses but what comes with the features of IOS.

Before choosing this product, we evaluated other options. I looked for a tailored solution.

The competition (like Juniper) do offer similar approaches (scripting capabilities, but I did not look into the details). The question is that in many cases, users are not extending their expertise to adopt these money/time-saving features that vendors provide with their OSs.

We are using Cisco IOS Security for endpoint security. For example, spyware, firewall, database and application protection.

I have been using the solution for approximately 10 years.

The solution is stable.

We have found the solution to be scalable.

We have approximately 20 customers using this solution.

The technical is excellent.

The installation is straightforward.

We have two engineers that do the implementation and maintenance of the solution.

The price of the solution should be cheaper, and the license is purchase annually.

I recommend this solution to others and advise them to use the latest version.

I rate Cisco IOS Security an eight out of ten.

1. Cisco IOS Security feature provides key features such as AAA, VPN, IPsec, content filtering, IPS, etc in all IOS based Cisco devices. 2. I like it because they include powerful security features that come with all Cisco Router and Switch from low to higher end. 3. It helped me to convert my Cisco router into a zone-based policy firewall. 4. It helped me to implement port security at my switch end. 5. I have implemented AAA in all Cisco routers and switch easily. 6. I have configured VPN server in a Cisco router with ease compare to OPENVPN configuration in a Linux OS environment.

1. IOS security related IPS facility is not as strong as Cisco ASA and the signature file of IPS does not update automatically like Cisco ASA. 2. When I converted the Cisco router into a zone-based firewall, CPU utilization shot up and slowed down network performance.

Cisco IOS security feature is the most robust and simple security facility which nice and small to implement. It helped me protect my network from external and internal attack.