I usually use it for GRE channels and VPNs. Is very stable and is a good solution. It has been stable.
Network Engineer at Banque des Mascareignes
Enables us to securely transfer data over the internet network but I would like the ability to automatically load balance
Pros and Cons
- "I'm able to transfer data over internet network security. With the GRE I'm able to transfer data within one bunch to another bunch in a public way, like the internet. The communication is encrypted and is private. It gives me added privacy."
- "There's a technology called SD-WAN that we would like to see. We are unable to handle multiple connections or to automatically load balance. I would like to have a feature that enables us to automatically prepare for load balancing."
What is our primary use case?
How has it helped my organization?
I'm able to securely transfer data over the internet network. With the GRE I'm able to transfer data within one site to another sites in a public way, like the internet. The communication is encrypted and is private. It gives me added privacy.
What is most valuable?
The GRE kernels and IPSEC security are the most valuable features.
What needs improvement?
There's a technology called SD-WAN that we would like to see. We are unable to handle multiple connections or to automatically load balance. I would like to have a feature that enables us to automatically prepare for load balancing.
Buyer's Guide
Cisco IOS Security
December 2024
Learn what your peers think about Cisco IOS Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
It is stable but is missing functionalities. For example, everyone is bound to one single router.
This product is being used on a daily basis, 24/7. We are a bank, so it is always running. We have no downtime and our customers don't have any downtime.
What do I think about the scalability of the solution?
You can do a lot in terms of the scalability. In my department, I have 11 branches that are using it and everything works flawlessly for them.
How are customer service and support?
Cisco's technical support is the best.
Which solution did I use previously and why did I switch?
I have previously used FortiGate and I didn't switch solution, I switched companies. Cisco is stable once it is up and running. You can forget about it, it's going to work unless the hardware fails. As your centers deploy, make sure it's configured and up and running. You just have to put it there and forget it.
How was the initial setup?
The complexity of the initial setup will depend on your level of expertise and your experience with the product. It was simple for me but I have seen others struggle with it.
Usually, when I did deploy I do it on a lap setup. The time it takes depends mostly on how we are going to plan the deployment. It can be done within a day or a week.
What about the implementation team?
Sometimes we will use an integrator for the deployment and sometimes we will do it ourselves.
What was our ROI?
The return on investment has already been achieved and it is great.
What's my experience with pricing, setup cost, and licensing?
The solution is a one-off fee once, it's just a matter of whether we are using IOS security you want to use the IT functionality, you need to have the security licenses.
What other advice do I have?
It's a good product you just have to have someone that really knows how to configure it otherwise it's going to be a nightmare.
I would rate it a seven out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Engineer at a tech company
Easy to install and good technical support on offer but could be easier to use
Pros and Cons
- "The product is easy to use."
- "There could be a bit more functions on offer that could make it easier to use."
What is our primary use case?
We primarily use the product as a security solution within our company.
What is most valuable?
Overall, the devices are very good and reliable.
The product is easy to use.
It's quite a stable solution.
The installation process is easy.
Technical support has always been very good.
What needs improvement?
It's a good device yet it's not a market leader. There are better options for customers to choose from.
There could be a bit more functions on offer that could make it easier to use.
For how long have I used the solution?
We have used the solution for four years. It's been a while. We have a bit of experience with it at this point.
What do I think about the stability of the solution?
The stability is great and the performance is good. It's reliable. There are no bugs or glitches. it doesn't crash or freeze.
What do I think about the scalability of the solution?
We have about 2,000 users on the product currently.
How are customer service and technical support?
Cisco technical support is the best in the world. They are very helpful and responsive and we are always satisfied with the amount of assistance we get.
Which solution did I use previously and why did I switch?
Previous to this solution, we did not use anything else.
How was the initial setup?
It's straightforward to set up. The product isn't too complex in terms of implementation. It takes about two days to deploy everything.
You only need two people for installation. We have two technicians for the installation of the product and two engineers for managing the product.
What about the implementation team?
We handle the implementation ourselves in-house. We don't need outside consultants or integrators.
What's my experience with pricing, setup cost, and licensing?
We pay a yearly subscription for signatures and stuff for the filtering, debugging inspection.
Which other solutions did I evaluate?
We did not evaluate anything before we started using Cisco. We didn't evaluate other options.
What other advice do I have?
We always use two versions behind the latest version. We do not use the latest version typically.
I'd rate the solution at a six out of ten.
I wouldn't recommend the solution to other users or organizations at this time.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Cisco IOS Security
December 2024
Learn what your peers think about Cisco IOS Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Network Manager at a insurance company with 1,001-5,000 employees
Good features. But when I converted it into a zone-based firewall, CPU utilization shot up and network performance slowed down.
Valuable Features:
1. Cisco IOS Security feature provides key features such as AAA, VPN, IPsec, content filtering, IPS, etc in all IOS based Cisco devices.
2. I like it because they include powerful security features that come with all Cisco Router and Switch from low to higher end.
3. It helped me to convert my Cisco router into a zone-based policy firewall.
4. It helped me to implement port security at my switch end.
5. I have implemented AAA in all Cisco routers and switch easily.
6. I have configured VPN server in a Cisco router with ease compare to OPENVPN configuration in a Linux OS environment.
Room for Improvement:
1. IOS security related IPS facility is not as strong as Cisco ASA and the signature file of IPS does not update automatically like Cisco ASA.
2. When I converted the Cisco router into a zone-based firewall, CPU utilization shot up and slowed down network performance.
Other Advice:
Cisco IOS security feature is the most robust and simple security facility which nice and small to implement. It helped me protect my network from external and internal attack.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at it logic
Flexible, reliable, and has great performance
Pros and Cons
- "One of the valuable features of the solution is its flexibility and it performs great."
- "The configuration should be easier in the solution."
What is our primary use case?
The primary use of the solution is used for testing the core banking customer function.
What is most valuable?
One of the valuable features of the solution is its flexibility and it performs great.
What needs improvement?
The configuration should be easier in the solution.
For how long have I used the solution?
I have used the solution for approximately five years.
What do I think about the stability of the solution?
I have not had issues with the solution stability.
What do I think about the scalability of the solution?
I have approximately 450 customers database at this moment using this solution.
How are customer service and technical support?
There is technical support for the solution but it is not localized. It would be beneficial if there would be localized technical support in India.
How was the initial setup?
The installation of the solution is difficult because it requires trained CCNA engineers.
What about the implementation team?
The solutions deployment required a three-person technical team.
What's my experience with pricing, setup cost, and licensing?
It is necessary to pay for a license in order to use the solution. It is on a yearly basis and the price is high.
What other advice do I have?
I will continue using the solution because our customers demand it.
I would recommend the solution to other users.
I rate Cisco IOS Security a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Administrator at a tech services company with 11-50 employees
A highly scalable solution that is used for security
Pros and Cons
- "The Intrusion Firewall is a valuable feature."
- "Cisco is an expensive firewall, so the pricing can be improved."
What is our primary use case?
The solution is used for security purposes.
What is most valuable?
The Intrusion Firewall is a valuable feature.
What needs improvement?
Cisco is an expensive firewall, so the pricing can be improved.
For how long have I used the solution?
I have been using Cisco IOS Security for more than five years.
What do I think about the stability of the solution?
The stability can be improved. I rate the stability an eight out of ten.
What do I think about the scalability of the solution?
It is a scalable solution. Presently, two hundred users are using the solution.
How are customer service and support?
The technical support team is good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is not very difficult.
What's my experience with pricing, setup cost, and licensing?
The pricing is expensive.
What other advice do I have?
I will recommend it if your entire infrastructure is Cisco-based, because the compatibility is good.
I rate the overall solution an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Manager - Wireless / IT Support Manager at a tech services company with 51-200 employees
Straightforward initial setup and good scalability
Pros and Cons
- "You can scale it when you need to."
- "If they could increase the performance a little better because the device sometimes gets slow."
What is our primary use case?
Since we do system integration, we have a lot of clients we deploy. There is not really a single case to point to because we have multiple clients. It depends and can vary from customer to customer.
What is most valuable?
Defending the business processes.
What needs improvement?
If they could increase the performance a little better because the device sometimes gets slow. If they could increase the performance it would be great.
For how long have I used the solution?
I've been using this solution for between seven and eight years.
What do I think about the stability of the solution?
The solution's stability is quite good. We have about six hundred users.
What do I think about the scalability of the solution?
The scalability is quite good. You can scale it when you need to. As you go, you can scale it. It's quite scalable. It's quite good.
How are customer service and technical support?
I haven't used technical support yet.
Which solution did I use previously and why did I switch?
We have been using this solution for six or seven years; we didn't use another solution before.
How was the initial setup?
The initial setup was very straightforward. It only took a couple of hours, it doesn't take long.
What other advice do I have?
In terms of advice, I would suggest others should use it. It is quite a good product, it is one of the market leaders. I believe it could be as good as other solutions. There are two things you require: one is support and the other one is credibility. Both are there with this product.
I would rate this solution eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Infrastructure Expert at a tech company with 51-200 employees
The Best network security OS
Valuable Features:
Cisco IOS is the best OS for Cisco routers and switches.
There are a lot of plus points of using Cisco IOS. A brief introduction about them are as follows.AAA- Cisco IOS has a lot advantages while using AAA. It can use various encryption services which also includes EAP with Radius.Firewall- You can use Cisco IOS Advance IP Services for creating Zone based firewalls on Cisco Routers.TCP Intercept- It prevents DDOS attacks quite effectively.PKI- You can use RSA keys in PKI. Also lets you use Certificates in PKI.VPN- Almost any type of VPN can be configured using IOS security. Site to site or remote. 802.1X- This facility has helped a lot of organizations and ISPs to maintain authentication for their users.
Room for Improvement:
It is very hard to find any limitations of this OS
Still when you use this as Zone based firewall you can see its limitations.
You need to restrict traffic with ACL, which is fine but you need to create too many ACLs.
Hence management of ACLs is a tedious task.
Works better with TACACS+ which is Cisco proprietary.
WAN connectivity is difficult on a router which is running IOS Security.
Other Advice:
The best OS from my point of view in Cisco IOS is Advanced IP Services.
This OS has changed the definition of network security by using the router.
The use of VPN concentrator is coming to an end because this OS can handle any kind of VPN using the router, so no need of VPN concentrators.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Cisco IOS Security Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
OPNsense
Cisco Secure Firewall
Palo Alto Networks NG Firewalls
Juniper SRX Series Firewall
Untangle NG Firewall
Fortinet FortiOS
KerioControl
Buyer's Guide
Download our free Cisco IOS Security Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Which is the best network firewall for a small retailer?
- When evaluating Firewalls, what aspect do you think is the most important to look for?
- Cyberoam or Fortinet?
- Fortinet, Palo Alto or Check Point?
- If you could go back, would you change your decision to buy that firewall and why?
- Sophos XG vs Fortigate UTM
- Can you recommend a solution to replace Cyberoam 200ing Firewall?