Try our new research platform with insights from 80,000+ expert users
Cisco Secure Firewall Logo

Cisco Secure Firewall pros and cons

Vendor: Cisco
4.1 out of 5
Leave a review

Pros & Cons summary

Cisco Secure Firewall offers exceptional security features such as IPS and IDS, complemented by high availability and clustering for nearly 99.999% uptime. AnyConnect provides remote access VPNs; however, it lacks features like route-based VPNs, and configurations are complex due to command line requirements. While the REST API allows for customization, the firewall's SSL inspection is slow, impacting performance. Integration outside Cisco's ecosystem is limited, requiring third-party solutions for upgrades.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Cisco Secure Firewall is highly stable and offers comprehensive VPN solutions.
The Firepower IPS detection engine enhances threat investigation with historical analysis capabilities.
Cisco Secure Firewall provides robust clustering architecture, enabling zero downtime upgrades and maintaining high uptime.
The ASA range is reliable for protecting normal traffic purposes and offers detailed NAT and access-list features.
Advanced Malware Protection and Application Visibility provide robust security and segmented network options for better control.

CONS

Cisco Secure Firewall integration with third-party devices is inadequate, focusing more on Cisco devices and lacking compatibility with other platforms.
Setting up VPNs and SSL configurations is complex and prone to issues, requiring extensive manual intervention and troubleshooting.
Initial setup and ongoing maintenance are difficult and time-consuming, due to the complexity of configurations and lack of straightforward procedures.
Cisco Secure Firewall's performance is often misaligned with datasheets and struggles with throughput in real-world scenarios, particularly with complex configurations.
Upgrading Cisco Secure Firewall is a cumbersome process, involving lengthy procedures that are not straightforward and require extensive planning.
 

Cisco Secure Firewall Pros review quotes

it_user3483 - PeerSpot reviewer
it_user3483
Senior Consultant at Unify Square
Dec 11, 2017
ASA is stable and with a low level of work required on the maintenance side.
Read full review
it_user380502 - PeerSpot reviewer
it_user380502
Principal Network Engineer at a tech services company with 51-200 employees
Jun 20, 2017
It makes it very easy to have delineated roles and responsibilities between network engineering and network security.
Read full review
it_user242523 - PeerSpot reviewer
it_user242523
Network Security Administrator at a tech company with 5,001-10,000 employees
Jun 28, 2017
The most valuables feature of this product are given by the comprehensive VPN solutions it offers and its tools for troubleshooting and debugging.
Read full review
Buyer's Guide
Cisco Secure Firewall
December 2025
Free Report: Cisco Secure Firewall Reviews and More
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
DOWNLOAD NOW
879,422 professionals have used our research since 2012.
GS
Georges Samaha
Security Consultant at a tech services company with 501-1,000 employees
Jul 5, 2017
The Firepower IPS, based on Snort technology, has an amazing detection engine and historical analysis capability of files that eases threat investigations a lot.
Read full review
it_user700158 - PeerSpot reviewer
it_user700158
Senior Network Security Engineer at a university
Jul 10, 2017
The AnyConnect remote access VPN gives us an easy way to deploy remote working for our users.
Read full review
DA
Danut Agache
Computer Networking Consultant and Contractor at a tech services company with 51-200 employees
Jul 12, 2017
Stability, high availability of services, and very high MTBU were the most valuable features for me.
Read full review
NetworkE721d - PeerSpot reviewer
NetworkE721d
Network Engineer with 201-500 employees
Jul 12, 2017
IPSec Tunnel and AnyConnect (of course), the context awareness was a good feature, but clumsy at the beginning. I think it's better now.
Read full review
FT
Frank Theilen
IT Adviser/Manager with 51-200 employees
Jul 21, 2017
The ASA 55-x range is a solid and reliable firewall. It secures the traffic for normal purposes.
Read full review
it_user789333 - PeerSpot reviewer
it_user789333
President and CTO with 51-200 employees
Dec 14, 2017
Strong in NAT and access-lists.
Read full review
ipmplspr538920 - PeerSpot reviewer
ipmplspr538920
Security Governance at a comms service provider with 1,001-5,000 employees
Dec 18, 2017
We have been using a 5520 for seven years in our datacenter and we are satisfied by this version.
Read full review
Show 10 more reviews (out of 343)
 

Cisco Secure Firewall Cons review quotes

it_user3483 - PeerSpot reviewer
it_user3483
Senior Consultant at Unify Square
Dec 11, 2017
You have to know the ASA command line very well because not all operations are available in the graphical interface
Read full review
it_user380502 - PeerSpot reviewer
it_user380502
Principal Network Engineer at a tech services company with 51-200 employees
Jun 20, 2017
In my experience, a number of engineers get tunnel vision with devices. This is exacerbated by vendors fostering a silo mentality in disciplines.
Read full review
it_user242523 - PeerSpot reviewer
it_user242523
Network Security Administrator at a tech company with 5,001-10,000 employees
Jun 28, 2017
It should have an additional “operating mode”, like a “candidate configuration mode”, where you would have the possibility to test the changes you are going to implement and also the possibility to validate these changes.
Read full review
Buyer's Guide
Cisco Secure Firewall
December 2025
Free Report: Cisco Secure Firewall Reviews and More
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
DOWNLOAD NOW
879,422 professionals have used our research since 2012.
GS
Georges Samaha
Security Consultant at a tech services company with 501-1,000 employees
Jul 5, 2017
I would like to see more integration with third-party devices in general. There is great integration with Cisco devices, but there's not much integration with third-party devices.
Read full review
it_user700158 - PeerSpot reviewer
it_user700158
Senior Network Security Engineer at a university
Jul 10, 2017
The SSL VPN is, and always has been, painful to configure and the Java plugin does not guarantee a uniform deployment.
Read full review
DA
Danut Agache
Computer Networking Consultant and Contractor at a tech services company with 51-200 employees
Jul 12, 2017
The ability to integrate (as options) all-in-one features -- like anti-spam, anti-virus, etc.
Read full review
NetworkE721d - PeerSpot reviewer
NetworkE721d
Network Engineer with 201-500 employees
Jul 12, 2017
ASDM can be improved.
Read full review
FT
Frank Theilen
IT Adviser/Manager with 51-200 employees
Jul 21, 2017
Firewalls, in general, were not really designed for normal IT personnel, but for firewall and network experts. Therefore, they missed a lot of options and did not provide any good reporting or improvement options.
Read full review
it_user789333 - PeerSpot reviewer
it_user789333
President and CTO with 51-200 employees
Dec 14, 2017
VPNs are weak as this product still does not support route-based VPNs.
Read full review
ipmplspr538920 - PeerSpot reviewer
ipmplspr538920
Security Governance at a comms service provider with 1,001-5,000 employees
Dec 18, 2017
The throughput highlighted on the datasheet (10Gbps) should be reviewed. This throughput is only for a UDP running environment, which you will never find in the real world. Rather consider a multiprotocol throughput.
Read full review
Show 10 more reviews (out of 343)

Product Categories

Product Categories
Firewalls
Cisco Security Portfolio
Next-Generation Firewall (NGFW)
Firewall Solutions for Enterprises

Popular Comparisons

Popular Comparisons
Fortinet FortiGate vs Cisco Secure Firewall Logo
Fortinet FortiGate vs Cisco Secure Firewall
Netgate pfSense vs Cisco Secure Firewall Logo
Netgate pfSense vs Cisco Secure Firewall
OPNsense vs Cisco Secure Firewall Logo
OPNsense vs Cisco Secure Firewall
Sophos XG vs Cisco Secure Firewall Logo
Sophos XG vs Cisco Secure Firewall
Cisco Umbrella vs Cisco Secure Firewall Logo
Cisco Umbrella vs Cisco Secure Firewall
Cisco Identity Services Engine (ISE) vs Cisco Secure Firewall Logo
Cisco Identity Services Engine (ISE) vs Cisco Secure Firewall
Palo Alto Networks NG Firewalls vs Cisco Secure Firewall Logo
Palo Alto Networks NG Firewalls vs Cisco Secure Firewall
WatchGuard Firebox vs Cisco Secure Firewall Logo
WatchGuard Firebox vs Cisco Secure Firewall
Cisco Meraki MX vs Cisco Secure Firewall Logo
Cisco Meraki MX vs Cisco Secure Firewall
Check Point Quantum Force (NGFW) vs Cisco Secure Firewall Logo
Check Point Quantum Force (NGFW) vs Cisco Secure Firewall
Azure Firewall vs Cisco Secure Firewall Logo
Azure Firewall vs Cisco Secure Firewall
SonicWall TZ vs Cisco Secure Firewall Logo
SonicWall TZ vs Cisco Secure Firewall
Cisco Secure Network Analytics vs Cisco Secure Firewall Logo
Cisco Secure Network Analytics vs Cisco Secure Firewall
Sophos XGS vs Cisco Secure Firewall Logo
Sophos XGS vs Cisco Secure Firewall
Fortinet FortiGate-VM vs Cisco Secure Firewall Logo
Fortinet FortiGate-VM vs Cisco Secure Firewall
See all alternatives

Product Categories

Product Categories
Firewalls
Cisco Security Portfolio
Next-Generation Firewall (NGFW)
Firewall Solutions for Enterprises

Popular Comparisons

Popular Comparisons
Fortinet FortiGate vs Cisco Secure Firewall Logo
Fortinet FortiGate vs Cisco Secure Firewall
Netgate pfSense vs Cisco Secure Firewall Logo
Netgate pfSense vs Cisco Secure Firewall
OPNsense vs Cisco Secure Firewall Logo
OPNsense vs Cisco Secure Firewall
Sophos XG vs Cisco Secure Firewall Logo
Sophos XG vs Cisco Secure Firewall
Cisco Umbrella vs Cisco Secure Firewall Logo
Cisco Umbrella vs Cisco Secure Firewall
Cisco Identity Services Engine (ISE) vs Cisco Secure Firewall Logo
Cisco Identity Services Engine (ISE) vs Cisco Secure Firewall
Palo Alto Networks NG Firewalls vs Cisco Secure Firewall Logo
Palo Alto Networks NG Firewalls vs Cisco Secure Firewall
WatchGuard Firebox vs Cisco Secure Firewall Logo
WatchGuard Firebox vs Cisco Secure Firewall
Cisco Meraki MX vs Cisco Secure Firewall Logo
Cisco Meraki MX vs Cisco Secure Firewall
Check Point Quantum Force (NGFW) vs Cisco Secure Firewall Logo
Check Point Quantum Force (NGFW) vs Cisco Secure Firewall
Azure Firewall vs Cisco Secure Firewall Logo
Azure Firewall vs Cisco Secure Firewall
SonicWall TZ vs Cisco Secure Firewall Logo
SonicWall TZ vs Cisco Secure Firewall
Cisco Secure Network Analytics vs Cisco Secure Firewall Logo
Cisco Secure Network Analytics vs Cisco Secure Firewall
Sophos XGS vs Cisco Secure Firewall Logo
Sophos XGS vs Cisco Secure Firewall
Fortinet FortiGate-VM vs Cisco Secure Firewall Logo
Fortinet FortiGate-VM vs Cisco Secure Firewall
See all alternatives
Related questions
  • 442
What Is The Biggest Difference Between Cisco ASA And Fortinet FortiGate?
  • 55
Cisco Firepower vs. FortiGate
  • 29
How do I convince a client that the most expensive firewall is not necessarily the best?
  • 89
What are the biggest differences between Cisco Firepower NGFW and Fortinet FortiGate?
  • 382
What Is The Biggest Difference Between Cisco Firepower and Palo Alto?
  • 136
Would you recommend replacing Cisco ASA Firewall with Fortinet FortiGate FG 100F due to cost reasons?
  • 319
What are the main differences between Palo Alto and Cisco firewalls ?
  • 35
A recent reviewer wrote "Cisco firewalls can be difficult at first but once learned it's fine." Is that your experience?
  • 26
Which is the best IPS - Cisco Firepower or Palo Alto?
  • 36
Which product do you recommend and why: Palo Alto Networks VM-Series vs Cisco Firepower Threat Defense Virtual (FTDv)?