Try our new research platform with insights from 80,000+ expert users
Vinay-Singh - PeerSpot reviewer
Manager IT & Security at mCarbon Tech Innovations Pvt., Ltd.
Real User
Feature-rich VPN connection, scalable, stable, and has perfect support
Pros and Cons
  • "I like all of the features."
  • "It is my understanding that they are in the process of discontinuing this device."

What is our primary use case?

We are using this solution for the site-to-site VPN tunnels and VPN Connections.

What is most valuable?

I like all of the features.

What needs improvement?

It is my understanding that they are in the process of discontinuing this device.

They are in the process of shutting down this ASA series and will continue with Firepower.

In the next release, it could be more secure.

For how long have I used the solution?

I have been using Cisco ASA Firewall for six years.

We are not using the latest version.

Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.

What do I think about the stability of the solution?

It's a stable solution. I have not had any issues.

What do I think about the scalability of the solution?

This product is scalable. We have 100 users in our organization.

We will not continue to use this solution. We will be upgrading to either Firepower or Check Point.

How are customer service and support?

Technical support is perfect.

Which solution did I use previously and why did I switch?

I was using Dell SonicWall before Cisco ASA Firewall.

How was the initial setup?

The initial setup was straightforward. 

It's easy to install and it doesn't take a lot of time for the initial configuration.

It took an hour to install.

What about the implementation team?

I completed the installation myself. We did not use a vendor or vendor team.

What's my experience with pricing, setup cost, and licensing?

There are licensing costs.

What other advice do I have?

I would not recommend this solution. The technology is old and they should move to Firepower or NextGen Firewall.

I would rate the Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Manager of Engineering with 1,001-5,000 employees
Vendor
The FirePower IPS, AMP and URL filtering add value to the firewall.

What is most valuable?

Cisco ASA has a well-written command-line interface. Cisco’s AnyConnect SSL VPN is by far the best client VPN technology I’ve ever had to deploy and manage. Upgrades are a breeze. Failovers between units are flawless. FirePower add-ons deepen security with intrusion prevention (IPS), anti-malware protection (AMP), and URL filtering. These particular services can run as a hardware or software module within the ASA. Unlike ASA with CSM, these modules are managed by FireSight, a single pane for all of your FirePower nodes. It’s intuitive and easy to use, but still lacks some automation capabilities (e.g., bulk edits, etc.).

How has it helped my organization?

Cisco is a huge name in the networking world. Having a solution that includes their firewall technology adds value from an operability and support perspective. Cisco, although sometimes considered to be "behind the times" with firewall technology, continues to prove it has momentum in the industry through acquisitions such as Sourcefire and OpenDNS, with rapid integration into their systems. Additionally, ASA is synergistic with other security offerings from Cisco, such as ISE, remote tele-office workers, etc.

What needs improvement?

When running multiple firewalls in your network, you need someone to manage them from a central point. Cisco’s answer is Cisco Security Manager (CSM). Unfortunately, this is a suite of applications that is in much need of an overhaul. It is riddled with bugs and lacks the intuitive experience found in competing vendor offerings. The counter-intuitive interface makes configuration management cumbersome and prone to mistakes. There are software defects within certain modules of the application, resulting in a frustrating experience. Reporting is almost useless. The best part about it is the logging component, but it still is lacking, compared to what you get from other competing vendors.

Aside from management, I think Cisco needs to become more application-focused, something that a few of their competitors shine in.

For how long have I used the solution?

I've deployed and managed Cisco ASA's for over a decade. I've used the X-series models for about three years now.

What do I think about the stability of the solution?

I have not encountered any stability issues; this is a solid firewall platform. Stability is where it shines.

What do I think about the scalability of the solution?

The newer clustering capabilities have introduced some solid scalability design options. From a cost perspective, scalability is quite intimidating.

How are customer service and technical support?

Cisco's TAC engineers are competent, responsive and typically resolve issues in a timely fashion. Do not use them for "best practice"; this is what channel partners are for.

Which solution did I use previously and why did I switch?

I previously used Check Point. Check Point relied on a thick, Windows-based client and, at the time, did not support transparent contexts. However, Check Point has a solid management platform, which is something Cisco should take some pointers from.

How was the initial setup?

Initial setup is complex for a new user, straightforward for a seasoned user. Tons of documentation is available, but you can easily get lost for days if you've never touched one. Cisco offers ASDM, a GUI wizard that can help set up the firewalls. This is nice for newer folks.

What's my experience with pricing, setup cost, and licensing?

Work very closely with your channel partners to verify you have all the licensing you need (VPN, Firepower, etc.). Pricing is always a challenge. Buy closer to Cisco's EOY and you might save a few bucks.

Which other solutions did I evaluate?

Before choosing this product, I also evaluated Palo Alto. I really liked their firewall platform, their Panorama management platform, and wildfire technology. Their SSL VPN was seriously lacking. This is a decent option to consider as well.

What other advice do I have?

Read the Cisco Validated Designs (CVDs) regarding ASAs. Find some decent blogs, discuss topologies and scenarios with a seasoned engineer, and get your final design validated by Cisco. Your Cisco SE should be able to assist with this. If you need assistance implementing, work with your channel partner.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user68991 - PeerSpot reviewer
it_user68991Manager of Engineering with 1,001-5,000 employees
Vendor

Brian, this is one reason I continue to use ASA. Cisco makes a solid, stable and consistent firewall platform. It withstands time and continues to be a widely deployed firewall in the industry.

ASDM is great for a single firewall management, but once you want to manage multiple firewalls at once, you're limited in your offerings from Cisco. I'm hopeful for the future with their plans for FXOS, consolidating these seemingly disparate services (ASA, IPS, VPN) into a single platform.

ASA and IOS teams are definitely separate within Cisco. I don't think these CLIs will ever merge, but we can dream.

See all 5 comments
Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.
reviewer2146893 - PeerSpot reviewer
Executive Vice President, Head of Global Internet Network (GIN) at a tech services company with 10,001+ employees
Real User
The analysis tools and encrypted traffic analysis save time but the licensing is complicated
Pros and Cons
  • "Application inspection, network segmentation, and encrypted traffic detection or encrypted traffic analysis (ETA) are valuable for our customers."
  • "The usability of Cisco Firepower Threat Defense is an issue. The product is still under development, and the user interface is very difficult to deal with."

What is our primary use case?

We have all kinds of use cases. Our customers are large enterprises, and they need perimeter security. Zero trust, network access control, and network segmentation are quite important these days.

We are a partner and reseller. We implement, and we resell. As a Cisco Secure reseller, we have all the expertise. Our customers are usually overworked and have no time to learn how to implement these things and get some expertise. That's what we bring in. We help them select the right solution, select the proper design and architecture, and implement it. They basically lack the time and expertise, and we are a trusted advisor who helps them with their issues.

How has it helped my organization?

I'm working with security. It improves the security posture of our customers and protects them from threats. We recently saw a bunch of hacks in Germany and our customers are concerned. We help to protect our customers from that, and that's very important.

The analysis tools and encrypted traffic analysis save time. They help detect security threats and incidents that can cause outages for customers. It's a great improvement.

What is most valuable?

Application inspection, network segmentation, and encrypted traffic detection or encrypted traffic analysis (ETA) are valuable for our customers. I'm from Germany, and in Germany, people are very concerned about privacy. We have a bunch of public customers, and they have an issue with decrypting traffic, even if it's only for security analysis. They have some fears. So, they are quite interested in the capability to detect threats without decrypting traffic.

What needs improvement?

The usability of Cisco Firepower Threat Defense is an issue. The product is still under development, and the user interface is very difficult to deal with. That's one area where it should be improved. Another area for improvement, which is also related to the firewall, is stability. We are having stability issues, and we had some cases where customers had a network down situation for about one or two days, which is not great.

For how long have I used the solution?

As a partner, I have been working here for about nine years, but we offered this solution all the time. The company has probably been doing that for at least 15 years.

What do I think about the stability of the solution?

Cisco Firepower Threat Defense has improved a lot over the last few years, but we sometimes still have really big issues.

How are customer service and support?

Their support is pretty awesome. It doesn't really matter if you have a hardware issue or a software issue. If it's a hardware issue, you get a replacement quickly, and if you have a software issue, you get quick support. There are also some bad examples. I have one from wireless where after a problem was acknowledged, it needed about one year to get fixed. It depends a little bit on how complex the issue is, but in general, it's quite okay.

Which solution did I use previously and why did I switch?

We are also selling Fortinet, Palo Alto, and Check Point. We sell all solutions, but I'm quite focused on Cisco. It's mostly because I have the most expertise and experience with it over the years. I've been working with Cisco security solutions for 15 to 20 years. That's where my expertise is, and with Cisco, you have a solution for everything. It's not always the best of breed, but in the overall solution frame, you have something for everything, and they interact nicely with each other, which is great.

How was the initial setup?

The deployment model is totally customer dependent. The way we work, we look at the customer environment and develop a proper deployment model for them. Some of them are using enterprise agreements. It's becoming more and more common, so they can use several solutions at once or with some kind of added use price and other benefits.

I'm not always involved in the deployment. I work as an architect. I do not implement all the solutions I design, but I implement some of them. For me, it's important because, for one, I like it, and second thing is that I need to have some kind of hands-on experience to understand the solution so that I can make better designs.

If you do the initial setup for the first time, it's somewhat complex., but over time, you get the experience, and then it's more or less straightforward. 

Our clients rarely used the firewall migration tool. It gives you a starting point for the configuration, but usually, there are so many things you need to rework afterward. We use it sometimes, but it only does a part of the job.

It does require maintenance. The clients have maintenance contracts for that.

What about the implementation team?

In our company in Germany, just for the security solutions, we have about 20 to 30 engineers. They are experienced in different areas. For the firewalls, we have 10 engineers.

What's my experience with pricing, setup cost, and licensing?

Cisco was never a cheap solution. Compared to other vendors, it's more or less at the same level, except maybe Fortinet which is fairly cheap.

In terms of licensing, we still have issues with the subscription model. Many of our customers are used to buying a solution and owning it. It takes time to convince people to go for the subscription model. That's still an issue for us.

What other advice do I have?

We have Cisco Firepower Threat Defense, email security, web security, and Cisco Umbrella. Most of the time, I am working with Identity Services Engine for identity-related things. That's the main product I work with all the time. I have almost no direct contact with Talos, but I know that below the hood, it just improves all their security solutions.

To those evaluating this solution, I would advise being a little bit careful with it. It interfaces well with other Cisco solutions, so it has value, but it's not always the best solution.

At the moment, I would rate it a six out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
reviewer1667103 - PeerSpot reviewer
Global Network Architect at a agriculture with 10,001+ employees
Real User
Secures our infrastructure and the OT network very well, and meets our scalability requirements
Pros and Cons
  • "It's protecting the organization against the impact of cyber threats and cybersecurity. We run manufacturing plants that have hazardous material, and we don't want that manufacturing process to be impacted by break-in exposure, cyber threats, or any other similar thing."
  • "We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls."

What is our primary use case?

The primary use case is as one-layer protection of our OT network. The way we're set up is that we have our OT network behind the commercial network, and we do dual firewalls. We've Cisco firewalls on the commercial network side and a different vendor and a different management group on the OT network side.

How has it helped my organization?

It's a good solution. It's in some ways a reactive solution where we have it sitting in a whitelist mode rather than a blacklist mode. So, we are blocking everything and permitting specific things, and it seems to work fairly well for us.

It hasn't necessarily freed up the time, but it has helped in securing the infrastructure and the OT network behind it. The intent of this particular solution is not time-saving. It's not a cost solution. It's meant to isolate and control access to and from a specific set of infrastructure.

It allows us to get access. We're seeing more and more that business systems like SAP are looking to get access to OT systems, and this is how our systems get that.

What is most valuable?

It's protecting the organization against the impact of cyber threats and cybersecurity. We run manufacturing plants that have hazardous material, and we don't want that manufacturing process to be impacted by break-in exposure, cyber threats, or any other similar thing.

What needs improvement?

We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls.

For how long have I used the solution?

We've been using Cisco firewalls for 10 years or more.

What do I think about the stability of the solution?

It has been a very stable solution. If you keep it up to date and do sensible management on it, it's a very stable solution.

What do I think about the scalability of the solution?

So far, in this use case, it has met our scalability requirements in terms of traffic and management.

How are customer service and support?

We have an excellent account team, and they go to bat for us inside of Cisco. We also have access to TAC and things like Smart Net, and all that seems to go very well. It's a good team. I'd rate them a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We weren't using anything similar in this particular use case. We chose Cisco because they originally came on the recommendation of our networking partner. They came in with a strong recommendation from a strong partner.

How was the initial setup?

I wasn't involved in its deployment. That was before I started working in this space.

What was our ROI?

In this specific use case, the biggest return on investment is that we do not have incidents, and this ultimately, in some of our factories, ends up being a health and human-safety use case.

What's my experience with pricing, setup cost, and licensing?

We've gone to all smart licensing, so that works well. 

What other advice do I have?

Understand what you're trying to protect and what you're trying to protect it from, and then also understand how the solution is managed.

I'd rate Cisco Secure Firewall a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
ICT Manager at a aerospace/defense firm
Real User
Site to site VPN is easy, but it's very expensive.

What is most valuable?

  • VPN
  • ASDM configuration

For FirePOWER:

  • IPS
  • AMP
  • URL filtering

How has it helped my organization?

It's pretty easy to connect between different branches using site to site VPN.

What needs improvement?

Cost, it's very expensive. To migrate from a Cisco ASA 5550 and not drop in performance, you have to go to a Cisco ASA 5555-X with FirePOWER. To fully use the Cisco FirePOWER IPS, AMP and URL filtering, you are forced to (MUST) buy the Cisco FireSIGHT management centre. You also have to buy licensing for Cisco AnyConnect VPN client

For how long have I used the solution?

I've been using it since October 2004, so for 10 years.

What was my experience with deployment of the solution?

Due to the cost, I am still waiting for more funds to deploy the final phase, FirePOWER IPS, AMP and URL filtering.

Cisco did an upgrade from v8.2 to v8.3 of the migration system. NAT configuration is different from 8.2 to 8.3. It's not easy to upgrade to 8.3 and above leading to running different software versions.

What do I think about the stability of the solution?

V8.2 is very stable. With the latest versions it's still early to tell.

What do I think about the scalability of the solution?

Upgrading from v8.2 to v8.3 is a nightmare. The risks of down time are so high that I am forced to run different versions. Stay with 8.2 on all NAT dependent on your ASA, but again it's all about the cost.

How are customer service and technical support?

Customer Service:

Excellent customer service. Cisco listens to their customers.

Technical Support:

Excellent customer service and documentation.

Which solution did I use previously and why did I switch?

We previously used Checkpoint, and I switched because Checkpoint was expensive but now it looks like Cisco is following the same route.

How was the initial setup?

It was not that complex because I was using Cisco routers and switches five years prior.

What about the implementation team?

It was an in-house implementation.

What was our ROI?

I can't tell right now as I am still investing.

What's my experience with pricing, setup cost, and licensing?

The initial investment on the Cisco ASAs was around one million South African Rand and there's a R200,000 annual maintenance cost with Cisco's partners.

Which other solutions did I evaluate?

No. I went straight to Cisco because of my experience with their CUCM IPT solutions, routers and switches.

What other advice do I have?

Budget a lot of money, especially on the initial setup and the annual licensing and maintenance cost.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Simon Chaba - PeerSpot reviewer
Simon ChabaICT Manager at a aerospace/defense firm
Real User

Yes, we have 3 x 1Gbps and 1 x 155Mbps. We have four internet breakouts in different cities around the country and three of them are 1Gbps each. The fourth internet breakout is 155Mbps. There's only 2 ASA which are still on 8.3 and all others have been upgraded to 9.1. The remaining two will be upgraded in a few weeks time. Cisco ASAs are reliable, very stable and the best. The Cisco Firepower works like magic, application visibility, URL filtering and the ability to drop p2p protocols like torrent, on the fly are some of the best capabilities of the product.

See all 3 comments
Networking Project Management Specialist at Bran for Programming and Information Technology
MSP
Highly reliable, quick device replacements, and responsive support
Pros and Cons
  • "Our company operates in Saudi Arabia, primarily working with government sectors. If any hardware malfunctions, the defective device is removed, and we receive a replacement from the reseller. We have not encountered any issues related to delays in receiving replacements for malfunctioning devices which has been beneficial."
  • "In today's world, cyberattacks have become a common occurrence. However, so far, we have not faced any issues with our systems. I hope the situation remains the same in the future. If Cisco introduces even more advanced security measures, it would be beneficial."

What is our primary use case?

To safeguard our clients' system data and related aspects, we rely on Next-Generation Firewalls as a system integrator. In particular, we use Cisco Secure Firewall for enhanced security measures.

We have provided our services to the National Information Center in Riyadh, which is a government database. They installed Cisco Secure Firewall systems and have given us positive feedback, which is why most of the areas prefer to use Cisco. To date, we have not received any negative feedback from our clients regarding any issues, such as hacking. Everything has been secure, and I hope it stays that way in the future.

What is most valuable?

Our company operates in Saudi Arabia, primarily working with government sectors. If any hardware malfunctions, the defective device is removed, and we receive a replacement from the reseller. We have not encountered any issues related to delays in receiving replacements for malfunctioning devices which has been beneficial.

What needs improvement?

In today's world, cyberattacks have become a common occurrence. However, so far, we have not faced any issues with our systems. I hope the situation remains the same in the future. If Cisco introduces even more advanced security measures, it would be beneficial.

One of the major issues we face in the Middle East is the long delivery time for Cisco products. Currently, they are taking almost 10 months to deliver, which is much longer compared to before when we received the products within 70 to 80 days or even two to three months. For instance, we recently placed an order that has a delivery date in the middle of 2024. This delay is unacceptable as customers cannot wait that long, and they may opt for other alternatives, such as Huawei, Juniper, or HPE. Therefore, Cisco needs to improve its delivery time and ensure that they deliver products within a reasonable timeframe, as it did before.

For how long have I used the solution?

I have been working with Cisco Secure Firewall for more than 10 years.

What do I think about the stability of the solution?

We have not encountered any stability issues. The only issue we faced was with another company that did not have proper cooling systems in their data center.

What do I think about the scalability of the solution?

The scalability of the Cisco Secure Firewall is excellent.

How are customer service and support?

A few years ago, we faced an issue with some of our devices in Saudi Arabia, and we reached out to Cisco for assistance. They responded promptly and repaired our devices within the given time frame. While the delivery time for their solutions in the Middle East may be longer, Cisco still delivers their solutions on time, whether it's for repair or new orders. Even if the delivery time is up to a year, Cisco ensures that our products are provided on time.

I rate the support from Cisco Secure Firewall a ten out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

As a system integrator, our primary focus is not on selling products, but rather on providing comprehensive solutions to our customers, starting from scratch and ensuring everything runs smoothly. In this regard, we rely heavily on Cisco devices, including switches, routers, code devices, NK, Nexus, 7000, and 9000. We also use other Cisco products, such as IP phones and access points. In Saudi Arabia, Cisco is the most popular brand in the market, but its popularity is declining due to prolonged delivery times. Customers cannot afford to wait a year, and this is the primary reason for the decline in demand.

What's my experience with pricing, setup cost, and licensing?

The prices of Cisco Secure Firewall are competitive, especially for us as Cisco partners. We purchase the products directly from Cisco as a gold partner, which allows us to obtain better pricing than we would get from normal distributors or the local market.

What other advice do I have?

Our current company, SNC ICT, is already a Cisco Gold Partner. We are actively involved in investing, purchasing, and selling Cisco products to our customers, as well as performing installations, configurations, and providing other related services.

In the Middle East, most people with a budget opt for Cisco. However, I do not have any information about the preferences in Europe, South Asia, or Asia.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Maharajan S - PeerSpot reviewer
VSO at a computer software company with 501-1,000 employees
Real User
Top 20
Good encryption and decryption with decent dashboards
Pros and Cons
  • "We found the initial setup to be easy."
  • "Maybe the dashboard could be a bit better."

What is our primary use case?

This is an SSL that can decrypt and encrypt SSL traffic. 

What is most valuable?

The ability to encrypt and decrypt is great.

The dashboards are excellent.

We really like the reporting aspect of the product. 

It is stable. 

We found the initial setup to be easy.

What needs improvement?

Maybe the dashboard could be a bit better. There are some reports where we don't get it. We need a deep dive into a particular URL, however, it provides the URL and the IP address, and there is no more information that can show more details. Basically, the report models can be improved.

With their console, we have to build a separate VM. In some of the products, the management console comes along with the box itself. It'll be one solution to take the backup and keep it. Even if you want to build a DR, it'll be easy. However, the challenge we had is if that VM is down, my team may not able to access the Firepower remotely. Therefore, the management console itself should be built within the Firepower box itself, rather than expecting it to be built in a separate VM.

For how long have I used the solution?

I've been using the solution for more than four years. 

What do I think about the stability of the solution?

We have not, as of now (touch wood) faced any issues. It's stable, and we don't face any performance issues as well. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.

What do I think about the scalability of the solution?

At this moment, we have not thought through scaling. The model which we use is less than 60%. What I heard from them is you can cascade it to another box, and scaling can be done.

We have between 400 to 450 concurrent users on a daily basis accessing this box. Overall, we have 2,000 devices that could be easily communicated via Firepower.

How are customer service and support?

Technical support is good. We've found it to be quite good in general. 

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is great. It's very easy and quite straightforward. If you understand the process, it is very easy. I'd rate it a 4.5 out of five in terms of ease of implementation. 

What's my experience with pricing, setup cost, and licensing?

I don't manage licensing. I can't speak to the actual cost of the product. 

What other advice do I have?

We're a customer and end-user.

I'd recommend the solution to organizations that have around 1,500 people that need to access the solution. 

I would rate the solution a nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1900203 - PeerSpot reviewer
Network Automation Engineer at a financial services firm with 1,001-5,000 employees
Real User
Remote access VPN enables our employees to work from home
Pros and Cons
  • "For our very specific use case, for remote access for VPN, ASAs are very good."
  • "Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better."

What is our primary use case?

We use it for remote access VPN. That means the folks at home can work from home using AnyConnect.

What is most valuable?

For our very specific use case, for remote access for VPN, ASAs are very good.

Cisco also introduces new features and new encryption techniques.

What needs improvement?

Cisco wasn't first-to-market with NGFWs. That is one of the options now. They did make an acquisition, but other vendors got into that space first. I would tell Cisco to move faster, but everything moves at the speed of light and it's hard to move faster than that. But they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better. It's hard to be critical of Cisco given that they pave the way a lot, but they should see what their peers are doing and try to emulate that.

In terms of additional features, perhaps there could be some form of integration with the cloud. I don't know how much appetite we would have for that given the principle of keeping a lot of the sensitive data on-prem. But some integration with the cloud might be useful, given that the cloud is everything you see these days. We have our on-premises devices, but maybe they could provide an option where it fails over to a cloud in a worst-case scenario.

For how long have I used the solution?

I've been using Cisco ASA Firewalls from the time I was in school. I learned it when I was in the academic setting. I joined Cisco and worked there for six years there as a sales engineer before joining my current company.

What do I think about the stability of the solution?

The stability of the solution is a 10 out of 10.

What do I think about the scalability of the solution?

Scalability is probably a 10 out of 10 for what we're looking at.

How are customer service and support?

Their technical support is very good. Maybe I view them with rose-colored glasses since I was there for six years, but they really do try hard. Cisco cracks the whip on them. They do a lot of work. There's no downtime.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

The challenge we wanted to address was scale. We're growing and we needed something a little more robust, something that could hold a big boy. We've got a lot more employees and we were using an older version of the hardware, so we upgraded to the newest version of the hardware, given that we're familiar with it. It solves our use case of allowing employees to work from home.

How was the initial setup?

I was involved in the design, deployment, and operations. Our team is very special in the fact that we don't delegate to other folks. We're responsible for what we eat and what we design. We actually do the hands-on work and then we maintain it. We tend not to hire out because they come, they wash their hands clean of it, leave, and then there's all this stuff that needs fixing. If we get paged at 3:00 AM it might be our fault, and the lessons are learned.

Our network engineering team consists of about 12 people.

What's my experience with pricing, setup cost, and licensing?

The pricing is fair.

What other advice do I have?

My advice to others would be to design it well and get it validated by the Cisco team or by a consulting company. Don't be afraid of the solution because they have skin in the game. It's been in the market for so long, it's like buying a Corolla, as odd as that sounds. If you have a use case for your car where you're just driving from A to B, then get that Corolla and it will suit you well. It will last you 100 million miles.

Cyber security resilience is super important. We have super important data and we need to secure it. We're regulated and audited by the government and we're audited all the time. I get audited when I breathe. We have to make sure everything is super transparent and make sure that we have all of the fail-safes in place and done well. We have to be very accountable so that there are no "gotchas."

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.