Cisco Secure Firewall Reviews

We are using these firewalls for edge security or different zones of security. We use them throughout the whole organization, but they vary in size, depending on if it's a small office in Spain or a large office in another country. We have offices in many countries.

It saves time. It protects us from experiencing big or small attacks. If we are vulnerable to attacks, it would take us a lot of time to fix that and put out all the fires. Hopefully, we won't need that when we have several layers of security.

We feel that we can trust the security, and our assets and business are well protected. We need to have trust in it, but we also see that it works. We have a security company that has tested that it works.

They have already improved it to some degree. It has become easier, but I've not drilled down much myself. I mostly use CLI, but I can see that it's a little bit more GUI-based. So, improvement is already there. It's a good thing that we now have GUI-based control over the details, and that would be the way to go.

It integrates with other security products from Cisco, but sometimes, there can be glitches or errors.

I have been using Cisco firewalls for the last 20 years. We are now mostly using FPRs, but we also have some old Cisco firewalls that we need to change to newer technologies.

It has been a while since I used it myself. My experience was good. You get the correct engineer for the task. I'd rate them an eight out of ten.

Positive

We have firewalls from other vendors, but we will be moving over to Cisco. When we have the same vendor, it would take less time to train people to do their job because there is one technology rather than four or five different ones.

I was involved in its deployment, but that was a few years ago. It was not an in-depth technical installation; it was more of a physical installation. It was easy. We are a big company, so we need to plan the downtime and get approval from the business to take down systems and upgrade them. 

I'd rate Cisco Secure Firewall a seven out of ten.

Our primary use case for Cisco Secure Firewall is segregation between different environments. We put Cisco Secure Firewall between each of those environments to create this segregation. 

Cisco Secure Firewall improved our organization. We have it in every one of our French offices. 

What I like about Cisco Secure Firewall is that you get to integrate it into one box. For example, you can have one big switch with a model inside of it. This makes it easy to manage. 

One thing that Cisco could improve is the GUI. The graphic user interface should be more user-friendly. If you compare it with some of its competitor's GUIs, Cisco falls short in terms of how rules are pushed. 

We have also run into issues with functionality and flexibility. Cisco does fall behind its competitors in this regard. It's our opinion that Cisco is not a leader in security devices. 

I have been using Cisco Secure Firewall for two decades. 

We are satisfied with the level of support we get from Cisco. Getting support is quite easy. When we have a problem, our engineer just opens up a case and we get a reply quickly. The support usually has deep knowledge of the solution. 

Positive

I was involved in the initial deployment. It was quite simple, not complex at all. 

We have seen a return on investment in terms of price because we have a partnership with our provider. 

We chose Cisco Secure Firewall because we were already using Cisco switch routers and other products, so we wanted everything to be from one provider. However, we do use other products as an additional security measure.

The solution does help us save time because it enables us to do a good job of filtering from the get-go. This ensures we have fewer potential threats to look through.

Cisco Secure Firewall has not helped us consolidate tools because part of our security strategy is having multiple firewalls from different providers. Our company policy is that it is better to have different technology, so we do have some overlap.

We use it as a firewall or for UTM at the data center.

We like the standard firewall features. It's quite a capable box for UTM.

Sometimes my customers say that Cisco firewalls are a bit more difficult compared to Fortigate or Palo Alto. There is complexity in the configuration and the GUI could be improved.

I have been using Cisco ASA Firewalls for as long as I have been working here, which is seven years.

Once installed, it's quite stable. We don't have many issues after it's deployed. Both the hardware and software are quite stable.

As a firewall, it's in use all the time. Whether there will be increased usage depends on how security risks increase. But at the moment, there's no expectation for an increase in use.

Cisco's technical support is usually quite satisfactory, and we get a reasonable response in a reasonable time to any inquiry we make.

Positive

The initial setup is not that simple. I don't do the installation myself, but from what I hear it's more complicated than some of the other firewall products.

We usually do our installation in two or three hours. Our customers usually have between 10 and 50 users and they are generally IT admins.

We have three people who work in the field and manage deployments, and another five to 10 to manage the solution.

If you use the full functionality of Cisco ASA, it's worth the cost. But I don't think our company product is using the full capacity of the Cisco ASA.

Licensing, recently, has been getting more complicated. In particular, the Smart Licensing that came out is quite complicated. I don't know what's going on. Our sales team asks us questions about Smart accounts, but I don't know what it is and Cisco is making it so complicated. They call it Smart, but it's complicated. I prefer the traditional license where you buy it once.

When talking with our customers, I would not recommend our company's Cisco products for their security. It depends on their requirements, but if they want full security, I wouldn't say that Cisco ASA is the one choice.

My advice would be to do a PoC first.

I work for an engineering company that has multiple sites located in different locations, overseas and domestically in Pakistan. There are 30 to 35 sites connected to our network. We restrict the website at these locations using the Cisco Firepower module.

The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly. 

Cisco Firepower is not completely integrated with Active Directory. We are trying to use Active Directory to restrict users by using some security groups that are not integrated within the Cisco Firepower module. This is the main issue that we are facing. 

There are some other issues related to their reports where we want to extract some kind of user activity. When a user tries to connect to our website, we are unable to read its logs in a proper manner and the report is not per our requirement. These are two things that we are facing.

Per my requirements, this product needs improvement. For example, I want to use and integrate with Active Directory groups. 

We have been using it since last year.

It is a stable product.

I haven't tried to work with Cisco support.

In the last 10 years, we were using the Barracuda Web Security. Compared with that product, I would give this solution six or seven out of 10 when compared to Barracuda. Barracuda has one of the best web security features, giving access to users by deploying a web agent on client computers at different sites. 

Barracuda Web Security's hardware was obsolete so our management never tried to renew its license. That is why we are trying to use the Cisco Firepower module. We want to understand their web security gateways, web security logs, what it provides, and the kind of reporting it has. We are currently doing research and development regarding what features and facilities it provides us compared to our requirements.

I am happy with the web security. However, I am not happy with the groups, reports, and integration with Active Directory.

We are using the web security, and only the web security feature. Therefore, if someone asked me to give them advice about the Cisco product, then I will definitely not recommend it since it is not fulfilling our requirement. We have different sites located domestically and at overseas sites, which is about 30 to 35 sites. It is not locating any of the clients. This is compared to the Barracuda web agent on the client computer, which is always connected to Barracuda with live IP addresses, pushing and pulling all the procedures and policies to that client and computer. This is why I will not recommend the product to anyone who has a similar situation to ours. .

I would love to use the product in the future, if my requirements are met.

I would rate the product as four out of 10.

Cisco Secure Firewall is a next-generation firewall that can be used for various security applications. 

The advantage of using Cisco is its integration within the Cisco fabric, which allows for effective threat detection and mitigation.

Cisco could improve its score by developing more features that integrate seamlessly with various applications and investing in hardware acceleration to enhance performance.

The product is stable with minimal glitches or latency issues.

The solution is easy to install, requiring minimal expertise. Deployment time varies, but it can take about two days for a medium-sized company with 200-300 users to configure and install.

After five years of product usage, the high return on investment and low total cost of ownership can be observed.

Pricing depends on partnerships and certifications. The engineering team's certifications can qualify it for seven to eight percent discounts.

The platform's integration capabilities depend on the project context. In some cases, integrating Palo Alto may provide better performance, but Cisco can still be effective.

However, its classification in industry comparisons, such as those from Gartner, is lower than that of competitors like FortiGate and Palo Alto.

Overall, I rate it seven out of ten. 

Our primary use cases for this solution are as a traditional firewall, VPN system, IPS, and for URL filtering.

I think that the firewall feature is the most valuable to me as it is one of the oldest features for this solution. We also appreciate how stable the VPN is.

I have a lot of difficulties with the solution's Firewall Management Center (FMC) and the GUI. Neither is responsive enough and should be improved.

My organization has been using Cisco Secure Firewall for more than 10 years. 

My opinion is that this solution is quite stable.

We encounter tech issues often. Sometimes it's really good to work with the tech engineer, but sometimes it can be really frustrating that it's slow to go through the email chat and everything. It depends on the engineer you get.

Positive

I have had difficulties with the implementation of this solution. When I first encountered this solution, I had difficulties bringing it up and configuring it, but this was maybe due to the fact that back then it was a new technology. It is possible that I would have an easier time with it right now. 

I would say that this solution did help free up staff. Today, and even during COVID, a lot of customers are interested in VPN solutions and this demand will only keep increasing. I work from home mostly and the solution saves me two hours per day.

I do want to stress that this solution saves our organization time. We have 13 engineers in our company and even more staff in other departments and they also have the opportunity to work from home and with this, they save a lot of time. We plan on buying a smaller office thanks to this and this too will save a lot of money for the company.

The reason we chose Cisco is that some of my colleagues partnered with the provider when they came to Hungary, so they have been working with these solutions for a long time.

I do not have experience with the Cisco migration tool, but my colleagues do and they are really happy with it and its ease of use.

I would rate this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

Our primary use case for this solution is to use it as a firewall. This product secures the internet from internal and public users.

Cisco Secure Firewall helped add to my organization's value. It is a selling product for us here. They have great support and documentation, which makes the solution easy to sell to customers. The Cisco name has a lot of value and high brand awareness.

We are selected partners now but are looking to grow to become a primary partner for Egypt. 

Cisco Secure Firewall definitely saved us time. However, security is never 100% with any product, even Cisco. So, you will have to spend some time securing your IT regardless of which solution you use.

I would say that it helped my company cut time by 50%.

The solution cautions us against threats via email notifications and internally in the web interface of the product itself on the dashboard.

What I found the most valuable about Cisco Secure Firewall is that if a client is educated about the solution, it can help him or her avoid many problems and mistakes. 

I think Cisco would benefit from comparing its solutions to other products. There is a lot to learn from solutions like Palo Alto or FortiGate. These are top security products. For example, Palo Alto has better inspection visibility than Cisco. When we ask customers about Palo Alto, they say "I like Palo Alto. It helps me see problems on time. I can audit everything through it." Cisco could improve in this regard. Cisco's inspection visibility could be better. 

I have been using this solution for a long time; since the PIX version in 2003. This adds up to almost 20 years now. I have had a plethora of experiences with this solution as both just an employee using it and also as the owner of a company. We also have a range of customers using the solution. 

We did not use any other solutions. Our strategy from the beginning has been to grow with Cisco. However, our customers have the final say in which solutions they choose and sometimes that's not Cisco. That has much to do with their previous beliefs and brand loyalty and trust. The customer's opinion matters and if the customer is loyal to Palo Alto, we are going to have a hard time getting them to make the switch. 

I am not involved in the deployment of the product. I have a sub that deploys Cisco Secure Firewall. I'm involved in guiding the deployment on the management side and making sure it's done in line with the customer's wishes. 

I did evaluate other options but ultimately went with Cisco because of the support they offer. You can reach their tech support engineers at any time. That's important. Their documentation is great as well. Their site is wonderful. 

I rate the solution a seven out of ten.

Cisco Secure Firewall should be consolidated with routers, switches, or VOIP.

This is an SSL that can decrypt and encrypt SSL traffic. 

The ability to encrypt and decrypt is great.

The dashboards are excellent.

We really like the reporting aspect of the product. 

It is stable. 

We found the initial setup to be easy.

Maybe the dashboard could be a bit better. There are some reports where we don't get it. We need a deep dive into a particular URL, however, it provides the URL and the IP address, and there is no more information that can show more details. Basically, the report models can be improved.

With their console, we have to build a separate VM. In some of the products, the management console comes along with the box itself. It'll be one solution to take the backup and keep it. Even if you want to build a DR, it'll be easy. However, the challenge we had is if that VM is down, my team may not able to access the Firepower remotely. Therefore, the management console itself should be built within the Firepower box itself, rather than expecting it to be built in a separate VM.

I've been using the solution for more than four years. 

We have not, as of now (touch wood) faced any issues. It's stable, and we don't face any performance issues as well. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.

At this moment, we have not thought through scaling. The model which we use is less than 60%. What I heard from them is you can cascade it to another box, and scaling can be done.

We have between 400 to 450 concurrent users on a daily basis accessing this box. Overall, we have 2,000 devices that could be easily communicated via Firepower.

Technical support is good. We've found it to be quite good in general. 

Positive

The initial setup is great. It's very easy and quite straightforward. If you understand the process, it is very easy. I'd rate it a 4.5 out of five in terms of ease of implementation. 

I don't manage licensing. I can't speak to the actual cost of the product. 

We're a customer and end-user.

I'd recommend the solution to organizations that have around 1,500 people that need to access the solution. 

I would rate the solution a nine out of ten.