Cisco Secure Firewall Reviews

We use this solution for our firewall and intrusion prevention system.

The most valuable feature is that I have 16 public IP addresses that tunnel through into servers inside. 

There are no issues that we are aware of. It does its job silently in the background.

The initial setup could be simplified, as it can be complex for new users.

We have been working with this solution for a couple of years.

It's stable. If there is ever a problem, it never seems to be the firewall.

This particular model can't quite handle the bandwidth we need. We're actually replacing it shortly with the new higher capacity model.

Technical support is good. They are responsive.

The initial setup was somewhat complex at first.

We had help from an integrator, which was Dell. They were helpful.

The price is comparable.

We are just at the beginning of the deployment of Arctic Wolf for managed detection and response. We don't have a lot of information yet, as we are onboarding it now.

We wanted to have someone watching and we couldn't set up the SOC by ourselves because we need six security dedicated people to man it at all times. With a staff of 80, it was too much. We engaged Arctic Wolf to be our 24/7 eyes on the potential risks that are happening. They can alert us and we can deal with it.

We like to use the integrator just to make sure that the firewall is set up correctly. If you don't have people dedicated to the firewall, then you can't do it in-house.

I would rate the Cisco firepower NGFW Firewall a nine out of ten.

The feature set is fine and is rarely a problem.

Cisco makes horrible UIs, so the interface is something that should be improved. Usability is poor and it doesn't matter how good the feature set is. If the UI, whether the command-line interface or GUI, isn't good or isn't usable, then you're going to miss things. You may configure it wrong and you're going to have security issues.

Security vendors have this weird approach where they like to make their UIs a test of manhood, and frankly, that's a waste of my time.

The SNMP implementation is incredibly painful to use.

I have been using Cisco Firepower NGFW Firewall within the past year.

I work with a lot of different IT products including three different firewall solutions in the past 12 months.

Everything has room for improvement.

I would rate this solution a five out of ten.

We tend to use the solution as it's forced on us by corporate. Our company wants us to use it.

The solution is stable. We haven't had any issues in that sense.

The security of the hardware is excellent. Cisco is very serious in its approach to security.

We have a high level of trust in Cisco and its products.

The solution is excellent for enterprise-level networks.

The solution is difficult to use. There's more required than a typical firewall. It's different than, for example, Palo Alto and Fortinet, which we find are easier to set up. 

If the implementation was easier, it would be a lot better for us.

It would be such a great product for us if it was easier to manage.

I've been working with the solution for more than ten years. It's been a long time. It's been over a decade at this point.

The solution is quite stable. We have no problems with bugs or glitches. It doesn't crash or freeze. It's good.

We've found the solution to be scalable. A company shouldn't have any issues with expanding it if it needs to.

We have about 300 users on the solution currently. We do plan to continue to use Cisco in the future.

We use third-party technical support that's offered and we're quite satisfied with the level of attention we receive.

I have knowledge of Palo Alto and Fortinet.

While those two are easier to set up and control, nothing compares to Cisco in terms of security. They're very strong in that regard. We also find Cisco to be more stable.

However, we only use Cisco firewalls in our organization. We don't use anything else.

The implementation is not so straightforward. It's rather complex and we have a lot of trouble with it.

The implementation took us about one month.

We plan to implement an updated version next month as well.

We need three to eight people to handle the setup.

I did not handle the implementation by myself. Rather, it's done by another team including the original support from Singapore and with license support from headquarters in Japan.

However, our team does handle the implementation in-house, and we can handle the setup for clients as well.

We do need to purchase licenses. Those come from headquarters in Japan. They handle the details in terms of pricing. I'm not sure of the overall costs.

We're both a customer of Cisco and a reseller.

This month we plan to upgrade from our existing hardware.

Overall, we've been happy with the results we've gotten. I would rate the solution at a nine out of ten.

Our primary use case of Cisco ASA Firewall is to protect our environment. We are customers of Cisco and I'm a network engineer. 

The solution is simple to deploy and stable. 

Technical support could be improved, they take a long time to respond. 

I've been using this solution for 10 years. 

This is a stable solution. 

Initial setup was relatively simple, it took around six months and I deployed myself. 

I would rate this solution a nine out of 10. 

We utilize the solution for our IT security. 

To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface.

We frequently use the Bottleneck feature we purchased specialized from Cisco.

It is hard to collaborate with our filtered environment. 

If Cisco could combine the Bottleneck feature of ASA, their platform called Umbrella, and the other team they have that has similar malware protection into one, this would be perfect. 

I have been using the solution for almost three years.

The solution is stable. However, It does have some bugs, but Cisco always fixes them really quickly. Sometimes we have to restart and it would be better if the bugs could be fixed without having to reload.

The scalability is not perfect.

The support has been great and responsive. Most of their engineers are very professional and knowledgeable.

The setup is easy to do if you are familiar with these type of installs, if not then it could be difficult.

We have a perpetual license for all of our firewalls. For some of the features, we purchase them on demand. The pricing is decent but it could always be cheaper, we would be happier.

We will probably change to a higher version in the near future or migrate to a next-generation firewall which would include IPI and some other new features. This makes sense because our current firewall ends the support in several years. 

Cisco FirePower, the next-generation firewall, is much better for stability.

I have used many versions of the software over the years, versions 8.6 to 9.1 and 9.9 to 9.12.

Keep in mind before purchasing the solution, if you do need to scale the solution then ASA is probably not right for you.

I rate Cisco ASA Firewall an eight out of ten.

I primarily use the solution for the IPsec only. 

The user interface, the UI, is excellent on the solution. Let's say you want to check the real-time locker - you can create it by the UI using ADSM.

The VPN portion of the solution isn't the greatest.

The stability is not the best.

The solution is far too expensive.

I've been working with the solution for about six months, or maybe a little bit less than that.

I haven't found the stability to be very good. The IPsec stability leaves a lot to be desired. They really need to work on the solution's stability capabilities.

In ASA, I built the IPsec between ASA and Fortigate due to the fact that most of the time I have to restart the timer to flow the data.

We only have two to three users who directly deal with the solution within our company. Overall, we have between 100-200 employees. We haven't really scaled it.

I personally would prefer not to use ASA going forward. However, I don't know if the company itself has any plans to increase usage or not.

While I've dealt with Cisco technical support in the past on other solutions, I have not contacted them in regards to this specific product.

That said, my past experience with Cisco technical support has been very positive and I found them to be very helpful in general. I just can't speak to this specific product.

I was pretty junior when the solution was initially implemented in the organization. For that reason, I did not take an active role in implementing the solution. I wouldn't be able to really discuss the setup specifics or the level of difficulty.

I'm not exactly sure who handles maintenance, if any, within our organization.

The licensing is quite expensive. I don't have the exact amount, however, it's my understanding that it's a very pricey solution. There's a lot of competition out there, including from Fortigate, which offers just as good, if not better products.

I'm not overly familiar with ASA. I only work with it on an administration level.

I work with the latest version and I use the ASDM version server.

I wouldn't recommend that an organization choose ASA as a solution. They should look into other options.

Overall, I would rate the solution at a six out of ten. We haven't had the greatest experience.

We are using the ASA in our network to create a VPN between six places. We also use it for servers and data synchronization.

The most valuable feature is that it's secure.

It is really stable and I've never had an occasion that due to this firewall, I have had issues with the network, a breakdown, or otherwise.

This is a user-friendly product. Once you have a specialist who can configure it properly, you'll be pretty protected everything you want is in it.

In the future, I would like to be able to use an IP phone over a VPN connection.

I have been working with Cisco ASA Firewall for at least seven years.

The stability is good.

We have not tried to scale our network. It was established a long time ago and nothing has changed since then.

I have been auditing their partners in Bulgaria and I am in contact with them on a regular basis. I have not had any real issues with my equipment but overall, I think that the support is perfect.

We were using the ASA 5505 and our network is faster now, so we are now in the process of upgrading our network to the 5506 model. The 5505 is a 100 megabit product, which is very low.

We had a company that set everything up for us. They have Cisco engineers and I'm paying them annually for next-business-day support. They do all of the maintenance for us.

They have a lot of different models but most of them are really expensive. This is the main thing because, for us, the price is important.

Overall, I am pretty satisfied with this product and I recommend it.

I would rate this solution a ten out of ten.

In general, we support more public fiscal entities. Most of them are quite sizeable at 5,000-6,000 employees. We use it mostly for remote access.

The clusters in data centers are great.

We enjoy the use of the remote access VPN. We have a mechanical firewall with IPS and we have no more than these. In general, ASA is for remote access and the mechanical firewall right now is more used for data centers. 

We work to combine customers and we have a lot of customers that use networking from Cisco. They buy Cisco firewalls due to the fact that all of their networks are working with Cisco features.

It would be ideal if the solution offered a web application firewall.

We've had some issues with stability.

The solution has some scalability limitations.

The firewall itself has become a bit dated.

The pricing on the solution is a bit high.

Some individuals find the setup and configuration challenging.

I've been using the solution for ten years or more. It's been at least a decade at this point.

Normally, we don't have any problems with stability. That said, when we have problems, it may be difficult to resolve quickly. The tech from Cisco is really good. However, we have some problems that take more time. Issues haven't come up very often. We've only had two or three problems over ten years that took a while to resolve. Largely, it's quite stable. 

We typically work with large public organizations. Our customers are quite big. Some are even up to 8,000 employees.

My view is that the ASA is for data centers. When you need more performance or something like that, this may be a problem. This is due to the fact that we don't have the ability to add more performance - more CPU or more equipment - in our cluster when we deploy the solution in a perimeter. It's complicated to expand the performance with ASA on the perimeter.

We have a good relationship with technical support. They're very helpful. Sometimes we get a solution and sometimes we don't, however, they are always available to help us deal with issues.

I have been working with this equipment for years, so for me, the initial setup is pretty easy. For customers who use the Cisco solutions for the first time, maybe it's complicated. They probably feel it would be easier to configure if there was a simpler graphical view or something like that. Often a complaint is that it's difficult to configure. However, I don't have that issue.

To deploy one solution, how long it takes depends on the customer or the size of the enterprise. For a large enterprise or large public entity, we need more time or more resources to deploy the solution. That said, it's not too difficult for us as we work a lot of time with ASA. We can go fairly quickly.

We support ASA 5508, 5585, and 5525 - all the versions of the firewall. Again, we built a HTAB machine too.

We've worked with Cisco for many years and I love working with them.

Right now, ASA is getting older. A better recommendation may be to use Firepower, a Next-Generation Firewall, no ASA. In cases for some remote VPN access, we recommend ASA, however, for all of the deployments, the recommendation now is to use a Next-Generation Firewall from Cisco Firepower. 

Overall, I would rate the solution at a seven out of ten. That said, for remote access alone, I'd rate the product at a nine.