Try our new research platform with insights from 80,000+ expert users
Head of ICT Infrastructure and Security at City of Harare
Real User
Leaderboard
Stable and reliable, requiring very little support
Pros and Cons
  • "The features that are most valuable within the firewall are the IPS as well as the Unified Communications. We also really like the dynamic grouping."
  • "An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier."

What is our primary use case?

We use it for intrusion prevention and in our VPN that is connected to our head office. It provides protection and security and node clustering. It gives us all the security features that we need within our environment.

What is most valuable?

The features that are most valuable within the firewall are the IPS as well as the Unified Communications. We also really like the dynamic grouping.

What needs improvement?

An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier. Traditionally, Cisco products have been command-line-based.

For how long have I used the solution?

The Cisco ASA Firewall has been in our environment for the past seven years.

Buyer's Guide
Cisco Secure Firewall
March 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
845,040 professionals have used our research since 2012.

What do I think about the stability of the solution?

The product is very stable. We've not had any challenges with it in all this time. It performs very well.

What do I think about the scalability of the solution?

We have 2,000 users who connect through this product. We are planning to increase use as we go, toward the end of the year.

How are customer service and support?

The technical support has been excellent. When there have been any issues, they've always been there for us.

How was the initial setup?

The initial configurations were straightforward, not complex at all. It took us just two days to finalize things.

What about the implementation team?

We did most of the setup in-house, but we also had assistance from our partner.

What's my experience with pricing, setup cost, and licensing?

We pay annually and there are no costs in addition to the standard fees.

Which other solutions did I evaluate?

When you compare Cisco ASA Firewall with Sophos, they are more or less the same in terms of functionality.

What other advice do I have?

Cisco ASA Firewall is very stable and very reliable. It requires very minimal support, once you configure it and put it in your environment. You don't need to attend to faults or issues. Once you install it and plug it in, it is good to go.

We have been using the ASA Firewall for a long time, and it is an advanced product for our current use. In terms of improvement, there's not much that can be done to it. It is a solid product, very effective, and it does its job well.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sr Technical Consultant at a tech services company with 51-200 employees
Real User
Best documentation, good price, and very reliable with useful remote VPN, site-to-site VPN, and clustering features
Pros and Cons
  • "The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
  • "Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information."
  • "There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues."

What is our primary use case?

We are using Cisco ASA Firewall 5525 for network security. We needed a network security solution that can take care of the network security and URL filtering. We also wanted to create site-to-site VPNs and have remote VPNs. For all these use cases, we got Cisco ASA, and we are pretty happy with it.

What is most valuable?

The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA.

Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information.

What needs improvement?

There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues.

What do I think about the stability of the solution?

It is very reliable.

What do I think about the scalability of the solution?

It is scalable. Cisco is pretty popular with organizations, and many customers are using it. It is suitable for all kinds of customers. It can cater to small, medium, and large organizations.

How are customer service and technical support?

I have interacted with them many times. I have been on a call with their technical support continuously for 48 hours. They were very prompt. In terms of technical support and documentation for switching, firewall, and routing solutions, no one can match Cisco.

How was the initial setup?

Its initial setup was very straightforward. Its documentation is very easily available on the web, which is very useful.

What's my experience with pricing, setup cost, and licensing?

Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis.

What other advice do I have?

I would recommend this solution to others if they are not specifically looking for URL filtering and want to use it for their infrastructure. It is a perfect and very reliable solution, but it lacks when it comes to URL filtering. 

I would rate Cisco ASA Firewall a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
March 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
845,040 professionals have used our research since 2012.
it_user1446408 - PeerSpot reviewer
Acting Director, Office of Talent Management at a government with 10,001+ employees
Real User
The UI needs improvement, as does the SNMP configuration, but the feature set is good
Pros and Cons
  • "The feature set is fine and is rarely a problem."
  • "Cisco makes horrible UIs, so the interface is something that should be improved."

What is most valuable?

The feature set is fine and is rarely a problem.

What needs improvement?

Cisco makes horrible UIs, so the interface is something that should be improved. Usability is poor and it doesn't matter how good the feature set is. If the UI, whether the command-line interface or GUI, isn't good or isn't usable, then you're going to miss things. You may configure it wrong and you're going to have security issues.

Security vendors have this weird approach where they like to make their UIs a test of manhood, and frankly, that's a waste of my time.

The SNMP implementation is incredibly painful to use.

For how long have I used the solution?

I have been using Cisco Firepower NGFW Firewall within the past year.

Which solution did I use previously and why did I switch?

I work with a lot of different IT products including three different firewall solutions in the past 12 months.

What other advice do I have?

Everything has room for improvement.

I would rate this solution a five out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1229682 - PeerSpot reviewer
Network Administrator at a manufacturing company with 10,001+ employees
Real User
Accurate CLI, knowledgeable support team, valuable features
Pros and Cons
  • "To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface."
  • "It is hard to collaborate with our filtered environment."

What is our primary use case?

We utilize the solution for our IT security. 

What is most valuable?

To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface.

We frequently use the Bottleneck feature we purchased specialized from Cisco.

What needs improvement?

It is hard to collaborate with our filtered environment. 

If Cisco could combine the Bottleneck feature of ASA, their platform called Umbrella, and the other team they have that has similar malware protection into one, this would be perfect. 

For how long have I used the solution?

I have been using the solution for almost three years.

What do I think about the stability of the solution?

The solution is stable. However, It does have some bugs, but Cisco always fixes them really quickly. Sometimes we have to restart and it would be better if the bugs could be fixed without having to reload.

What do I think about the scalability of the solution?

The scalability is not perfect.

How are customer service and technical support?

The support has been great and responsive. Most of their engineers are very professional and knowledgeable.

How was the initial setup?

The setup is easy to do if you are familiar with these type of installs, if not then it could be difficult.

What's my experience with pricing, setup cost, and licensing?

We have a perpetual license for all of our firewalls. For some of the features, we purchase them on demand. The pricing is decent but it could always be cheaper, we would be happier.

Which other solutions did I evaluate?

We will probably change to a higher version in the near future or migrate to a next-generation firewall which would include IPI and some other new features. This makes sense because our current firewall ends the support in several years. 

Cisco FirePower, the next-generation firewall, is much better for stability.

What other advice do I have?

I have used many versions of the software over the years, versions 8.6 to 9.1 and 9.9 to 9.12.

Keep in mind before purchasing the solution, if you do need to scale the solution then ASA is probably not right for you.

I rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sr Network Administrator at Orient Petroleum Inc
Real User
Reliable and user-friendly with good technical support
Pros and Cons
  • "The user interface is easy to navigate."
  • "The annual subscription cost is a bit high. They should try to make it comparable to other offerings. We have a number of Chinese products here in Pakistan, which are already, very cheap and have less annual maintenance costs compared to Cisco."

What is our primary use case?

We are primarily using the solution to protect our network.

What is most valuable?

The security the solution offers is very good. Security-wise, it's the top in the world.

The product has excellent technical support.

The user interface is easy to navigate.

Everything is user friendly.

What needs improvement?

The annual subscription cost is a bit high. They should try to make it comparable to other offerings. We have a number of Chinese products here in Pakistan, which are already very cheap and have less annual maintenance costs compared to Cisco.

For how long have I used the solution?

I've been using the solution for a few years now.

What do I think about the stability of the solution?

The solution is reliable. We have been using it for more than a couple of years and we haven't had any problems. There's been no downtime and no hardware failures. It's pretty stable.

What do I think about the scalability of the solution?

We've never tried to scale. We have a pretty small set up in our country. It's unlikely we will have to scale.

Currently, we have between 200 and 300 people on the solution.

How are customer service and technical support?

The technical support has been very good. They are helpful and knowledgeable. We're quite satisfied with their level of service.

Which solution did I use previously and why did I switch?

This is the first product of this nature that we have implemented. We didn't previously use a different solution.

How was the initial setup?

Initially, the preliminary set up took us some time. However, we did have some local expertise in Pakistan. Once, when we were stuck on something, we could manage to get help from Cisco online. It wasn't that tricky or complex. In the end, it was straightforward.

What about the implementation team?

We had some assistance with a local expert as well as Cisco.

What's my experience with pricing, setup cost, and licensing?

There's an annual subscription. It's not cheap. It's quite pricey if you compare it to other competitors in Pakistan. There aren't any extra costs beyond the yearly licensing.

We pay about $200 yearly and we have two firewalls.

What other advice do I have?

We are the customer. We are in the oil and gas business. We don't have a business relationship with Cisco.

I'd recommend the solution to others straight away. It's more or less a very standard option here in Pakistan.

Overall, on a scale from one to ten, I'd rate the solution at an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Network Support & Presales Engineer at a computer software company with 51-200 employees
Real User
Offers an easy way to manage the devices centrally but not all of its features are supported
Pros and Cons
  • "I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment."
  • "Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."

How has it helped my organization?

A lot of companies have a lot of vulnerabilities and lots of exploitations that are going inside their network that the IT staff are not aware of. You actually need a security device like a next-generation firewall to protect your network.

Once we installed the Firepower system, we started looking at the evidence, and we found a lot of exploitations and a lot of bad things that are in the network. These things were invisible to IT, they were unaware of any of them.

What is most valuable?

The Firepower Management Center is an easy way to manage the devices centrally. I guess this is something that all vendors provide so it's nothing special. I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment.

Sometimes you might have a high priority event but it has nothing to do with your environment. You have a vulnerability. You don't have to treat a vulnerability as an attack. Since you're not vulnerable, it's not impactful to your environment so you don't have to focus on it. This is something that other products don't provide. 

It is very flexible. You can have the next generation firewall work as a physical connection or as a Layer 2 device. You can have a combination of Layer 2 and Layer 3, which is really good. 

What needs improvement?

There are quite a few things that can be improved. Firepower is an acquisition from another company, Cisco's trying to put it together. Their previous ASA code with the source file code that they have acquired a few years ago still has some features that are not fully supported.

Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC.

Most of the high-end devices do not support Onboard management. The Onboard management is only supported on the 2100 IP at the 1050 Firepower and on select ASA devices that bear the Firepower image.

It would be very nice if the Onboard management integrated with all the devices. Log key loading for the evidence at the logs, because clearly you only have loading on the remote on the FMP, you cannot store the logs located on the device.

For how long have I used the solution?

I have been using this solution for around two years.

What do I think about the scalability of the solution?

We have several thousand employees at the company.

How are customer service and technical support?

Their technical support is good. 

How was the initial setup?

The initial setup was straightforward. 

What's my experience with pricing, setup cost, and licensing?

The pricing is overrated. Prices for Cisco equipment are always a little bit higher than other vendors. Customers are always complaining about the high prices of Cisco equipment, so it would be very good if these prices can be lowered down, but that's how it is. Cisco equipment usually has higher prices than its competitors.

What other advice do I have?

I would recommend this solution to someone considering it. I would recommend to study and know what the requirements are exactly. One of the things that might be a problem, or might be a complex thing to do is to go through Cisco Firepower, because Firepower is a software that's complex to explain to somebody. There is the previous ASA code that Cisco had and there is the source file that they acquired. Cisco started to send it as ASA Firepower services. Then they combined the two codes together and they started to send a new code called the Firepower Threat Defense, FTD.

Any customer who wants to buy it needs to understand all of these options and what the limitations of each option are, the pros and cons. Any customer who wants to deploy Firepower needs to understand what Cisco has to offer so he can choose correctly.

I would rate it a seven out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
it_user861456 - PeerSpot reviewer
Senior Information Security Engineer at a financial services firm with 501-1,000 employees
Real User
Enables admins to be able to troubleshoot easily and has good traffic analytics features
Pros and Cons
  • "For business purposes, it's a very detailed solution, which is it's greatest benefit, as you can get almost any piece of information you need from the solution. It allows for admins to be able to troubleshoot pretty easily."
  • "I'm working on a slightly older version, but what it needs is a better alert management. It's pretty standard, but there's no real advanced features involved around it."

What is our primary use case?

We use it as a network firewall.

How has it helped my organization?

For business purposes, it's a very detailed solution, which is it's greatest benefit, as you can get almost any piece of information you need from the solution. It allows for admins to be able to troubleshoot pretty easily.

What is most valuable?

The solution is part of a suite. If you pay for it, it has basically a view that's called Firepower, and it's really good at being able to analyze exact bits of a pack, at the packet level, and has the ability to allow you to examine that traffic. It is really good. That's probably my favorite part of the suite.

What needs improvement?

I would definitely say the pricing could be improved. If you're going to get the latest and greatest of this solution, it's very expensive and it's actually the reason my organization is moving away from it.

I'm working on a slightly older version, but what it needs is better alert management. It's pretty standard, but there are no real advanced features involved around it.

For how long have I used the solution?

I've been using the solution for around one year.

What do I think about the stability of the solution?

We haven't had any major issues in regards to stability. In general, there are best practices in the industry to use. It's never really mattered because generally, with firewalls, you have two in any given location or service. They seem to be redundant of each other. So there's never been a problem where we lost functionality because of the firewall.

What do I think about the scalability of the solution?

It's pretty scalable. Cisco is a large enterprise solution and it's designed to be able to serve large enterprise, so, it's fairly scalable. We're using the solution minimally at this point, and we're decreasing usage because it's too expensive to upgrade.

How are customer service and technical support?

They have pretty good customer support. The solution's technical support is great.

Which solution did I use previously and why did I switch?

I had not previously used another solution.

How was the initial setup?

I was not with the organization when they originally rolled it out, so I can't speak to how straightforward or complex the initial setup was. There are about six people who manage the solution. We have security engineers and network engineers. If someone is trying to get an idea of how many people are required, it varies because a lot of organizations will have multiple firewalls in different locations. Six for one organization may be way more than somebody needs or way fewer than somebody needs.

What about the implementation team?

We didn't use any other group for the deployment. We did all the work in-house.

What's my experience with pricing, setup cost, and licensing?

My company is moving away from the solution because it is quite expensive.

Which other solutions did I evaluate?

We've looked at the Fortinet solution. The Fortinet FortiGate.

What other advice do I have?

I would just say that it's expensive. The product is fine on its own, it's high end. It's got a high brand name attached to it. I would recommend the product, however. The product works great. It does everything it's supposed to do. There's no issues with it, no real concerns. It's just expensive.

I would rate it an eight out of 10 because it does everything it's designed to do, but it is not any better than other industry-leading solution, and it's far more expensive.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Administrator at Vegol
Real User
A stable solution with good monitoring and VPN capabilities
Pros and Cons
  • "The stability is good. Very simple. Upgrades are great."
  • "They really need support for deployment."

What is most valuable?

The VPN and monitoring are the most valuable features.

What needs improvement?

I tried to buy licenses, but I had trouble. Their licensing is too expensive.

If they can get the reporting to go into deeper detail, it would really be helpful because in order to get the reports in Cisco you have to go to look at the information that you don't necessarily need. 

Also, the pricing is quite high. 

For how long have I used the solution?

I've been using the solution for six years.

What do I think about the stability of the solution?

The stability is good. Very simple. Upgrades are great. But when we upgrade it, things break. You have to upgrade about three things before you get something stable.

What do I think about the scalability of the solution?

I haven't had to scale, so I can't speak to this aspect of the solution.

How are customer service and technical support?

I haven't had to deal with technical support, so I don't have much to say.

Which solution did I use previously and why did I switch?

We didn't previously use a different solution.

How was the initial setup?

The initial setup was straightforward.

What about the implementation team?

I did the setup myself. The budget I had didn't allow me to get support. I would use Google a lot. The first implementation took me about three weeks because I did not know what I was doing. So it took me a while. It took me about three weeks, but everything else took about two days, maybe three days and I was done. 

Which other solutions did I evaluate?

We did look at Barracuda.

What other advice do I have?

They really need support for deployment.

I would rate this solution nine out of 10 because I think if you have the budget and you plan it properly I think you won't have the initial deployment problems I faced.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.