Try our new research platform with insights from 80,000+ expert users
Networking Specialist at a healthcare company with 1,001-5,000 employees
Real User
Blocks attacks by providing a security barrier
Pros and Cons
  • "I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
  • "The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."

What is our primary use case?

We use it to configure the perimeter firewalls. In FireSIGHT, we have two firewalls in a cluster with high ability, then we have five firewalls in Offices. We use those firewalls as a perimeter for Offices.

We have all the devices in the Firepower Management Center system. We always work with Firepower devices in Firepower Management Center.

We have offices around the world. We are in Europe, the USA, and South America.

How has it helped my organization?

We have border security with Firepower. We try to curb security issues by using this Firepower firewall.

What is most valuable?

The solution provides us with good working application visibility and control.

I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete.

What needs improvement?

The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second.

Three years ago, the Firepower Management Center was very slow. The solution has improved a lot in the last couple of years. It is now faster. I hope that continues to improve. 

Buyer's Guide
Cisco Secure Firewall
November 2024
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,562 professionals have used our research since 2012.

For how long have I used the solution?

I have been using it for three years.

What do I think about the stability of the solution?

We have five devices. In Rome, we don't have a technician and didn't work when we started using it. We had to send a technician to Rome to reboot the system. Now, it is stable with no problems. Also, we lost the link to the high availability firewall in our data center. We only had one device there, and Solutel had to solve this issue.

What do I think about the scalability of the solution?

The scalability is great.

We have five devices in four locations.

Three network administrators who work with Firepower, including myself.

How are customer service and support?

I usually create an issue with Solutel, then they create a case with Cisco Talos or the Cisco technicians. I am happy with Solutel's support.

How was the initial setup?

We deployed in several cities, but not the same day. 

What about the implementation team?

The initial deployment was done by a Cisco partner, Solutel. Our experience with Solutel was fantastic. They are local partners for us and provided us with great service.

What was our ROI?

We realized that clearly we have issues of security with a lot of attacks. I don't know if it is because with the COVID-19 virus a lot of hackers are at home or working more hours. In the last year, we have seen attacks that are very big, and we need a barrier. So, we use a firewall to block these attacks.

What's my experience with pricing, setup cost, and licensing?

The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case.

Our license for Firepower is their best license.

Which other solutions did I evaluate?

We have FortiGate firewalls, the security of Office 365 from Microsoft, Cisco Umbrella, and Kaspersky Anti-virus. We are also using Cisco ASA, Meraki switches, and a router from Cisco.

The Firepower Management Center tool is very slow. We also have the FortiGate firewalls and these tools for configuring the firewall are faster.

We have to make a change to our devices in South America. We are currently evaluating Cisco Firepower Series 1000 versus FortiGate. Firepower is more powerful than FortiGate, but FortiGate is more flexible and easier to configure. Because of our last issues with Firepower, it is possible that FortiGate is more stable.

What other advice do I have?

It is a very powerful device. Firepower Management Center is a great tool, but it is a bit slow.

We don't have Cisco Umbrella integrated with Firepower. We tested Firepower's integration with Meraki Umbrella, but we don't use it because you need better firmware.

I would rate this solution as an eight (out of 10).

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Gerente de Unidad at Redescomm, C.A.
Real User
Comprehensive port blocking capability, good support, and stable
Pros and Cons
  • "The most valuable feature is the ability to block almost all of the ports."
  • "The graphical interface should be improved to make the configuration easier, to do things with a single click."

What is our primary use case?

We are a Cisco implementor in Venezuela.

Our primary use is to deal with incoming access. We open ports for web servers or special applications that our clients have inside their network. We also use it to provide site-to-site VPN access.

What is most valuable?

The most valuable feature is the ability to block almost all of the ports.

All of the commands work the same way, whether in the graphical interface or when using the command line.

Cisco products have a lot of features.

What needs improvement?

The graphical interface should be improved to make the configuration easier, to do things with a single click.

There should be better integration with open-source products because some of our clients use them. It would be helpful if they integrated well.

For how long have I used the solution?

I have been using the Cisco ASA Firewall for almost 10 years.

What do I think about the stability of the solution?

This is a very stable product.

What do I think about the scalability of the solution?

The scalability is good and it can be used for organizations of all sizes.

How are customer service and technical support?

Technical support is good and we haven't had any problems with documentation that is provided.

Which solution did I use previously and why did I switch?

I also have experience with pfSense.

How was the initial setup?

The initial setup is easy.

Which other solutions did I evaluate?

We have evaluated various open-source solutions for our clients.

The main difference with Cisco is that it is a big company, and their products are very easy to use. They have the best routers, switches, and firewalls.

What other advice do I have?

Cisco ASA is a product that I can recommend for its stability.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
November 2024
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,562 professionals have used our research since 2012.
IT Infrastructure Engineer at Atlas Group
Real User
Meets my requirements regarding VPN, perimeter protection, and applications
Pros and Cons
  • "One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
  • "One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."

What is our primary use case?

I protect my two servers with the help of Firepower. Both servers are connected to the Firepower and I monitor the traffic to both servers with it. I block traffic from all countries except the USA, for security purposes.

How has it helped my organization?

It meets my requirements regarding VPN, perimeter protection, and applications. I'm comfortable with what Firepower does for me. Firepower is the only security product deployed in my organization.

The Talos team is very expert and does a good job. It is a great achievement by Cisco for Firepower. It analyzes all the websites and viruses that could create vulnerabilities. Talos helps us by providing major protection. They maintain everything and we don't need any other security appliances. In the future, we may go for an email security appliance, but right now Firepower is enough for us. Without the Talos team, the Firepower might not fulfill our requirements.

For example, if I receive an email and it has a potentially malicious link, I can enter the link in the Talos website and it will provide me with all the details about the website link in the email, including which country and IP it is from. I always try to cross-check any potentially malicious links with Talos. It tells me whether I am vulnerable or not.

What is most valuable?

One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses.

It also handles application vulnerabilities. I have blocked some applications in my Firepower. In addition, there are predefined policies that come with the Firepower and I have created my own policies as well.

We also use Cisco switches, the 2920 for Layer 2 and the 3560 for Layer 3. The Firepower is integrated with the 3560. I have configured a gateway on the 3560 and all our traffic goes through the switch and is then passed on to the Firepower. The integration between the two was very easy.

What needs improvement?

One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box.

For how long have I used the solution?

I have been using Cisco Firepower for two years.

What do I think about the stability of the solution?

It's a very mature product and runs smoothly.

Which solution did I use previously and why did I switch?

Before the Firepower I was using a traditional firewall, the ASA 5510. We went to the Firepower because the 5510 did not have port security, anti-malware protection, or IDS/IPS.

I have seen a lot of events using the Firepower: vulnerability events, countries, and IPs. As a result, I feel I am secure when compared with other firewalls. With my previous firewall, I didn't have the option of blocking a country, website, or IP.

What other advice do I have?

I would advise using Firepower and not other products because other products do not have all the features available in Firepower.

We are looking to integrate with Cisco Umbrella next year and we will integrate our switches and Cisco Firepower with it.

It has been a good investment for my organization and I'm happy to be using it. All its features are good. It's a great firewall for a small business. But you really need to know what you are doing to get the most benefit from it. Overall, I don't think anybody can replace Firepower or Cisco.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Managing Director at Fasp
Real User
User-friendly, easily managed, and scalable
Pros and Cons
  • "The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly."
  • "I would like to see the inclusion of more advanced antivirus features in the next release of this solution."

What is our primary use case?

We are a reseller and system integrator, and this is one of the solutions that we provide for our end users. We have experience with many firewall products from different vendors.

The specific use case depends on the customer and their environment. They design the firewalls, and we supply the appropriate equipment.

The majority of deployments are on private networks.

What is most valuable?

The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly.

What needs improvement?

The performance and the level of throughput need to be improved. This would make things easier for us.

I would like to see the inclusion of more advanced antivirus features in the next release of this solution.

Adding internet accounting features would also be a good improvement.

What do I think about the stability of the solution?

This solution is completely stable, and we have not had any issues.

What do I think about the scalability of the solution?

Scalability of this solution is ok. They have the IPS (Intrusion Prevention System), online updates, and signature updates.

One customer might have, for example, two hundred and fifty users, whereas another might have one hundred users. There are different models for different numbers of end-users.

How are customer service and technical support?

Technical support is ok, and we have had no problem with them.

How was the initial setup?

The initial setup of this solution is straightforward.

What's my experience with pricing, setup cost, and licensing?

The price of this solution is not good or bad. It is ok.

What other advice do I have?

This is a solution that I recommend.

The biggest lesson that I have learned from working with this solution is to always update the firewall. If you do not have the latest updates then it will not function well, so always keep it up to date.

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
reviewer1135638 - PeerSpot reviewer
Senior Network Administrator at a financial services firm with 1,001-5,000 employees
Real User
The granularity keeps users seeing what they are supposed to and enables the security not to become compromised
Pros and Cons
  • "An efficient, easy to deploy and dependable firewall solution."
  • "The interface for monitoring could be improved to allow better views to make troubleshooting easier."

What is our primary use case?

Our primary use for the solution is for checking on and verifying the security of our customer data.

How has it helped my organization?

Our organization has been improved by the solution because we can be assured that the firewall is secure. It gives us more flexibility to monitor other things. Because we have safe firewalls, we don't have to worry about that and can direct resources elsewhere. If our internet goes down in one location we can bring it back up pretty easily.

What is most valuable?

The thing we've found most valuable is the efficiency. The firewalls are easy to configure and deploy. Overall it is an easy system to manage.

Another valuable feature is just how granular we can get with it so we can keep users seeing what they are supposed to and don't compromise security.

What needs improvement?

One way the product could be improved is if you could monitor more than one rule at a time. We only have the option to have one monitor window up at a time if you're trying to troubleshoot something you end up switching back-and-forth and don't get the bigger picture all at once.

It's reliable and it does its job. It gives you the freedom to do other things while you get indications of any issues. The multi-monitor would be a huge improvement.

I'd definitely recommend the product. Even when you set it up for the first night, it definitely will tell you the status of the network. The important part in the setup is following the instructions to get it going.

What do I think about the stability of the solution?

The solution itself is good as far as stability.

How are customer service and technical support?

The technical support is good and the response time quick. We had some firewalls down and gave them a call. They helped resolve the issue and it was all positive.

Which solution did I use previously and why did I switch?

Previous to this we had just a normal firewall that I didn't like. It didn't provide enough.

How was the initial setup?

The setup was straightforward, even without initially having all the information we needed. It was very intuitive. When I went in to get help, help was there.

What about the implementation team?

We got the product from a reseller and we did the installation ourselves.

What was our ROI?

We certainly have seen a return on investment at the very least from being able to reallocate human resources.

Which other solutions did I evaluate?

Before selecting this as a solution we really didn't evaluate other options at all.

What other advice do I have?

As far as rating this product, I would give it a nine out of ten. The only real drawbacks are the lack of multi-monitoring and not really having clear instructions prior to jumping in and implementing it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Cloud Services Operation Engineer at Informatic Services Company (ISC)
Real User
The end-user VPN with ASA allows us to connect the firewall to edge servers for security
Pros and Cons
  • "We are using the Cisco AnyConnect for our end-user VPN with the ASA."
  • "I would like to see them release a patch for ASAv with cross-platform FirePower integration."

What is our primary use case?

We are using both Cisco ASAv and FTD (Firepower Threat Defense). FTD has a better interface, but we have both of them running.

We are using Cisco ASAv for the FirePower service. We use a custom interface for our firewall.

How has it helped my organization?

Cisco ASAv is part of our central solution. You can use the ASA family or go on the portal for normal ASAv. We use FirePower at the edge of the network. 

If you are working with cloud services, it's better to use the ASAv family or other Cisco solutions.

What is most valuable?

We are using the Cisco AnyConnect for our end-user VPN with the ASA. 

If a user wants to connect to our network, they access it via the Cisco intranet and connect to the firewall at the edge.

What needs improvement?

I don't have any experience with the price, but ASA is a comprehensive solution.

In the next update of the Cisco ASAv, I would like to see them release a patch for ASAv, i.e. to put the FirePower solution into the cross-platform integration.

For how long have I used the solution?

We are using the Cisco ASAv security solution in our company for three or four years.

What do I think about the stability of the solution?

Normally, in ASA, we have good stability.

What do I think about the scalability of the solution?

The scalability of ASAv we can easily manage. We can have good scalability in different times but we don't have HA in ASAv. Some features are removed in ASAv. 

If it's a normal ASA, i.e. a physical device, you have many more ways to scalability.

How are customer service and technical support?

For technical support, I have little experience with Cisco, unless they patch some issues. I raised a ticket and got the response immediately. They are very supportive.

How was the initial setup?

For me, ASA is easy. The deployment of ASAv is done in 20 minutes.

What about the implementation team?

We used both an integrator and reseller for the deployment. For the initialization, it was me for our company. If we have an issue, we can raise a ticket or call for a Cisco patch. 

For the Cisco ASAv installation, I did it myself.

What's my experience with pricing, setup cost, and licensing?

The pricing for Cisco ASAv depends on your license. With AnyConnect, it depends on your license. It depends on the number of concurrent users you want to connect.

Our license is for one year only, renewable at variable pricing.

What other advice do I have?

On a scale from one to ten, I would rate this product at nine. Cisco ASAv is good in many advanced networking features.

I'm working with Cisco. They have competition with many vendors.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
LAN admin at Cluj County Council
Real User
Powerful firewall that is easy to manage and easy to configure
Pros and Cons
  • "The firewall power that comes with Cisco ASAv is the most valuable asset. They are are very easy to manage."
  • "We found it difficult to publish an antennae sidewalk with the ASDM. I think Cisco should improve this by creating a simpler interface for the firewall."

What is our primary use case?

We need a good and generic firewall which is why I bought Cisco ASAv. I also needed a secure VPN. The real reason I bought it though, was for the firewall. 

What is most valuable?

The firewall power that comes with Cisco ASAv is the most valuable asset. They are very easy to manage and configure. 

What needs improvement?

There definitely is room for improvement. We found it difficult to publish an antenna plug with the ASDM. Cisco should make the interface for the firewall more simple. 

For how long have I used the solution?

My company has been using Cisco ASAv for three years now.

What do I think about the stability of the solution?

This product is very stable. Before installing Cisco ASAv, I had two or three viruses in my network. Since installing ASA, I have not had any problems with viruses. There is a huge difference with and without ASA.

How are customer service and technical support?

I am satisfied with the customer service because the assistance I got from the Cisco engineer was very good.

Which solution did I use previously and why did I switch?

I used a different solution before. I used Meraki and it was a little simpler to use. However, currently, I only have Cisco routers.

How was the initial setup?

The initial setup for Cisco ASAv was fairly simple. It wasn't very complicated, it would be okay for an intermediate professional. It can be made easier. I believe almost anybody could set up an ASA in a few hours. It took about two to three weeks for the platform to work properly.

What about the implementation team?

The installation wasn't complicated at all and I got help from a Cisco engineer. 

What's my experience with pricing, setup cost, and licensing?

I bought a license for three years and it was really affordable. 

Which other solutions did I evaluate?

I did consider other options as I have experience with Meraki and other devices. Meraki is simpler to use, but I decided on Cisco ASAv. 

What other advice do I have?

I am really satisfied with the product and I rate this an 8.5 out of ten. The reason why I wouldn't rate it a ten, is because I find it a little more complicated to set up a firewall for publishing than when using Meraki. I therefore believe there is room for improvement.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Information Systems Manager at a non-profit with 1-10 employees
Real User
Traffic comes into the house and gets filtered in and out the Firepower interface
Pros and Cons
  • "Because of the deeper inspection it provides we have better security and sections that allow users broader access."
  • "Cisco should redo their website so it's actually usable in a faster way."

What is our primary use case?

Our primary use case is for handling office traffic VPN tunnels and filtering the traffic. All the traffic comes into the house and gets filtered in and out the Firepower interface. It's performed well.

How has it helped my organization?

Because of the deeper inspection it provides we have better security and sections that allow users broader access.

What is most valuable?

With this solution, you can have an inspection of each package and see what the threat level it's at. It has made the work more dynamic. We don't have to block as much like we had to in the old days.

What needs improvement?

They should develop a web interface that is actually useful. Currently, we still have an issue where you have to go in and do manual configuring by the command line if you want certain functions in it. This means that we need to find people at a higher technical level to be able to do changes in those things. It would be much easier if you had a more friendly user interface basis where you don't have to go in and do the command line off.

They should be a little bit faster sometimes in updating their threat protection. Cisco should redo their website so it's actually usable in a faster way.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Stability is fantastic. 

What do I think about the scalability of the solution?

We are a rather small firm so we don't have much growth leads but there is a wide range of firewalls that I can expand onto. We can also set up cluster solutions. It's rather indefinite in its expandable possibilities.

How are customer service and technical support?

I've only had to use their technical support once. Otherwise, I haven't had to use them.

Which solution did I use previously and why did I switch?

We were using SonicWall before.

How was the initial setup?

The initial setup is very complex but once it's done, it's fantastic. 

What other advice do I have?

I would rate it a nine out of ten. Not a ten because of the horrible initial setup and because you can't handle all operations from one interface. You have to go back into the command line to even be able to type program language, even though you have a graphic user interface for it but it doesn't work properly.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.