Cisco Secure Firewall Reviews

Our primary use case is for security. We are a bank in India and the data is very important for us. We use ASA for our security and protection.

Data protection is a big benefit we see from this solution. It protects our customers, our customer's accounts, and money, as we are one of the biggest banks in Egypt and the Middle East.

Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good.

Some of the features, like the stability, need to be improved. 

The scalability is good. 

Their support is good and helpful but sometimes it takes them a while to respond. We have been stuck in critical situations so we opened a critical ticket but it took them a while to respond. 

The initial setup is easy. If we have an issue we contact their support. 

We implemented ourselves. 

I would rate it a seven out of ten. I would recommend this solution to a colleague. No product will give you 100% of what you're looking for but this solution is close. 

Our primary use case of this solution is for firewalling. 

We have been using Cisco for a long time, and we use Firepower to replace other systems. It hasn't really been an improvement, but there are many features we want to use in the future. We haven't seen much improvement because we only installed it a short while ago. 

It has many features but not all of them work. The features aren't stable enough for us to use them. The most valuable features are the firewalling and the deep inspection. 

The stability and the product features have to really be worked on.

The stability is getting better but we had some firmware issues. 

The scalability is good. We have scaled it but at a normal gross so it's not very high. We have designed it for our use case and we have the option to scale but we don't use it at the moment.

We chose Cisco because it had the full package that we were looking for. 

The initial setup was of normal complexity. It's not straightforward, and because we started so early, the migration tools were not so good at the beginning.

We implemented through our partner and had a good experience with them. 

Customers should take note that the migrations steps are not easy. The tools cannot solve all configurations and handle all configurations directly so you will have to do some coding by yourself. The solution is not complete at the moment but it will get better.

I have been using this product for over ten years. Most of the features fulfill my requirements. It protects our network.

The most valuable feature is the section payover. But, I think that kind of function may also come from similar products. In addition, they have the integrated IDS/IPS source powered modules. This is a new screen for us, and it is also very useful.

More than five years.

The stability of the product is good.

The scalability of the solution is OK for me. It basically fulfills my requirement.

I would rate the technical support a rating of seven out of ten.

I always consider the stability and scalability of a product when choosing a vendor.

The cost is a bit high compared to other solutions in the market.

We have looked at Juniper, Palo Alto and other brands.

We like that Cisco has a lot of experience on the market trends.

Our primary use case is to use it as a firewall.

I find that the product is a very good, and secure firewall. The benefits of this product is that it is a strong firewall solution. 

It is a secure product. But, it is not very easy to configure. You need to be knowledgeable to be able to manage it. 

In addition, due to changes in management, we found Cisco slightly behind some of the competitors in the market. Furthermore, the internet protection system seems to be lacking, in comparison to some of the competitors. This is why we are currently looking at other possible solutions.

It is a stable solution.

The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting.

I have not used the technical support for Cisco ASA.

It was a bit complex to setup this solution. When we used the command line, it was not easy to implement. We needed Cisco technical knowledge to be able to manage the implementation.

The cost is a bit higher than other competitive solutions on the market.

Yes, it's a good provider when it comes to firewall solution, but maybe limiting when you are looking at the wall UTM management. It's delayed behind some of the competitors.

IT landscape is dynamic, requiring security policy, controls, and visibility to be better than ever. 

• 1Gbps
• Multi-service
• Beats sophisticated cyber attacks with a superior security appliance.
• IT landscape is dynamic.
• Requires security policy, controls, and visibility to be better than ever. 

This applies to all ASA-related Management/to-the-box traffic, like SNMP, SSH, etc., with Firepower services combined with our proven network firewall along with the industry’s most effective next-generation IPS and advanced malware protection. Therefore, you can get more visibility, be more flexible, save more, and protect better.

Historic events related to security incidents. My organization must have a unified strategy for event logging and correlation.

The Cisco Product Security Incident Response creates and maintains publications, commonly referred to as PSIRT Advisories, for security-related issues in Cisco ASA.

The Cisco ASA device needs overall improvement, as configurations alone do not completely secure my network. The operational procedures in use on the network contribute as much to security as the configuration on devices.

There is 24/7 support anytime, anywhere.

Before, I did not manage my private network well (or professionally). For this reason, I have been updating products.

Commercial leasing is the best option.         

Cisco ASAs are great network firewalls and they can work for years after being configured. The best features are NAT, transport-layer inspections, and VPN.

With ASAs, we can keep operational expenses as low as possible. Disaster risks should be observed as usual, but this is definitely not the weak point.

I would like to see new SW versions being more stable and HW performance increase. However, the new 2000 series has high performance, but it is not shipped widely so far.

I started using Cisco firewalls when old PIX models were produced. I then observed all model changes. This makes about 10 years of continuous experience.

There are no real stability issues, if upgrades are done carefully.

I believe scalability issues are caused by poor design.

Cisco technical support makes a good impression most of the time.

Some of my customers switched from ZyXel to Cisco and this is an obvious decision for me. It will be much harder to imagine a customer replacing Check Point or Fortinet with Cisco.

The initial setup should not be left to the customer. The best way to do this is to make a basic setup and integration along with cabling and power-up, then verifying requirements and adjusting the configuration.

Basic features and IPs can work without subscriptions. All next-generation features require per-year payments. Enterprise customers usually agree with price and license fees, so I don't see any painful issues with pricing and licensing.

I compared Cisco with Fortinet, Checkpoint, and DIY solutions.

All you need to succeed is careful design, professional setup, and a support contract.

There are a lot of features which are good and can be implemented, especially in the latest IOS version of the product.

They saved me a lot of time thinking how to solve different scenarios with other solutions.

Cisco AnyConnect for remote access is one of them. It is supported on most of the platforms, which business users use. They can gain access to the network, via functions like PBR, Security groups, contexts, and DNS doctoring. This gives a lot of flexibility to the product.

It gave us a more secure environment and a lot of flexibility to the business.

The next generations part of these products need a better approach. A lot of vendors are definitely a step or two in front of them.

I have worked with these types of firewalls for more than 10 years.

I can say that this product is one of the most stable products I have ever worked with.

In terms of scalability, this always depends on how the product was chosen and what purpose it will work for. I haven't experienced any issues with the scalability of the product.

In terms of technical support, it depends on the different cases. I would surely give Cisco technical support a rating of 9/10.

I used to work with open source solutions, but the support and complication behind them was definitely not OK. If you want to have flexibility and stability, you have to move on to something that receives more development in that specific area.

The initial setup was straightforward and there was a lot of documentation that can help out with specific cases.

This is definitely not a cheap solution, but I think it is worth the investment.

We evaluated other solutions like Juniper, but we chose Cisco, since our network was becoming more and more Cisco oriented.

I would recommend that you understand the needs of the business case before choosing the product and start implementing it. It is very important to choose the right licenses from the beginning.

It makes it very easy to have delineated roles and responsibilities between network engineering and network security.

I find the overall capability of the higher end firewall products to handle most network tasks without any issues. In addition, it is easy to train lower level help desk personnel on the GUI management.

People tend to think of firewalls as firewalls and routers as routers. Going by the book, I had to create a number of static routes in the firewall so it could reach the various subnets in my client's internal network. I decided to turn on OSPF routing to simplify my deployment. This resolved a lot of issues with remote VPN and site-to-site VPN tunnels.

In my experience, a number of engineers get tunnel vision with devices. This is exacerbated by vendors fostering a silo mentality in disciplines.

I cannot name the organization, but a large national non-profit in the medical field had too many network configuration problems because of the silo mentality.

Large Cisco ASA units have the capability to act as routers. This particular non-profit would not enable routing on the ASA until I explained that it resolve a number of issues that they were experiencing and resolving by static routes, a second Cisco ASA, and a proxy server.

Stability issues did not occur in my experience, as long as we stayed with the correct image builds.

There were no scalability issues.

Customer Service:

Generally, we do not need customer support, so it is hard to rate.

Technical Support:

Generally we do not need technical support, so it is hard to rate.

The initial setup at many clients' sites was straightforward. Very complicated networks take a lot of planning.

We implemented the solution in-house.

We cannot determine ROI just yet.

Always plan ahead for three years. In other words, do not buy a firewall on what your needs are today, but try to predict where you will be three years from now in terms of bandwidth, security requirements, and changes in organizational design. This applies to any vendor, not just this product. I find that I always need to buy a higher level product than the specifications request in order to be safe.

In locations where I have used Cisco ASA firewalls, I have compared FortiGate and SonicWall.

I utilize different brands of firewalls depending on the needs of a client, i.e., in-house IT versus outsourced. I am vendor agnostic as much as possible.