It's very stable and mature.
Enterprise Integration Architect at a insurance company with 10,001+ employees
Reliable and mature with good support but the content filtering needs improvement
Pros and Cons
- "It's very stable and mature."
- "The content filtering on an application level is not as good as other solutions such as Palo Alto."
What is most valuable?
What needs improvement?
The content filtering on an application level is not as good as other solutions such as Palo Alto.
While the price is fair with all of the features that it has, it should be cheaper.
For how long have I used the solution?
I have been using the Cisco ASA Firewall for seven years.
What do I think about the stability of the solution?
It's a stable solution.
We have plans to continue using this solution in the future.
Buyer's Guide
Cisco Secure Firewall
March 2025

Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.
What do I think about the scalability of the solution?
It's a scalable product. We have 200,000 users in our organization.
How are customer service and support?
Cisco technical support is good.
Which solution did I use previously and why did I switch?
Previously, we used other products. We used Fortinet and CheckPoint.
How was the initial setup?
We have a team of 50 or 60 Network Engineers to maintain this solution.
What's my experience with pricing, setup cost, and licensing?
The price is fair. It's not the cheapest, but it's not bad.
What other advice do I have?
Cisco ASA Firewall is a good product. I would recommend it to others who are interested in using it.
I would rate it a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Owner/CTO at FS NETWORKS
Good solution that is easy to implement
Pros and Cons
- "The initial setup is easy."
- "In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."
What is our primary use case?
Our primary use case is for perimeter security.
We are using the enterprise version. Cisco has many versions. Maybe we are using the old version of ASA because it needs to be the freeware. In each freeware, there are different types of things. Maybe it is the standard version because the other version cost a lot. I need to combine it with another solution like an open source standard solution of the ASA firewall from Cisco.
What is most valuable?
Firewalls are about blocking. ASA is for blocking, but it does not have the intelligence like Fortinet to detect attacks. If I could use ASA to detect attacks, maybe we could buy another service from Cisco although it's very expensive. I would choose Fortinet, but my clients like ASA support. I prefer Fortinet because Fortinet has a UTM and it's a good firewall.
What needs improvement?
In terms of what could be improved, the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all.
I would like to see all the features like Fortinet has. If I buy ASA, I would like to see a Fortinet-like interface.
It would be good if Cisco could improve their web interface to configure the equipment. Cisco is very reliable and very secure, but has to compete with Fortinet which is very hard.
On a scale of one to ten, I would give Cisco ASA Firewall a nine.
For how long have I used the solution?
I have been using Cisco ASA Firewall for about 15 years.
What do I think about the scalability of the solution?
We have maybe 100 - 200 end users using the solution.
How are customer service and technical support?
I would give their technical support an eight out of ten because of their response time.
Let me give an example. When I have a problem, and I contact support, maybe there is a guy from India or from another country answering me. This is very slow. The people look at the ticket and increase the time for response.
How was the initial setup?
The initial setup is easy. Firewalls are like programming. If you know programming, you know every language. Firewalls are the same. If you know the security and blocking the perimeter, it's the same for all the firewalls. The difference with the different firewalls are the functionalities. Learn the functionalities in every brand.
What other advice do I have?
My advice to anyone considering Cisco ASA Firewall is that you need a lot of money to implement the Cisco solution. But it's a good solution. If you want to go to Cisco, you need a lot of money.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Cisco Secure Firewall
March 2025

Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.
Group IT Manager at a manufacturing company with 1,001-5,000 employees
Behind in technology with lots of hidden costs
Pros and Cons
- "Unfortunately in Cisco, only the hardware was good."
- "In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline."
What is our primary use case?
The primary use case is to have full visibility over our Web & Application behavior on the local network and over the internet. On the other hand, reporting is one of the main needs so that we can monitor and evaluate our consumption and according to that, build up our policies and security.
How has it helped my organization?
Cisco NGFW had the needs that were required by us but unfortunately, was very primitive.
There was no added value and every feature requires license thus extra HIDDEN cost despite a large number of renewals. Paying that much compared to what other vendors can give is out of the negotiation. For this reason we dropped it.
What is most valuable?
Unfortunately in Cisco, only the hardware was good. As for the features and services it was less than the others. Having all of the features means higher specs of hardware and intelligence processing so that it can handle all the logs proactively. Now, what is needed from the Information security, is to be proactively aware of any threat that might expose our data and at the same time have full visibility over our information sharing endpoints.
What needs improvement?
In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline. Nowadays IoT, Big Data, AI, Robotics, etc. are all evolving and shifting from automatic to intelligent. All brands that do not follow will be extinct.
For how long have I used the solution?
I have been using this solution for three years.
How are customer service and technical support?
good
Which solution did I use previously and why did I switch?
I was using a different solution prior to this one. I shifted because I found that it can heal my pain at least partially. By the end, it did the job and more.
How was the initial setup?
Not that simple, but anyone who have the knowledge can configure it.
What about the implementation team?
Through a vendor and they have good tech
What's my experience with pricing, setup cost, and licensing?
Always look for the history of the products and their evolution, as this will reflect their prices. As for the licenses, be smart and choose the ones you are going to use AS PER YOUR NEED.
More features=More Licenses=More work time=Increase in Cost.
Always consider what you might need to reduce your wasted time and invest it in other solutions (i.e. "If it takes you three hours to do an analysis report and the solution you are getting has this feature to reduce your time to five minutes then you can consider this license. But, if there is a feature where you can have access to the machine from the cloud and you are always connected to the company by VPN, there is no need to buy this license").
Which other solutions did I evaluate?
Whenever I go for a new solution, I test many leaders "NOT RELYING ON GARTNER", yet going for sites that are related to technical evaluations and real case studies. The vendors were Sophos Cyberoam, Barracuda, FortiGate, Websense, & Check Point.
What other advice do I have?
Think before you buy, as this solution can be your success or failure. Always work with professionals and not promoters.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CEO at a security firm with 1-10 employees
Has solid encryption and the stability is good
Pros and Cons
- "The most valuable feature is that the encryption is solid."
- "It is expensive."
What is our primary use case?
My primary use case is to have as VPN hardware. I have 2,000 providers. I am a reseller and as such, I am connected to telcos. I use ASA because our providers use Cisco in their core network as well.
How has it helped my organization?
We had a situation where our network was down and the telecom providers at Cisco support helped us to resolve those issues. The downtime was brought down to a minimum.
What is most valuable?
The most valuable feature is that the encryption is solid.
For how long have I used the solution?
I have been using Cisco ASA for thirteen years.
What do I think about the scalability of the solution?
What I use now is sufficient based on the traffic that we are generating. We won't have to expand.
We have two providers for ASA. There is only one administrator. We have about 1.2 million connections going through one ASA per month.
How are customer service and technical support?
Their technical support is very good.
Which solution did I use previously and why did I switch?
I didn't previously use a different solution. We used Cisco and then we upgraded to ASA.
How was the initial setup?
The initial setup was straightforward. To set up the VPN we are able to set up the feature key networks that are going to talk to each other. We can set up what access is going to be used. The connection was set up in one or two days.
We set it up twice. The first time it took four hours and the second time took ten hours spread out over two days.
What was our ROI?
I have seen ROI. We use ASA because our provider uses it and they have support. The provider initiates the support with Cisco. The support is good. The license for the support is expensive.
What's my experience with pricing, setup cost, and licensing?
It is expensive.
What other advice do I have?
I would recommend this solution. If you have the money, it's a very stable product. Make sure to keep critical spare parts. You might have for instance some modules that will need acceleration cards and those types of things.
I would rate it a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Manager at a financial services firm with 501-1,000 employees
Lots of bug fixes are required and it did not pass our in-house evaluation
Pros and Cons
- "Integration with all the other Cisco tools is valuable."
- "With regards to stability, we had a critical bug come out during our evaluation... not good."
What is our primary use case?
We performed an in-house evaluation of Cisco ASA NGFW for use as an Internet Gateway Firewall and internal East-West traffic firewall between security zones. We are historically a Cisco shop and were planning on it being the top contender for our NGFW solution.
How has it helped my organization?
Cisco ASA NGFW running in "Firepower" mode - aka the actual NGFW mode was not "fully baked", so it didn't meet all our requirements to fit our network architecture. It requires a completely different language than ASA and we found it to be difficult compared to other top firewall vendor offerings.
What is most valuable?
Integration with all the other Cisco tools is valuable. However, we've moved away from all Cisco security tools since this evaluation. Firewall choice was key to what direction we went and we found not only was the competing firewall solution superior, but their endpoint protection solution was as well.
What needs improvement?
The first thing that needs to be done is to finish building out Cisco ASA "Firepower Mode" in order for all features to work correctly in complex enterprise networks. It also needs a usable GUI like Palo Alto and FortiGate. There are lots of bug fixes to be done, and Cisco should consider performing a complete rebuild of the underlying code from the ground-on-up.
For how long have I used the solution?
Trial/evaluation only.
What do I think about the stability of the solution?
With regards to stability, we had a critical bug come out during our evaluation.
What do I think about the scalability of the solution?
It should be well scalable. However, we didn't see a good centralized management/monitoring system like the one that Palo Alto has.
How are customer service and technical support?
Customer support was decent, although we definitely don't feel like you get the value of the mandatory support/maintenance fees.
Which solution did I use previously and why did I switch?
We used Fortinet FortiGate, but as an early gen "NGFW" it was outdated. We have issues we don't believe would be resolved with their latest offering, so we didn't even evaluate it.
How was the initial setup?
We found the initial setup much more difficult to do even simple things, like setting up VPN tunnels.
What about the implementation team?
Our in-house team tested and evaluated the solution.
What's my experience with pricing, setup cost, and licensing?
Watch out for hidden licensing and incredibly high annual maintenance costs. We bought much beefier Palo Altos for a less expensive one-time and annual cost.
Which other solutions did I evaluate?
Palo Alto Networks NGFW Firewall was compared in-house using the same configuration and testing, and it won hands-down.
What other advice do I have?
Watch out for the marketing hype vs objective reality. Do the advertised features actually work correctly/effectively?
We chose a different solution after performing in-house testing.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Engineer at a financial services firm with 5,001-10,000 employees
Helps us to manage the security policies in different areas of our network
Pros and Cons
- "I haven't had any major problems so I haven't had to open a ticket with technical support."
- "In the past though, colleagues have had issues during the upgrade process. The failover didn't work and production was down."
What is our primary use case?
We use it on several layers of our network like in the border, internet edge, DMZ, some extranet parts of our network, and in the data center.
How has it helped my organization?
It's a reliable solution and a stable firewall. It helps us to manage the security policies in different areas of our network.
What is most valuable?
We use ASA as a simple, scalable firewall. Its main advantages are the stability. We use it as an active standby and as a failover solution. We depend on this solution, we've used it for several years.
What needs improvement?
- Interaction with the equipment
- Different interface with the product
- A more simple procedure in delivering policies to the equipment
- Simplified upgrade procedure
- Tracking flows
- Monitoring and logs should be easier.
What do I think about the stability of the solution?
It's quite stable. In the past though, colleagues have had issues during the upgrade process. The failover didn't work and production was down.
What do I think about the scalability of the solution?
It's not so scalable.
How are customer service and technical support?
I haven't had any major problems so I haven't had to open a ticket with technical support.
How was the initial setup?
The initial setup was not so complex. Most of it was straightforward. We just needed to discuss different scenarios that we had to consider regarding the deployment scenario, what could go wrong and what could happen in the future.
What about the implementation team?
We used Telekom Romania for the deployment. We did most of the job internally but they helped us to clarify some aspects regarding the architecture design.
Which other solutions did I evaluate?
We also considered Check Point. We chose Cisco because of its capabilities. We didn't need something so complex for this solution, just a straightforward firewall. It met our requirements.
What other advice do I have?
I would rate it a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Team Leader, Information Risk Engineer at National Bank of Egypt
Data protection is a big benefit we see but some of their features need to be improved
Pros and Cons
- "Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good."
- "Some of the features, like the stability, need to be improved."
What is our primary use case?
Our primary use case is for security. We are a bank in India and the data is very important for us. We use ASA for our security and protection.
How has it helped my organization?
Data protection is a big benefit we see from this solution. It protects our customers, our customer's accounts, and money, as we are one of the biggest banks in Egypt and the Middle East.
What is most valuable?
Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good.
What needs improvement?
Some of the features, like the stability, need to be improved.
For how long have I used the solution?
More than five years.
What do I think about the scalability of the solution?
The scalability is good.
How are customer service and technical support?
Their support is good and helpful but sometimes it takes them a while to respond. We have been stuck in critical situations so we opened a critical ticket but it took them a while to respond.
How was the initial setup?
The initial setup is easy. If we have an issue we contact their support.
What about the implementation team?
We implemented ourselves.
What other advice do I have?
I would rate it a seven out of ten. I would recommend this solution to a colleague. No product will give you 100% of what you're looking for but this solution is close.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Manager at a manufacturing company with 51-200 employees
It is a very secure product. But, it has limitations.
Pros and Cons
- "It is a secure product."
- "It is not easy to configure."
- "The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting."
What is our primary use case?
Our primary use case is to use it as a firewall.
What is most valuable?
I find that the product is a very good, and secure firewall. The benefits of this product is that it is a strong firewall solution.
What needs improvement?
It is a secure product. But, it is not very easy to configure. You need to be knowledgeable to be able to manage it.
In addition, due to changes in management, we found Cisco slightly behind some of the competitors in the market. Furthermore, the internet protection system seems to be lacking, in comparison to some of the competitors. This is why we are currently looking at other possible solutions.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
It is a stable solution.
What do I think about the scalability of the solution?
The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting.
How is customer service and technical support?
I have not used the technical support for Cisco ASA.
How was the initial setup?
It was a bit complex to setup this solution. When we used the command line, it was not easy to implement. We needed Cisco technical knowledge to be able to manage the implementation.
What's my experience with pricing, setup cost, and licensing?
The cost is a bit higher than other competitive solutions on the market.
What other advice do I have?
Yes, it's a good provider when it comes to firewall solution, but maybe limiting when you are looking at the wall UTM management. It's delayed behind some of the competitors.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
Sophos XG
Palo Alto Networks NG Firewalls
Check Point NGFW
Azure Firewall
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Untangle NG Firewall
Fortinet FortiOS
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between Cisco ASA And Fortinet FortiGate?
- Cisco Firepower vs. FortiGate
- How do I convince a client that the most expensive firewall is not necessarily the best?
- What are the biggest differences between Cisco Firepower NGFW and Fortinet FortiGate?
- What Is The Biggest Difference Between Cisco Firepower and Palo Alto?
- Would you recommend replacing Cisco ASA Firewall with Fortinet FortiGate FG 100F due to cost reasons?
- What are the main differences between Palo Alto and Cisco firewalls ?
- A recent reviewer wrote "Cisco firewalls can be difficult at first but once learned it's fine." Is that your experience?
- Which is the best IPS - Cisco Firepower or Palo Alto?
- Which product do you recommend and why: Palo Alto Networks VM-Series vs Cisco Firepower Threat Defense Virtual (FTDv)?