Cisco Secure Firewall Reviews

Our primary use case is for security. We are a bank in India and the data is very important for us. We use ASA for our security and protection.

Data protection is a big benefit we see from this solution. It protects our customers, our customer's accounts, and money, as we are one of the biggest banks in Egypt and the Middle East.

Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good.

Some of the features, like the stability, need to be improved. 

The scalability is good. 

Their support is good and helpful but sometimes it takes them a while to respond. We have been stuck in critical situations so we opened a critical ticket but it took them a while to respond. 

The initial setup is easy. If we have an issue we contact their support. 

We implemented ourselves. 

I would rate it a seven out of ten. I would recommend this solution to a colleague. No product will give you 100% of what you're looking for but this solution is close. 

Our primary use case is to use it as a firewall.

I find that the product is a very good, and secure firewall. The benefits of this product is that it is a strong firewall solution. 

It is a secure product. But, it is not very easy to configure. You need to be knowledgeable to be able to manage it. 

In addition, due to changes in management, we found Cisco slightly behind some of the competitors in the market. Furthermore, the internet protection system seems to be lacking, in comparison to some of the competitors. This is why we are currently looking at other possible solutions.

It is a stable solution.

The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting.

I have not used the technical support for Cisco ASA.

It was a bit complex to setup this solution. When we used the command line, it was not easy to implement. We needed Cisco technical knowledge to be able to manage the implementation.

The cost is a bit higher than other competitive solutions on the market.

Yes, it's a good provider when it comes to firewall solution, but maybe limiting when you are looking at the wall UTM management. It's delayed behind some of the competitors.

Firewall and VPN.

I can't really say how it has improved our organization, but the benefits are that we have a necessary firewall with which we can create VPNs.

Pro user-based firewall rules.

The solution that we have right now doesn't do what I want it to do. We don't have a ratified solution for all the things that I wanted to right across our business. We're doing similar functions using different technology and I want ratification. I want to be able to do more than what we are currently able to do with the existing service, all under the umbrella of improving security.

The product crashes. We have a cluster of firewalls and we regularly get failovers.

I have used technical support once, and they were superb.

When selecting a vendor, the most important criteria include:

• Security - the ability of the technology from a security perspective.
• The ability of the company to support the technology - knowledge of the product by the company. It may sound really silly to say that, but you'd be surprised how poor some companies' technical support is.
• The financial stability of the company.

I was involved in the initial setup. It was complex. 

Do your research, know what you want to achieve.

Cisco ASA needs to be more reliable. Because of the nature of the product, it has to be rock solid and, unfortunately, it's not.

I have 15 years’ experience with Cisco products and I've had very, very little problems with them. Also, for resolving appeared issues Cisco was a good partner.

Crescendo (www.crescendo.ro) is an IT&C integrator and this product (based on Cisco Partnership) helped us to grow our business, and Cisco ASA was one of most sold product in our solutions portfolio.

Stability, high availability of services, and very high MTBU were the most valuable features for me -- because in my work as network and security consultant, it is very important to guarantee to my customer the security of his business.

The ability to integrate (as options) all-in-one features -- like anti-spam, anti-virus, etc.

With Cisco ASA firewall, no.

No. Based on their recent acquisition of Firepower, Cisco added "multi 10Gbps" NGFW performance in their solutions portfolio, which can be used by us, as a Gold Partner with Advance Security Architecture Specialization, in our network architecture proposals.

Very satisfied.

I haven' t used another solution.

Initial setup was very straightforward because the training and certification provided by the vendor helped us to solve rapidly any configuration issues.

To discuss with Cisco Systems or their partners to gain the optimal price and to not consider, without verifying, the false information that Cisco ASA is very expensive.

We evaluated other solutions, like Fortinet, HPE, Juniper, Check Point, but Cisco ASA was what we need.

To test the product in their network and to evaluate other products. I am sure that the Cisco ASA Firewall will be the winner.

Our complete relationship is based on the following partner competencies:
Certifications:

• Gold Certified Partner
Specializations:
• Advanced Collaboration Architecture Specialization
• Advanced Data Center Architecture Specialization
• Advanced Enterprise Networks Architecture Specialization
• Advanced Security Architecture Specialization

Cloud Partners:
• Storage: EMC
• Virtualization: VMware
• Cloud Management: VMware
• Cloud Professional Services
• SaaS Simple Resale

Other Authorizations:
• Registered Partner
• Cisco Certified Refurbished Equipment
• Cisco Developer Network Cisco Products Marketplace
• Cisco Meeting Server formerly Acano
• PSPP Defense
• Smart Care Registered Partner
• ATP - Unified Contact Center Enterprise

Partner since:

• More than 10 years

• Reliability
• Security
• Flexibility
• Functionality
• Availability - controllability anywhere and with different methods

I can tell that when we have started using the Cisco AnyConnect for remote access to business apps it makes the work for remote staff much simpler. It's also easier to provide remote IT support. Aside from this, the security officers can sleep better now.

The ASA is an almost perfect device.

I've used it for two years.

I have had no problems deploying it.

Occasionally, the packet rate falls unexpectedly.

I currently do not need to scale on my network.

9/10 - the regional online support could be better.

10/10.

We use MySQL and Nagios devices alongside the ASA as our network infrastructure needs expanding and required more serious hardware solutions.

When Cisco was installed, it did not go as expected.

It is not simple to calculate for IT hardware. To calculate the ROI for using the ASA, I would need to have a lot of statistics on the quality of services, both before and after.

Cisco ASA 5512-X was bought for $3,000, and a further $1,000 was needed for installation and pre-configuration.

• Fortinet
• Juniper

As a rule, any device upon delivery is obsolete. Pick up the solution for your business, based on your specific needs.

I'm most impressed with the visibility and control SourceFire solutions provide in to the types of traffic flowing in and out of an environment. It makes the discovery of applications and classification of user traffic simple, which in turn allows an organization to more effectively develop security policies and enforce acceptable use for its enterprise users.

I've worked with customers that have dealt with malware issues in the past and preventing its spread laterally within the environment has always been a concern. With SourceFire, we've been able to detect malicious files and stop them at the network edge before internal systems are compromised. Leveraging AMP in addition to FireAMP, which is the endpoint malware solution, is incredibly effective at blocking malware at the host level.The other good news is FireAMP can be leveraged along side traditional endpoint anti-virus software. The Defense Center also provides visibility into how malware is moving within the environment so tracking down infected machines becomes much easier for IT staff.

The overall product line is sound, but I'd like to see a roadmap for SSL decryption as part of the ASA with FirePOWER solution.

I've been working with SourceFire product offerings since Cisco's acquisition of the company in late 2014. Prior to the officially branded Cisco solution, I'd worked with open source Snort in various capacities for several years. I've been using Cisco ASA with FirePOWER services, Cisco SourceFire NGIPS/NGFW most recently.

Learning the advanced capabilities of the system can take time, but it's rather intuitive. I have not encountered issues deploying base functionality with the offerings at this point.

Overall, the systems are stable and IT admins have control in to how the sensors operate within the network in the event of failure.

There are scalability limitations with FirePOWER on the ASA, so determining anticipated throughput requirements is critical. The standalone IPS sensors can be stacked for increased throughput, so depending on your organizations needs, this may be a better path for some organizations concerned about scalability.

8/10.

9/10.

I've used Palo Alto's FW/IPS offerings and Cisco's older IPS platform on the ASA. Usually, I don't decide what organizations purchase, but I am impressed with SourceFire's capabilities over the latter.

Initial set up is straight forward, but there is not much documentation available if you have no experience with the offering. I'd recommend training for all network admins that administer SourceFire systems, especially if you want to leverage some of the advanced features.

Do research in to the types of offerings out there and make a determination of what may be the best fit for your organizations requirements and future security goals.

We primarily use the solution for configuring the firewall.

It's an almost perfect solution.

The configuration is very easy.

The management aspect of the product is very straightforward.

The solution offers very good protection. 

The user interface itself is very nice and quite intuitive.

It would be ideal if the solution offered more integration capabilities with other vendors. For example, if you had a web security appliance, it would be great to be able to integrate everything in order to better report security events.

While I can't think of specific features I'd like improved, overall, they could do more to continue to refine the solution.

It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way.

We first started using the solution in 2015. It's been five years at this point.

The solution is very stable. We've found it to be extremely reliable. There are not bugs or glitches. It doesn't crash or freeze.

The solution can scale well. that's not a problem at all. If a company needs to expand it to fit their needs, they can do so.

We've been in contact with technical support on multiple occasions and each time we've had a good experience. We're satisfied with their level of support. They are fairly good.

I have nothing bad to say about the deployment. It went pretty well, and we can configure everything as we need to.

I don't really handle the billing, so I'm unsure of the pricing. I work more on the technical side. 

We're just customers. We don't have a business relationship with Cisco.

It's a very good solution. I'd recommend it to other users.

Overall, I'd rate it seven out of ten.

Although I can't speak to the pricing, I've found the solution works quite well for us. I'd rate it higher if it could integrate a bit better with other solutions.

We are using it to manage our environment.

The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices.

It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness.

I have been using this solution for five to ten years.

It is rather stable. It can have some peculiarities, but most of the time, it is quite stable.

These are big devices. They have multiple models, but most of the models can be virtualized. You can create many virtual firewalls and add whatever you want.

We faced some issues, but I don't deal with these issues. My colleague interacts with them, and it seems it is not that easy. Cisco is a large company, and sometimes, it is not easy to get quick and very efficient support.

We have a firewall specialist who handles the installation.

It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days. 

It is a good solution for a big traffic load, but its management is not very easy. FortiGate is better in terms of management and user-friendliness.

I would rate Cisco ASA Firewall an eight out of ten.