Try our new research platform with insights from 80,000+ expert users
reviewer2108076 - PeerSpot reviewer
Network Engineer at a government with 10,001+ employees
Real User
Is stable, but management features need to be updated
Pros and Cons
  • "I like that it is easy to change the settings."
  • "Cisco ASDM is a problem because it is old."

What is our primary use case?

We use ASA firewalls to limit traffic between the networks.

We use an on-premises deployment model.

What is most valuable?

I like that it is easy to change the settings.

What needs improvement?

Cisco ASDM is a problem because it is old.

For how long have I used the solution?

I've been working with it for a year, but my company has been using Cisco firewalls for 15 years.

We use Cisco Secure Firewall ASA 5506 and 5508.

Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.

What do I think about the stability of the solution?

Cisco Secure Firewall ASA's stability is good.

How are customer service and support?

I recently had a case with technical support that took a couple of weeks to resolve. We use Cisco Smart Licensing and are not connected to the net. It was a big problem to get it to work. Cisco's technical support did not know how it worked, and I had to tell them how it worked. We haven't had interactions with technical support where there were more positive outcomes.

On a scale from one to ten with ten being the best, I would rate technical support at two.

How would you rate customer service and support?

Negative

How was the initial setup?

The initial deployment is easy for this solution.

What other advice do I have?

Overall, I would rate this solution at seven out of ten because Cisco ASDM needs to be updated.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Johan Derycke - PeerSpot reviewer
Network Security Engineer at a tech services company with 1,001-5,000 employees
Real User
Top 10
Affordable, scalable, and suitable for a big traffic load
Pros and Cons
  • "The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices."
  • "It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness."

What is our primary use case?

We are using it to manage our environment.

What is most valuable?

The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices.

What needs improvement?

It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness.

For how long have I used the solution?

I have been using this solution for five to ten years.

What do I think about the stability of the solution?

It is rather stable. It can have some peculiarities, but most of the time, it is quite stable.

What do I think about the scalability of the solution?

These are big devices. They have multiple models, but most of the models can be virtualized. You can create many virtual firewalls and add whatever you want.

How are customer service and technical support?

We faced some issues, but I don't deal with these issues. My colleague interacts with them, and it seems it is not that easy. Cisco is a large company, and sometimes, it is not easy to get quick and very efficient support.

What about the implementation team?

We have a firewall specialist who handles the installation.

What's my experience with pricing, setup cost, and licensing?

It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days. 

What other advice do I have?

It is a good solution for a big traffic load, but its management is not very easy. FortiGate is better in terms of management and user-friendliness.

I would rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.
Ntwrksec457 - PeerSpot reviewer
Network Security/Network Management at a educational organization with 201-500 employees
Real User
Offers great technical support and good security from the firewalls
Pros and Cons
  • "The technical team is always available when we have problems."

    What is our primary use case?

    Our primary use case of this program is network protection.

    How has it helped my organization?

    Up until now we haven't been down due to issues with the internet connection or denial of service, so the program does what it claims to do.

    What is most valuable?

    The firewalls of this program protects my internet from dangerous internet sites. For us, Cisco is the number one in firewall protection. We are seeking to buy another UTM solution for band management.

    What needs improvement?

    The program is very expensive.

    For how long have I used the solution?

    We've been using Cisco Sourcefile Firewalls for three years.

    What do I think about the stability of the solution?

    We haven't had any problems with the stability so far.

    What do I think about the scalability of the solution?

    We have 500 users working on the solution and I believe it may increase, so I believe the program is scalable.

    How are customer service and technical support?

    The technical support from the company is very good. They are always available when we have problems.

    Which solution did I use previously and why did I switch?

    We did use another UTM solution before for firewall, URL and band management. We didn't switch, we just have two layers now. If we want to use Cisco for band management or URL safety, we have to pay a license fee and it is very expensive.

    How was the initial setup?

    The initial setup was straightforward and it took the company about a day to deploy the firewalls.

    What's my experience with pricing, setup cost, and licensing?

    The licensing is very expensive.

    What other advice do I have?

    In the future, I would like to see friendlier configuration and only one license because everything needs a license. You need a URL license, security license, everything is based on a license. I would like to have one license that covers everything. But I am really impressed by the program and my rating is nine out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Mantechni677 - PeerSpot reviewer
    Technical Manager at a comms service provider with 501-1,000 employees
    Real User
    Offers good security and stability
    Pros and Cons
    • "What I like about Cisco is the security zone. By default when you configure it, it gives you a security zone, which other firewalls don't have."
    • "I wish the Cisco interface was not so granular. Check Point was easier to create specific rules than with ASAv."

    What is most valuable?

    One of the important aspect when deploying Ciso ASA firewall, it’s oblige you at the beginning to define your security level, which will make it easier when making your security policy ( traffic allow From Source to Destination)

    A security level will define how trusted is an interface in relation to another interface on the Cisco ASA.

    The Higher is the security level, is the more trusted is the interface.

    The highest security level is , “ Security Level 100” .

    Nowadays other Firewall manufacturer try to adopt the same deployment principle as the Cisco ASA with security level, however the Cisco ASA do have other interesting features which I think are very useful:

    - Firepower services

    - Security context

    - Firepower management



    What needs improvement?

    Normally in terms of design, the user prefers to use Cisco ASAv as a border router or a border firewall, because you have two different kinds of firewalls. You have a firewall when the data communication enters the network, and then you have a firewall, for when you've been inside the network. So, for the inside network firewall, Check Point is better because it can make a better notation of your network infrastructure. But, for the incoming data, or border firewall, ASAv is better. In terms of improving the interface, if you compared to the Check Point file, then I think that ASAv should be better. They should improve the interface so that it's similar to the Check Point firewall.

    For how long have I used the solution?

    I've been using the solution for the past three years.

    What do I think about the stability of the solution?

    The Cisco ASAv is really stable, especially if you compare it to Check Point. Not long ago Check Point did release one virtual firewall, and the virtual firewall of Check Point is not stable.

    The hardware version of the firewall is more stable than the virtual one. In terms of the data center, many companies have a virtual data center in a group environment. Many companies want to have a virtual firewall, but the one from Check Point, in comparison to Cisco, is not stable at the moment. 

    What do I think about the scalability of the solution?

    The solution is really scalable.

    How are customer service and technical support?

    I haven't dealt with technical support. We just check online, and if we have to contact Cisco about major issues, it's an internal department dealing with that. I don't know how technical support is, because our technical support team is located in Sofia, and I am in the Netherlands, so I don't have any view on that.

    How was the initial setup?

    The setup is always different. If you have a small company, the setup is quite easy, but if you have a bigger company the setups are quite complex. Cisco is pretty good in routing. So in bigger situations, configuring the ASAv file is pretty straightforward.

    The deployment also depends on the customer's site. So, the time changes because most of the time we have to do a migration. For example, some customers have an old firewall, and you have to migrate things to a new one. And sometimes, it's just copy/paste, but in some situations, we cannot migrate all firewall configurations to a new one.

    In terms of how many people you need for deployment and maintenance, again, it's dependent on the company strategy around the help desk. You should have a maintenance engineer who should be part of a team. The deployment will be done in a team. You can have one person to do the deployment but usually, you always have a backup, so it would be two. And then, for the maintenance, it can be one person or two. The maintenance can be done on the site desk, operating after office hours, so it depends.

    What other advice do I have?

    It's difficult to give specific advice on the solution because it always depends on the design solution and the strategy. So what I would recommend is to use different firewalls and to use Cisco ASAv as a border firewall.

    I would rate this solution as 7.5 out of 10. I wish the Cisco interface was not so granular. Check Point was easier to create specific rules than on ASAv, so that's why I say this. If you want to make things easier for an engineer, you always have to work on the interface. But the product, in and of itself, there's nothing wrong with it.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    NetworkO9ae4 - PeerSpot reviewer
    Network Operations Center Team Leader at a financial services firm with 10,001+ employees
    Real User
    It speaks well to high productive platforms and it has good capabilities.
    Pros and Cons
    • "At this point, we find that this product has high productivity and high availability and there is no need for improvement."
    • "It is a highly stable product. We rarely receive any serious outdates, so it works quite well."
    • "<p>If there is old hardware, or appliances, it does not necessarily work with the new Cisco generation firewalls."

    What is our primary use case?

    Generally, it has highly productive platforms and it has good capabilities.

    How has it helped my organization?

    It just works like an internal firewall. It's an ordinary role of this platform, nothing special.

    What is most valuable?

    At this point, we find that this product has high productivity and high availability and there is no need for improvement. 

    What needs improvement?

    If there is old hardware, or old appliances, it does not necessarily work with the new Cisco generation firewalls.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It is a highly stable product. We rarely receive any serious outdates, so it works quite well. 

    How is customer service and technical support?

    Yes, we use the technical support maybe twice a year. We received a very fast response time.

    How was the initial setup?

    It was very straightforward. It was not complex at all.

    What was our ROI?

    When evaluating a possible solution, I always consider:

    • Availability
    • Productivity
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user806910 - PeerSpot reviewer
    Manager at SAP
    Real User
    A nice GUI, but poor performance
    Pros and Cons
    • "Cisco ASA has an okay CLI with a nice GUI."
    • "It has poor performance."

    Cisco ASA has an okay CLI with a nice GUI, but has poor performance.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user824748 - PeerSpot reviewer
    Works at a comms service provider with 1,001-5,000 employees
    User
    Clustering architecture which offers zero downtime upgrades, keeping uptime close to 99.999%
    Pros and Cons
    • "Clustering architecture which offers zero downtime upgrades, keeping uptime close to 99.999%."
    • "REST API offering with rich capabilities which makes the product very robust."
    • "ASDM needs to be able to customize applets.​"
    • "​REST API stability needs improvement in order for customizing resource allocation available to the user rather than just being there transparently. This way users can customize REST API and tailor it to their needs​."

    What is our primary use case?

    Service Provider Operations manipulating thousands of firewall rules deploying Network Access Translations (NAT) for various multiservice networks.

    How has it helped my organization?

    • Easy and fast to deploy.
    • User-friendly GUI
    • REST API offering with rich capabilities which makes the product very robust.

    What is most valuable?

    Clustering architecture which offers zero downtime upgrades, keeping uptime close to 99.999%. This creates less stress on operations and network stability throughout the various maintenance tasks.

    What needs improvement?

    ASDM needs to be able to customize applets.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    REST API stability needs improvement in order for customizing resource allocation available to the user rather than just being there transparently. This way users can customize REST API and tailor it to their needs.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    PeerSpot user
    Owner at David Strom Inc.
    Writer
    ExpertTop 20
    Using Cisco ASA CX Firewall To Protect Your Network

    Cisco ASA has better application granularity, a more flexible means of policy creation, and easier to use controls and more powerful reports than its predecessors. We tested the ASA-5525-X in January 2013 and found a much improved user interface and lots of content-aware features.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user623778 - PeerSpot reviewer
    it_user623778Technical Lead at a tech vendor with 1,001-5,000 employees
    Vendor

    Any network engineer you name their career begins with working on Cisco products. Cisco ASA is very user friendly when we use ASDM for configuration.

    See all 5 comments
    Buyer's Guide
    Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
    Updated: April 2025
    Buyer's Guide
    Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.