Try our new research platform with insights from 80,000+ expert users
it_user243897 - PeerSpot reviewer
Cisco Systems Engineer at a tech services company with 1,001-5,000 employees
Consultant
Review about Cisco ASA

What is most valuable?

  • Network firewall
  • FirePOWER services (URL filtering, IPS)

How has it helped my organization?

With the new FirePOWER services, Cisco has given the ASA new valuable features like URL filtering and a more simple and efficient IPS. With FirePOWER services, we have been able to have more insight of our network, something that we never had before, now we can see all the applications that our users are using the most and we can see if there is malware on our network.

What needs improvement?

The FirePOWER defense system has no integration with the firewall management of the ASA, I mean you can’t create ACLS, rules, VPNS NAT, and so on. All of this has to be done with the ASDM which, from my point of view, is very complex if you are not used to it, you should be able to manage the entire solution from one central software like Defense system, but right now you can’t. This is one of the biggest problems I see right now

For how long have I used the solution?

I've used it for two years.

Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.

What was my experience with deployment of the solution?

The FirePOWER deployment has to be done from the management port of the ASA. This port has to be dedicated because all the communication from the defense system to the appliance goes by that port, so you need to have different networks (inside and management port) to be able to implement this feature. It would be nice again if you can just configure this from one single point and not two (defense system and ASDM).

What do I think about the stability of the solution?

No, I have never had any problems with Cisco equipment regarding stability.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and support?

Customer Service:

8/10.

Technical Support:

6/10 - I mean you need luck when you open a case with Cisco to have someone with expertise on the product. I’ve had great TAC experiences and the worst ones too, if you have a loss of service they put you with people that know what they are doing, but if you want to configure something extra and you just ask the TAC how to do it, sometimes you get someone that appears to be learning the solution. Many times, I´ve been able to solve it by myself sooner than the TAC.

Which solution did I use previously and why did I switch?

We previously used Microsoft ISA and switched because it's no longer supported.

How was the initial setup?

In our case straightforward, because we do not have many rules on our firewall, but I’ve seen cases where the migration from one firewall to another can be very tedious.

What about the implementation team?

We did it in-house.

What other advice do I have?

If you are using Cisco, then you will be very familiar with the product, and maybe you won't encounter any problems at all. However, if Cisco is a new solution, you should ask for a demo to see the interface of the ASDM and the defense system in action, and then decide if this is the kind of insight you need of your network.

Disclosure: My company has a business relationship with this vendor other than being a customer: Premier partner.
PeerSpot user
Network Administrator at a transportation company with 201-500 employees
Real User
Plenty of documentation online, but the stability and scalability could improve
Pros and Cons
  • "I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily."
  • "Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated."

What is our primary use case?

I use Cisco ASA Firewall at my company for network security.

What needs improvement?

Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated.

For how long have I used the solution?

I have been using this solution for approximately two years.

What do I think about the stability of the solution?

The stability needs improvement.

What do I think about the scalability of the solution?

I have found the Cisco ASA Firewall scalability could improve.

How are customer service and technical support?

I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily.

They can improve by adding a public troubleshooting process.

Which solution did I use previously and why did I switch?

I have previously used Fortinet firewalls that I have found to be better.

What other advice do I have?

I would not recommend Cisco.

I rate Cisco ASA Firewall a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.
reviewer1395702 - PeerSpot reviewer
Network Security Engineer at a tech services company with 51-200 employees
Real User
A proactive threat defense solution with a good Inline Mode configuration
Pros and Cons
  • "The Inline Mode configuration works really well, and ASA works very impressively."
  • "I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall."

What is our primary use case?

I use it for VPNs, remote-access VPNs, environment issues, and failover issues. I also use the
content mode, NAT, and PAT in this firewall. We always use ASA for VPN sites and firewall sites. We use the edge for internet access for data center servers or company customers' internet access.

How has it helped my organization?

We always use ASA for integration another companies  and branches easily. 

What is most valuable?

The Inline Mode configuration works really well, and ASA works very impressively.

What needs improvement?

I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic at all. It's important, and you'll need an additional firewall. 

All next-generation firewalls don't have much control over Layer 7, but there's a little bit of control for inspection. ASA never controlled Layer 7, and it's a bad point.

 I don't like to use ASDM, a graphical interface, and other solutions for ASA. I wouldn't say I like this, and it's not good(ASDM).

For how long have I used the solution?

I have over seven years of experience with Cisco ASA Firewall.

What do I think about the stability of the solution?

It's stable. ASA works very well, and it's impressive. I use only ASA and only the Inline Mode. 

What do I think about the scalability of the solution?

It's a scalable, high availability solution. It's an active/standby model for VPN. But if you don't use VPN in these devices, it works as an active/active high availability model.

How was the initial setup?

If you're a Cisco Administrator or Cisco certified, the initial setup isn't a problem. But if you don't know Cisco devices and how they work, it can get a little complicated.

What other advice do I have?

I would advise new users to look at next-generation firewalls like FTD or other models from Cisco. It's better than Cisco ASA. Cisco ASA Firewall isn't a next-generation firewall.

On a scale from one to ten, I would give Cisco ASA Firewall an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
C.T.O at Sastra Network Solution Inc. Pvt. Ltd.
Real User
Reliable and easy to use with good security features
Pros and Cons
  • "It is very stable compared to other firewall products."
  • "They need a user-friendly interface that we could easily configure."

What is our primary use case?

We are using Cisco ASAv in our company and have deployed it for many of our customers. They are in both government and the private sector.

The deployment method varies depending on the customer's needs. For the government, it's through the government cloud while others are on-premises.

What is most valuable?

It is very stable compared to other firewall products.

It has good security features.

The firewall features make it easy for the users to work on it.

What needs improvement?

The interface needs improvement. I would like a better interface for Cisco. Other solutions such as Palo Alto have a user-friendly dashboard.

They need a user-friendly interface that we could easily configure.

It would be beneficial to have some of the features that Cisco has, integrating with other types of security.

For how long have I used the solution?

I have been using this solution for approximately eight years.

What do I think about the stability of the solution?

It's a very stable solution out of the box and we have not had any issues in our deployment.

We have 86% of the devices being used simultaneously.

What do I think about the scalability of the solution?

It's scalable based on the type of license and modules that you require.

We don't have the option to update the box, but we can add features such as antivirus protection.

How are customer service and technical support?

We have contacted technical support for some issues outside our technical expertise, mostly for updating the license.

We have a team that handles our issues.

What's my experience with pricing, setup cost, and licensing?

We work on a case-by-case basis and are have good offers by Cisco.

It's very competitive with other products.

What other advice do I have?

They should incorporate it with FortiGate, or Sophos firewalls. 

If they are looking for a layer 7 type of security then they need to go with another solution.

I would rate Cisco ASAv a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Solution7499 - PeerSpot reviewer
Solutions Architect at a manufacturing company with 10,001+ employees
Real User
Increases efficiency of servicing our customers by joining our networks
Pros and Cons
  • "This solution is easy to use if you know how to set it up."
  • "The inclusion of an autofill feature would improve the ease of commands."

What is our primary use case?

We use this solution to join our private network to the customer's network.

In our business, we don't have to be on the customer's network, so a lot of people will install cheap equipment. We're trying to push it to where we can standardize the equipment, although the cost of Cisco products would have to come down a little bit in order for us to be more competitive.

How has it helped my organization?

Firewalls are difficult, and this solution gives us outside access to connect with the customer's network and service them better. It makes us more efficient.

What is most valuable?

This solution is easy to use if you know how to set it up.

The most valuable features are on the routing side, with the control between the two networks and the rules that are in there.

What needs improvement?

The inclusion of an autofill feature would improve the ease of commands.

This solution would benefit from being more cost-effective.

What do I think about the stability of the solution?

This solution is very stable, and I haven't seen any issues with it.

What do I think about the scalability of the solution?

Scalability doesn't really apply to us, as it is just a firewall client.

How are customer service and technical support?

Technical support for this solution is really good. We had an issue with a firewall and it was a good turnaround that was quick.

Which solution did I use previously and why did I switch?

Our implementation of this solution was driven by the customer.

How was the initial setup?

The initial setup of this solution is pretty straightforward. We did have some rules that somebody had put on it that didn't match up, but we got it all worked out.

What about the implementation team?

We implemented this solution in-house.

What's my experience with pricing, setup cost, and licensing?

With respect to the routers and switches, or the core stacks that we get, they seem to be pretty comparable so I don't have any issues with the licensing.

Some of our customers would be more likely to standardize on Cisco equipment if the cost was lower because a lot of people install cheap equipment.

Which other solutions did I evaluate?

While we have a partnership with Cisco, there are other products that have been used within the company. After evaluating other products such as those by Barracuda, it just happened that this solution worked out better for us. I like the Cisco reputation.

What other advice do I have?

With this solution, we have everything that we need. I don't know about other people's use cases, but ours is pretty straightforward.

My advice to anybody researching this type of solution is to stick with Cisco products, no matter which one it is. We've had pretty good luck with everything from Cisco.

I don't have any issues with this solution, so I would rate it a ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Manager at BS&B Safety Systems
User
Works out-of-the-box. With the setup wizard, it was easy to get it deployed quickly.
Pros and Cons
  • "Cisco ASA works out-of-the-box. With the setup wizard, it was easy to get it deployed quickly, even by novice IT users."
  • "More intuitive support for SIP services are needed. This took a long time to configure properly for the user."

What is our primary use case?

It was used for a remote office deployment connect back via VPN to the corporate office and services.

How has it helped my organization?

Cisco ASA works out-of-the-box. With the setup wizard, it was easy to get it deployed quickly, even by novice IT users.

What is most valuable?

The ability to have a protected home network on the unit and a separate secured office network linked back to corporate.

What needs improvement?

More intuitive support for SIP services are needed. This took a long time to configure properly for the user.

For how long have I used the solution?

Less than one year.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Asst.Manager IT at a manufacturing company with 501-1,000 employees
Real User
Blocks threats from the application layer
Pros and Cons
  • "The GUI is among the most valuable features,"
  • "It could use a web-based portal for VPN. Earlier they had it in the ASA model, but currently they don't have it."

What is our primary use case?

The primary use is to block incoming threats from the internet, at the edge of the network.

It's performing well. We check the report of blocked pages, blocked attacks, etc.

How has it helped my organization?

Previously, we only had a normal firewall, it was not next generation. It was not blocking many of the threats from Layer 7, the application layer. Now, this solution has IP, an intrusion prevention system, and because of the URL filtering, it can block other malware. It seems with the cloud database and the signatures, it compares the receiving files, then it blocks the URLs, making us more secure.

What is most valuable?

All the features are good. The GUI is among the most valuable.

What needs improvement?

It is on multiple boxes so ISP load balancing, multiple network load balancing would be helpful.

Also a web-based portal for VPN. Earlier they had it in the ASA model, but currently, they don't have it. The user needs to just click on the link so he can work.

What do I think about the stability of the solution?

It is quite stable, it is able to detect. But the malware part should probably be upgraded. Performance-wise it is good and it has a long life.

What do I think about the scalability of the solution?

It has limits. If your network is going beyond it, then you'll have to replace it with higher model.

How are customer service and technical support?

Technical support is good.

Which solution did I use previously and why did I switch?

We have been using Cisco for a long time, various models. We had PIX, then ASA. We were quite comfortable with the performance, it never failed. But our old solution was coming to end-of-life. Also, this is able to more block more threats from the application layer, etc.

The most important criteria when selecting a vendor are 

  • reputation
  • technology
  • features
  • cost.

How was the initial setup?

The initial setup was a bit complex.

What other advice do I have?

My advice would depend on what your comfort level is. If you have already used Cisco, I would recommend this, to evaluate it at least. Evaluate it and learn how useful it is.

It gives good performance, the technology is quite good, sufficient for our objectives, protecting our network, etc. The missing two points are because they have to do make more improvements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Sales Manager at Entiresoft Technologies Pvt Ltd
Real User
Top 20
VPN load balancing has been essential for my connections to integrate via multiple time zones
Pros and Cons
  • "VPN load balancing has been particularly essential for my connections to integrate via multiple time zones."
  • "I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."

What is our primary use case?

I am using Cisco ASA as the firewall for my business to guard the boundary of my business. It has been very helpful in my sector of media with my clients, essentially focusing on how secure their data is, especially when we are working on a few projects which involve multiple citations across Europe. 

Our content, which is the main asset for our firm, is pretty elusive behind the firewall of Cisco ASA.

How has it helped my organization?

It has improved my client's trust. 

What is most valuable?

VPN load balancing: This has been particularly essential for my connections to integrate via multiple time zones.

What needs improvement?

I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs. I would like to advise others to please be wary from the start.

For how long have I used the solution?

Less than one year.

What was our ROI?

It was initially heavy on my pocket, but it soon actualised its worth.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.