Cisco Secure Firewall Reviews

I use it for VPNs, remote-access VPNs, environment issues, and failover issues. I also use the
content mode, NAT, and PAT in this firewall. We always use ASA for VPN sites and firewall sites. We use the edge for internet access for data center servers or company customers' internet access.

We always use ASA for integration another companies  and branches easily. 

The Inline Mode configuration works really well, and ASA works very impressively.

I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic at all. It's important, and you'll need an additional firewall. 

All next-generation firewalls don't have much control over Layer 7, but there's a little bit of control for inspection. ASA never controlled Layer 7, and it's a bad point.

 I don't like to use ASDM, a graphical interface, and other solutions for ASA. I wouldn't say I like this, and it's not good(ASDM).

I have over seven years of experience with Cisco ASA Firewall.

It's stable. ASA works very well, and it's impressive. I use only ASA and only the Inline Mode. 

It's a scalable, high availability solution. It's an active/standby model for VPN. But if you don't use VPN in these devices, it works as an active/active high availability model.

If you're a Cisco Administrator or Cisco certified, the initial setup isn't a problem. But if you don't know Cisco devices and how they work, it can get a little complicated.

I would advise new users to look at next-generation firewalls like FTD or other models from Cisco. It's better than Cisco ASA. Cisco ASA Firewall isn't a next-generation firewall.

On a scale from one to ten, I would give Cisco ASA Firewall an eight.

We are using Cisco ASAv in our company and have deployed it for many of our customers. They are in both government and the private sector.

The deployment method varies depending on the customer's needs. For the government, it's through the government cloud while others are on-premises.

It is very stable compared to other firewall products.

It has good security features.

The firewall features make it easy for the users to work on it.

The interface needs improvement. I would like a better interface for Cisco. Other solutions such as Palo Alto have a user-friendly dashboard.

They need a user-friendly interface that we could easily configure.

It would be beneficial to have some of the features that Cisco has, integrating with other types of security.

I have been using this solution for approximately eight years.

It's a very stable solution out of the box and we have not had any issues in our deployment.

We have 86% of the devices being used simultaneously.

It's scalable based on the type of license and modules that you require.

We don't have the option to update the box, but we can add features such as antivirus protection.

We have contacted technical support for some issues outside our technical expertise, mostly for updating the license.

We have a team that handles our issues.

We work on a case-by-case basis and are have good offers by Cisco.

It's very competitive with other products.

They should incorporate it with FortiGate, or Sophos firewalls. 

If they are looking for a layer 7 type of security then they need to go with another solution.

I would rate Cisco ASAv a nine out of ten.

We use this solution to join our private network to the customer's network.

In our business, we don't have to be on the customer's network, so a lot of people will install cheap equipment. We're trying to push it to where we can standardize the equipment, although the cost of Cisco products would have to come down a little bit in order for us to be more competitive.

Firewalls are difficult, and this solution gives us outside access to connect with the customer's network and service them better. It makes us more efficient.

This solution is easy to use if you know how to set it up.

The most valuable features are on the routing side, with the control between the two networks and the rules that are in there.

The inclusion of an autofill feature would improve the ease of commands.

This solution would benefit from being more cost-effective.

This solution is very stable, and I haven't seen any issues with it.

Scalability doesn't really apply to us, as it is just a firewall client.

Technical support for this solution is really good. We had an issue with a firewall and it was a good turnaround that was quick.

Our implementation of this solution was driven by the customer.

The initial setup of this solution is pretty straightforward. We did have some rules that somebody had put on it that didn't match up, but we got it all worked out.

We implemented this solution in-house.

With respect to the routers and switches, or the core stacks that we get, they seem to be pretty comparable so I don't have any issues with the licensing.

Some of our customers would be more likely to standardize on Cisco equipment if the cost was lower because a lot of people install cheap equipment.

While we have a partnership with Cisco, there are other products that have been used within the company. After evaluating other products such as those by Barracuda, it just happened that this solution worked out better for us. I like the Cisco reputation.

With this solution, we have everything that we need. I don't know about other people's use cases, but ours is pretty straightforward.

My advice to anybody researching this type of solution is to stick with Cisco products, no matter which one it is. We've had pretty good luck with everything from Cisco.

I don't have any issues with this solution, so I would rate it a ten out of ten.

It was used for a remote office deployment connect back via VPN to the corporate office and services.

Cisco ASA works out-of-the-box. With the setup wizard, it was easy to get it deployed quickly, even by novice IT users.

The ability to have a protected home network on the unit and a separate secured office network linked back to corporate.

More intuitive support for SIP services are needed. This took a long time to configure properly for the user.

The primary use is to block incoming threats from the internet, at the edge of the network.

It's performing well. We check the report of blocked pages, blocked attacks, etc.

Previously, we only had a normal firewall, it was not next generation. It was not blocking many of the threats from Layer 7, the application layer. Now, this solution has IP, an intrusion prevention system, and because of the URL filtering, it can block other malware. It seems with the cloud database and the signatures, it compares the receiving files, then it blocks the URLs, making us more secure.

All the features are good. The GUI is among the most valuable.

It is on multiple boxes so ISP load balancing, multiple network load balancing would be helpful.

Also a web-based portal for VPN. Earlier they had it in the ASA model, but currently, they don't have it. The user needs to just click on the link so he can work.

It is quite stable, it is able to detect. But the malware part should probably be upgraded. Performance-wise it is good and it has a long life.

It has limits. If your network is going beyond it, then you'll have to replace it with higher model.

Technical support is good.

We have been using Cisco for a long time, various models. We had PIX, then ASA. We were quite comfortable with the performance, it never failed. But our old solution was coming to end-of-life. Also, this is able to more block more threats from the application layer, etc.

The most important criteria when selecting a vendor are 

• reputation
• technology
• features
• cost.
  

The initial setup was a bit complex.

My advice would depend on what your comfort level is. If you have already used Cisco, I would recommend this, to evaluate it at least. Evaluate it and learn how useful it is.

It gives good performance, the technology is quite good, sufficient for our objectives, protecting our network, etc. The missing two points are because they have to do make more improvements.

I am using Cisco ASA as the firewall for my business to guard the boundary of my business. It has been very helpful in my sector of media with my clients, essentially focusing on how secure their data is, especially when we are working on a few projects which involve multiple citations across Europe. 

Our content, which is the main asset for our firm, is pretty elusive behind the firewall of Cisco ASA.

It has improved my client's trust. 

VPN load balancing: This has been particularly essential for my connections to integrate via multiple time zones.

I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs. I would like to advise others to please be wary from the start.

It was initially heavy on my pocket, but it soon actualised its worth.

We use it for security of branch offices and data centers. 

It works like a firewall for security reasons. 

Filtering is the best feature, as I have gotten used to using it.                               .

The IPS and GUI are outdated. It is finally getting IPS inside, which will be a big improvement. The GUI is outdated, and they are slowly improving it. We will see if they go in the correct direction. Unfortunately, they usually just follow other vendors.

It is slowly not supported and other vendors are a few years ahead of Cisco in development.  

Configuration on Firepower is currently madness as you have to redeploy it again with all its configurations if you use it as a module.

The user interface of the Prime Security Manager is, well, prime and one of the best pieces of software I have seen from them, and the features are on par if not better than what their competitors offer.

Cisco has done a nice job of integrating global IP reputation management into the firewall with its Security Intelligence and Operations module for insights and malware collection.

Prime manager is just for the CX line for now. CX features also add about a 30% overhead on throughput.