Cisco Secure Firewall Reviews

Cisco Secure Firewall's use case in our organization is justified because we operate in the financial industry where security best practices require multi-vendor products. We are running other vendors' solutions as well, and since Cisco is a prominent and one of the best vendors in the market, we opted for Cisco Secure Firewall. Both solutions serve our security requirements effectively.

The most valuable feature of Cisco Secure Firewall is the policy cleanup functionality. In the firewall, we have hundreds of policies deployed, and we often face a challenge regarding what to do with unused policies and how to remove them without impacting required access. Cisco Secure Firewall helps us identify the unused policies efficiently, and we are confident to remove them without any negative impact.

Cisco Secure Firewall helps our company overall because the firewall provides substantial capability when it comes to throughput, the number of policies, and the number of records. However, whenever traffic comes into the network, it must pass through all the policies and match the required ones, which takes considerable time. This solution helps us streamline our processes, streamline our information security requirements, and streamline our audit requirements to achieve our goals.

From the improvement perspective, I would identify automation as a key area. Whenever a requirement comes and needs to be deployed, there are individual rules to configure. When it comes to CLI, it was easy to create a script and copy-paste, but the GUI approach takes considerable time. Built-in automation would help significantly. Although there are options in the market such as Terraform or Ansible Tower with possible integration, having something built directly into Cisco Secure Firewall would be more beneficial.

I have been using Cisco Secure Firewall for a couple of years.

Cisco Secure Firewall is quite stable. While I experienced some issues when it was new in the market, the solution is stable now.

We are running other solutions as well, but being in the financial industry, we run multiple vendors and multiple firewalls. When I compare this solution with others, Cisco Secure Firewall is quite stable.

Cisco Secure Firewall is scalable and provides the required functionality and scalability from a throughput perspective and from a bandwidth perspective.

Regarding my experience with Cisco support for firewalls, we are using TAC support and partner support from Cisco. The experience is generally fine, but there is one area where we consistently face problems. Whenever we open a case, for example a P1 (severity one) case, an L2 engineer initially takes time to understand the requirement. Then the engineer mentions that their shift is going to finish and hands over to a new engineer, who takes additional time to get up to speed. This approach is not workable in our environment, especially in banking, where uptime is critical. This area requires improvement.

From the pricing and licensing perspective for Cisco Secure Firewall, we have multiple licenses covering threat intelligence, antivirus, and other security functionalities, and these come within the offering. This is satisfactory from that perspective. My overall review rating for Cisco Secure Firewall is 8 out of 10.

We're using the solution as a firewall, for securing our whole network for students and staff throughout the whole school.

Cisco Secure Firewall's performance benefits my company by allowing us to shape the bandwidth and internet for staff with quality of service where it works better for them rather than students, or vice versa. When students are testing, you can adjust it for that too.

The performance part of Cisco Secure Firewall is pretty good. You can control the bandwidth and features such as bandwidth shaping and quality of service, and I appreciate that part. At our school, a lot of the kids use laptops, the staff use laptops, and they have Wi-Fi. 

I just tried the chat feature in Cisco Secure Firewall, and that was pretty cool; the AI worked pretty good when I tried it at home in the evening, so that was a nice feature.

The visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic are pretty good too, as our finance department uses it, so keeping that part secure for them works out well.

For our students, we have them in certain groups, and then our staff in certain groups, so with Cisco Secure Firewall, you can push out policies for each one.

Cisco Secure Firewall is important. You can control what students are looking at, and if they're looking at something inappropriate, you can control it. You can also see which device is taking up more bandwidth.

Regarding the zero-trust security model, Cisco Secure Firewall helps our company. Our students and staff have the ability to do whatever they need to do with their research. It helps them while keeping security top of mind.

I would like to see more about the pricing of Cisco Secure Firewall or maybe see it enhanced.

I have been using Cisco Secure Firewall for about ten years now.

The stability and reliability of the Cisco Secure Firewall have always been good; it never falls, never fails, and it's always backed up, which is always good too.

We have more kids and more staff coming in, so with Cisco Secure Firewall, just having that ability to add on more features is great. Currently, it appears we're barely using it, so we can add more with it, and we always have room for that, which is good.

Whenever I call about a problem with Cisco Secure Firewall, they're always helpful and very knowledgeable, getting me to the right solutions I need. They're always willing to help afterwards too and send me documentation, which is always good.

Positive

The deployment experience with Cisco Secure Firewall is easy, with a straightforward deployment.

From my point of view as an IT admin, the biggest return on investment when using Cisco Secure Firewall is seeing what kids are looking at, shaping what they're looking at, shaping the bandwidth, quality of service, and you can do all that with the firewall, too. It also helps in blocking kids from things and monitoring what staffers are looking at.

I work for a school, so getting licensing and getting the budget for Cisco Secure Firewall for certain products is a challenge. It's good to have them, however, it costs us a lot.

On a scale of one to ten, I rate Cisco Secure Firewall a ten.

Cisco Secure Firewall's main use case is the edge firewall, which has great IPS and IDS capabilities, providing a solid defense layer for the organization.

I really appreciate the NAT-ting feature of Cisco Secure Firewall the most.

The main benefit of the NAT-ting feature in Cisco Secure Firewall is that when I establish a site-to-site tunnel with another endpoint from another company, I can provide them with a fake IP instead of the real IP.

Cisco Secure Firewall benefits our organization by serving as the first defense layer, which is the edge firewall as I mentioned before, helping to prevent DDoS attacks and similar threats.

I think Cisco Secure Firewall could become even better overall, but as of now, it is already in a stable status, and I do not see any significant features that need immediate attention. Perhaps something will come up in the future.

Cisco Secure Firewall is a stable and reliable product.

Cisco Secure Firewall remains stable because even if there are bugs, Cisco TAC engineers are consistently working to find solutions on the spot.

I am not experiencing any downtime with Cisco Secure Firewall.

There are bugs in Cisco Secure Firewall, but as I mentioned, the TAC engineers are actively working to resolve issues as quickly as possible, so the downtime is only for a short period.

I have experienced bugs with Cisco Secure Firewall, such as a sudden reboot, for example, but they resolved it on the spot.

Cisco Secure Firewall scales with the growing needs of an organization and has scalability.

Cisco Secure Firewall definitely demonstrates scalability, though I cannot explain it exactly.

I find that customer support from Cisco is good, as the TAC engineers are available all the time.

If I could rate Cisco Secure Firewall's support on a scale from one to ten, I would give it a ten.

Positive

The deployment model for Cisco Secure Firewall is on-premises.

My experience with deploying Cisco Secure Firewall is that it is complicated, but if you have the experience, you can deploy it smoothly.

There is a high learning curve for the deployment of Cisco Secure Firewall.

I have seen ROI with Cisco Secure Firewall, as they definitely save time and provide peace of mind.

Cisco Secure Firewall saves time and also saves money, definitely providing peace of mind.

My impression of the pricing and licensing of Cisco Secure Firewall is that it is not the normal pricing; it is high, but they deserve it.

They bring great value for the price because they provide excellent support, have stability, and we trust this product.

I would rate Cisco Secure Firewall a nine on a scale from one to ten. I rate it a nine because there is one point regarding the bugs that the versions of Cisco in general have.

My advice to other organizations considering Cisco Secure Firewall is to ensure that customers receive guidance from TAC engineers regarding bugs and workarounds when they are published. It is crucial to expedite the process of finding bugs before deploying new versions.

The use case at my company is to secure our campus and our different data centers.

My most valuable feature of Cisco Secure Firewall is that I can see what is where, which rules are applied where, and create templates. In general, it's a good feature for us.

Having Cisco Secure Firewall has definitely helped our organization because we are a German company that follows rules, so we have governance. We need to deploy the same type of governance everywhere, and it's much easier to deploy this way, even with some country-to-country differences.

To improve Cisco Secure Firewall product, we have a TAC case open for that, but I would prioritize responsiveness for sure, as UX/UI is always something to work on. We have complaints from our NOC people, but they are always complaining.

I have been using Cisco Secure Firewall at my company for a year.

When it comes to reliability with Cisco Secure Firewall, it's not necessarily about downtime; it's about reliability in updates. We want something that can be updated easily and reliably. When we push an update, we don't want it to crash, of course, and we want to be sure that we are up in the security game. This is one of the main reasons I'm here, as everything security-related is quite important to us. We mostly have on-premises devices and our own data centers, so it's crucial that the tools we buy are reliable.

I find Cisco Secure Firewall to be pretty easy to scale, and I was in a meeting this week with Cisco insiders who said it's going to be even easier in the future.

They're going to provide us with AI now for Cisco Secure Firewall, and we will just be able to chat while everything does itself.

Regarding customer support, I had a meeting yesterday with them for Cisco Secure Firewall. We are a very large company, so we open TAC cases quite often because we have more than 200 people working in security at my company. We find problems all the time, and most of the time it's quite responsive. However, one of the reasons we come to Cisco Live is to meet face-to-face with the engineers and their managers to ask why a particular TAC case hasn't moved for the last couple of months, and we want answers. We're not afraid to say when it's bad, but we also recognize when it's good. We want answers. If you don't want to tell us why, tell us why you don't want to tell us why. Generally, we have a very good relationship with Cisco.

On a scale of one to ten, I would rate the support for Cisco Secure Firewall a nine, even if sometimes we have some bumps. I understand the effort all the support team needs to provide to reach this level. Living in Warsaw, I have seen the Krakow office grow, and I believe it's a fantastic development for Poland to have so many people there. I hope Cisco continues investing there.

I believe we were using another product before Cisco Secure Firewall, but I don't have the detailed answer. I work at digital department, where we provide all IT and IT infrastructure for the company, so it's quite a large environment with 2,000 people in the networking team globally. I don't know what everyone is doing, even if I should probably know.

Evaluating other solutions is becoming my job now, and I'm focusing on three main topics: creating the lab for the networkers at my company, evaluating the monitoring capabilities for the networkers, and looking into AI tools for our networking team. I know some of my colleagues in architecture are also evaluating tools more in detail, ranging from SD-WAN to firewall to switching. We have many solutions here in Cisco, and we are all communicating to share opinions, even if it's not our core role to have answers. It's a good thing.

This new AI functionality will definitely help our company operate more efficiently for the SOC team, especially concerning deploying different rules and rule sets. This year, when we faced problems with the geopolitical environment, our company decided to enforce policies on some countries, and instead of reviewing hundreds of thousands of IP addresses manually, we could just do five clicks to shut off a whole part of Ukraine very easily. It's a life-saver sometimes.

I think in general, Cisco Secure Firewall is a really great product, and we will just go with the flow. AI is probably something that we need to go with, but let's not implement AI everywhere for the sake of it. Let's ensure it's useful, and I believe it has its utility there as well.

I don't think there is anything competing on the market at the moment. There is nothing competing on the market, so I have given Cisco Secure Firewall an overall rating of ten. I appreciate your understanding; when I mention integers, I know that engineers will understand exactly what I'm talking about.

Concerning the pricing and licensing of Cisco Secure Firewall, that's not really my part. My focus is on the product itself — how good it is, how it competes, and how well it fits our needs. I do ask about pricing, but that ultimately goes to board management for negotiating directly with Cisco. I have an overview of the pricing, of course, and I can share with my management what the pricing is versus competitors. We often see significant disparities, but most of the time there are valid reasons with Cisco.

Cisco Secure Firewall serves as our primary line of defense when receiving traffic for the customers that we serve, and from there, it is distributed across our network. It is the main firewall for the division of service that we manage the network for.

Cisco Secure Firewall performs very well in that the web interface is manageable when deploying configurations because it is very easy to set up. I don't have to write all those lines of configuration codes directly on the devices, but I can do it on a visual interface where I can double-check before pushing any configuration through, and that is very useful. When setting VPN connections, the filtering during troubleshooting is particularly helpful, as the Cisco IOS CLI has never been very capable when filtering during troubleshooting of a deep issue, and the interface is very helpful when it comes to that.

There are quite a lot of bugs when opening sub-windows, as sometimes I cannot extend the size to read more information, and when writing a long line of text, it can be annoying.

There are quite a lot of bugs when opening sub-windows, as sometimes I cannot extend the size to read more information, and when writing a long line of text, it can be annoying.

I have been using Cisco Secure Firewall for approximately three or four years now.

I have seen some instability regarding Cisco Secure Firewall. This may have been on us because we had a provisioning capacity issue and had to make an upgrade to serve the needs of our network. We experienced the issue due to a memory issue with one of our firewall pairs. Despite that issue, the devices are very reliable and stable under normal functioning.

Cisco Secure Firewall is very scalable. It is almost transparent from both customer and service technician perspectives, and I would give Cisco a 10 for scalability. This has been one of its strengths in their history.

I have contacted the technical support or customer support of Cisco regarding this solution. The speed of the support was appropriate. The quality was challenging to assess because when given a problem to resolve, there are so many details to recover and so much context of the company's usage to understand that it is not as simple as saying the official support of Cisco must have a magic wand to resolve the issue. At the end of the day, they were not able to provide the proper insight that we needed to resolve the issue we were facing at the time.

It is worth mentioning that our head of network is one of the toughest professionals I have come across when it comes to networking, and this may have made it more difficult for them because every person who came on the line was way ahead of them. When trying to get to a solution and having to repeat myself, I can come into a call not knowing everything, and recovery scripts must be run to gather information, analyze it, and then come back with a solution. In the end, it did not work, and we had to use another workaround developed by us. I would not say the support was bad; it was efficient in communication, but the final solution was not satisfactory.

I have never used any direct alternative to Cisco Secure Firewall, although there were discussions about switching to another vendor. After a lot of discussion, we remained with Cisco for its capabilities and some other details. It came into consideration to switch to another vendor for administrative decisions because Cisco solutions are quite expensive, and other vendors might do the job for a considerably lower amount, but Cisco remained. We never managed to use an alternative.

The initial deployment was most difficult because there were some compatibility issues. At the time I came to the team, we were transitioning from Cisco ASA to the new Firepower solution, and the tools for migrating the configuration about the objects were not working properly. I did not have the time to work out why since I was not the main architect of the network and was in a lesser role, but this was one of the main challenges I worked on. We had to do a lot of scripting and manual work to migrate the objects and configure the new solution because Cisco ASA was not very capable of extracting the information to push to a newer generation of firewalls.

We handle maintenance on Cisco Secure Firewall ourselves. We require maintenance and upgrades, and we do it ourselves.

I would rate this product an 8 out of 10 overall.

Our company's use case involves internal data center firewalls, mostly for east-west traffic.

The most valuable feature of Cisco Secure Firewall is the firewalling, which is essentially the security part of the firewall.

The security is improving with the blocking of access and the access rules. Security-wise, I find that it helps improve access between entities and departments, and more importantly, it covers the regulatory aspect as well.

If I could improve Cisco Secure Firewall, I would focus on the fact that there are many bugs, specifically with the FTDs. The versioning and software stability need improvement.

I have been using Cisco Secure Firewall for almost ten years.

Regarding bugs in Cisco Secure Firewall, for example, the logs show some traffic between two endpoints while others do not, which is a bug we found out recently. Cisco has reviewed it, and we are trying to fix it through an upgrade.

The bugs are problematic.

Cisco Secure Firewall is scalable and reliable. Regarding scalability, it is seamless. We have had a recent upgrade, added new data centers, and enhanced the existing firewalls.

My experience with their support team is that support is good and they are quite responsive. On a scale of one to ten, I would rate them a ten for good support.

Positive

I know that they evaluated other companies, including Forcepoint, a company providing firewalls as well, specifically next-generation firewalls. They picked Cisco Secure Firewall mainly for the FTD and superior Cisco support, which was the main deciding factor.

Deployment-wise, Cisco Secure Firewall is straightforward, as all Cisco products are straightforward. It takes roughly two months to deploy Cisco Secure Firewall, but it depends on the type of implementation and the specific data center involved.

The two months mainly involve the LLDs, the design phase, and the shipping. The most delay comes from shipping and delivery, as the standard delivery from Cisco is six to eight weeks, which is where the delay occurs, while the rest of the activities are completed prior to that. I would rate Cisco Secure Firewall a seven on a scale of one to ten overall. I would not rate it a ten due to the stability of the product needing improvement, specifically with the FTD.

My main use for Cisco Secure Firewall is primarily for our internal VMs and similar infrastructure.

What I like the most about Cisco Secure Firewall is that it performs better than our previous product. We had a lot of latency issues and general problems with our previous solution, but this firewall functions much better.

Cisco optimizes the experience by providing a single pane of glass for our GUI and firewall management, which is probably the best feature.

I assess the operational efficiency of Cisco in my IT environment as very strong, as it integrates well with most of our existing infrastructure since we are already a Cisco shop.

Cisco does optimize the experience in a hybrid or distributed enterprise setup.

I evaluate customer service and technical support as quite good. The documentation could use some improvement overall, as there are some errors in it. However, when we interact with support personnel and the AI agent, the experience is usually very good.

I have been using Cisco Secure Firewall for about six months, having received our firewalls during that time.

I have not experienced any downtime or crashes.

Cisco Secure Firewall scales well with the growing needs of my organization and certainly scales beyond what we needed.

I evaluate customer service and technical support as quite good. The documentation could use some improvement overall, as there are some errors in it. However, when we interact with support personnel and the AI agent, the experience is usually very good.

Prior to Cisco, we were using a few different options, but much of our infrastructure was Grandpea and Upsense.

Deploying Cisco Secure Firewall was as painless as swapping an internal firewall can be.

I have seen ROI mainly because our firewall runs our internal infrastructure, and we offer some services behind it, so overall, I would say the ROI is positive.

My experience with price, setup costs, licensing, and related factors was beyond my direct involvement, but I know it came down to a deal that included other products. Overall, we were very happy with the arrangement.

What stood out to me during the evaluation process was that choosing Cisco made sense primarily because we are already a Cisco shop and are familiar with their sales representatives, products, and dashboards.

I give Cisco Secure Firewall an overall rating of eight out of ten.

I use Cisco Secure Firewall essentially as a firewall and for a secure access VPN solution. I need Cisco Secure Firewall to fulfill that role; I need it for secure access, and it performs the firewalling I need it to do in the network segment where it is located.

I have seen a return on investment with Cisco Secure Firewall. Generally, where it sits in my network, there are other vendors as well, but Cisco Secure Firewall is a better product and easier to manage than those alternatives. It does more of the features that I want it to do to be more secure, and I will move the other vendors into Cisco Secure Firewall.

The biggest challenge I have with Cisco Secure Firewall is that I often need to look in a few places to find what I want to do or I find myself searching for where a particular feature is located. I know what I want to accomplish, but I cannot always find it easily; it takes some time looking around. Because I do not use Cisco Secure Firewall as heavily as other vendors, I find it a little harder to navigate, though I would caveat that with the possibility that with more use, it would become easier for me to navigate and accomplish what I want to do. I am not sure how I would specifically improve that aspect, but it is probably the biggest day-to-day challenge I have with it.

I have been using Cisco Secure Firewall for about a year, maybe just over.

Stability of Cisco Secure Firewall is generally very good.

In terms of scalability, because it is there for the secure access solution as well, it was right-sized when it was put in, so I have not had any scalability challenges for what I do. My organization is fairly static in terms of scale, so users and that type of thing do not scale up and down quickly; it is more slow-moving in that regard.

I have not done a whole lot of customer support with Cisco Secure Firewall.

Before Cisco Secure Firewall, I used Juniper as a vendor; I have used them with other vendors as well, but where I am using Cisco Secure Firewall, they are sort of a direct competitor with Juniper.

It took a couple of months to deploy Cisco Secure Firewall; that was the same for secure access, as it was all part of the same rollout. What took those months to deploy was probably more internal change controls; it is just slower moving, as I have done a lot of testing deployments in lab environments, so it is less of a technology issue and more of the constraints of where I work that slow it down.

I did not implement Cisco Secure Firewall personally, but I was there for the implementation.

I have seen a return on investment with Cisco Secure Firewall. Generally, where it sits in my network, there are other vendors as well, but Cisco Secure Firewall is a better product and easier to manage than those alternatives. It does more of the features that I want it to do to be more secure, and I will move the other vendors into Cisco Secure Firewall.

Integration with other systems is fairly slow-moving and static in that way. I would rate this review an 8.