Try our new research platform with insights from 80,000+ expert users
it_user1307058 - PeerSpot reviewer
Network Consulting Engineer at a comms service provider with 201-500 employees
Real User
Easy to configure, good VPN capabilities, and the antimalware features provide extra security
Pros and Cons
  • "The most important feature is the VPN connection."
  • "I would like to see the inclusion of a protocol that can be used to protect databases."

What is our primary use case?

We are a solution provider and the Cisco ASA Firewall is one of the security products that we implement for our customers. My clients use it for security, and also to establish VPN connections.

How has it helped my organization?

My client is in the financial sector and all of the connections are doing using the VPN. This type of access makes the connections more secure.

What is most valuable?

The most important feature is the VPN connection.

My clients also use the antimalware features and the scan is very good. It also supports packet inspection and IPS.

Cisco ASA is easy to configure.

The integration with the security features is something that I like.

What needs improvement?

The SecureX ASA administration platform should be improved.

The orchestration of modules should be improved.

I would like to see the inclusion of a protocol that can be used to protect databases. This would be a good feature to have added.

Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.

For how long have I used the solution?

We have been working with the Cisco ASA Firewall for approximately three years.

What do I think about the stability of the solution?

I have not had problems with stability, although I have had some small issues with bugs. In general, I can operate without a problem. 

What do I think about the scalability of the solution?

It is very easy to scale this product. With SMC, you can control all levels of ASA in a central console. You can simply add a new ASA firewall to protect your network, and you will be able to control it.

We have approximately 300 users.

My clients for this solution are medium-sized organizations.

How are customer service and support?

I have not been in contact with technical support but I use the implementation guide. I have also used the community support and I think that it's okay. The information that I received about the configuration was good.

Which solution did I use previously and why did I switch?

Prior to Cisco ASA, my client was using Fortinet FortiGate. They switched because there were complaints about the connection being slow.

How was the initial setup?

The complexity of the setup depends on the needs and requirements of the client.

When a client does not know exactly what is needed, the complexity increases because the configuration is not clear. You really have to have a good understanding of what the client needs before configuring it.

If the model does not have SMC then it is complex to configure.

The length of time for deployment also depends on the requirements, but it will usually take between three days and one week.

What's my experience with pricing, setup cost, and licensing?

This is an expensive product, although when you buy this solution, you can do many things so it provides good value for the investment.

Which other solutions did I evaluate?

My clients did evaluate other options but ultimately chose this product. Other than the VPN connection, I don't know the reasons for this decision.

What other advice do I have?

I can recommend this product because it is one of the most stable firewalls on the market. The suitability, however, depends on the environment and what is needed.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
reviewer1461084 - PeerSpot reviewer
Group Information Technology Manager at a mining and metals company with 201-500 employees
Real User
Provides great VPN and firewall features; very stable
Pros and Cons
  • "VPN and firewall are good features."
  • "Lacks a good graphical user interface."

What is our primary use case?

I'm the group information technology manager and we are customers of Cisco. 

What is most valuable?

The best feature for me is the VPN and I also like the firewall. 

What needs improvement?

In terms of improvement, we'd like to see a good graphical user interface. I'd also like to see the initial setup simplified. In comparison, if I were to implement the Fortigate firewall from scratch, it's a fairly simple set up. That is not the case with the ASA firewall, where you really need to have the skill and know what you're doing.

For how long have I used the solution?

I've been using this solution for 18 years. 

What do I think about the stability of the solution?

The solution is stable, we haven't had any issues. If we need something, we go to a consultant. In terms of product stability, it works very well.

What do I think about the scalability of the solution?

We haven't made any changes since implementing and we haven't tried scaling.  

How are customer service and technical support?

We get our support from the resellers, not from Cisco. 

What other advice do I have?

For those who have the technical know-how with Cisco products, I would recommend going with the ASA firewall, but if you're new to the field and running a smaller business, deployment will be complicated. 

I would rate this solution a nine out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.
Executive Director at ict training and development center
Real User
Good at blocking threats and pretty reliable but needs a better user interface such as web interface for easier create policy
Pros and Cons
  • "It's pretty reliable and allows for isolation capabilities within the network."
  • "The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use."

What is our primary use case?

We primarily use the solution for basic firewall configurations such as NAT, FORWARD PORT and Block TCP-UDP Port.

   

How has it helped my organization?

My company is very small just built last year, i now am using cisco asa 5510 for NAT and Port Forward and limit users access directly from internet only via Remote-VPN.

What is most valuable?

The ability to block threats is its most valuable aspect.

Most clients in Laos use the basic setup, which works quite well. It ensures that nothing can get onto the local network.

It's pretty reliable and allows for isolation capabilities within the network.

The ADSM is very good.

I like that I can use the command line. I use a lot of Cisco and often work with this. If you are comfortable with the command line, it's quite good.

What needs improvement?

The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use.

Cisco does not have a lot of web management. We have to use ASTM server management to make up for it.

For how long have I used the solution?

I've been using the solution, give or take, for around five years at this point.

What do I think about the scalability of the solution?


How are customer service and technical support?

When we need assistance from technical support, we typically deal with the team in China. They've been very good. Whenever I have a problem, they can resolve it. They are knowledgeable and responsive. We're satisfied with the level of support we get.

Which solution did I use previously and why did I switch?

We typically offer clients a few different solutions. For example, we may recommend Fortinet.

How was the initial setup?

For a new user, the initial setup may be a bit difficult. For me, since I am comfortable with Cisco, it's pretty straightforward. A new connection has its own complexities. It may be a different thing on Java SDK. There may be some programs that may not be able to access it.

What's my experience with pricing, setup cost, and licensing?

In Laos, clients don't have much wiggle room when it comes to cost. The economy right now isn't very good. Most just choose the basic solution in order to avoid pricey licensing fees.

Which other solutions did I evaluate?

subscription payment  

What other advice do I have?

We're just customers. We use it in our office and suggest it to clients. However, we don't have a business relationship with Cisco.

We try to adhere to our client's needs, and therefore, if they specify hardware they want to use, like Fortinet, we tend to accommodate them.

That said, if they ask my opinion, I usually recommend Cisco ASA.

I know a lot about the product and I'm good at controlling everything. I have a lot of knowledge and understanding after working with it so closely. That's why I tend to favor it when my customers ask for advice.

Overall, I would rate the solution seven out of ten. If the user interface were a bit better, I'd rate it higher.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user588258 - PeerSpot reviewer
Network Administrator at a healthcare company with 501-1,000 employees
Real User
It is a strong solution.
Pros and Cons
  • "Cisco ASA is very strong."
  • "Migration with other appliances is not easy. It has to be done manually, and this takes a long time."

What is our primary use case?

It is primarily used as a firewall. I think that all firewalls basically work the same, but some have different configurations of the switches. Cisco ASA is very strong. 

What needs improvement?

I think that there should be better security of other firewall appliances. Migration is another main issue. If you migrate from the ASA to the new Fire Power Threat Defense appliance, it is not an easy migration. You have to do some of the migration manually, and if you are relacing those firewalls it will take a long time. It should be a smoother migration process. Some of the new engineers are still not familiar with it, and I think that Cisco should rehire some of the engineers coming from Sourcefire to do so.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

There is not much to say about the stability of the product. Migration is the painful aspect of the solution.

How is customer service and technical support?

During the mitigation process, I used tech support. But, I still have not had a completely clean migration process.

What about the implementation team?

I do not like to have too many vendors it becomes difficult to diagnose and deal with. If all the switches also ran the same, I would be OK. But, this does not usually happen. Often there are many configurations of switches and we end up switching on the switches.

What's my experience with pricing, setup cost, and licensing?

Cisco has recently become very expensive. Other solutions on the market are cheaper than this solution.

Which other solutions did I evaluate?

We have also evaluated Fortinet and Sophos UTM as possible solutions.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Operation Manager
Real User
Provides software updates for known bugs and vulnerabilities.

What is most valuable?

  • Hardware reliability
  • Software stability
  • Quick software updates for known bugs/vulnerabilities

These are very important in an enterprise environment.

How has it helped my organization?

It is small. Nobody knows where it is or what it is. It works silently. As there ar no issues, it is good for businesses and organizations.

What needs improvement?

  • License politics
  • License price
  • Precise vendor roadmap for this product

For how long have I used the solution?

I have used Cisco ASA for five years.

What do I think about the stability of the solution?

We have not had stability issues.

How are customer service and technical support?

I would give them a high rating.

Which solution did I use previously and why did I switch?

We were using TippingPoint as an IPS and ZyXEL ZyWALL as a VPN server.
Cisco has good documentation and it is easy for Cisco certified engineers.

How was the initial setup?

The initial setup was straightforward.

What's my experience with pricing, setup cost, and licensing?

Our experience last year showed us that there is no full security, so why should we pay more? Any security vendor with a user-friendly interface, with good support, on-time updates for known vulnerabilities, and reliable hardware, is acceptable for an organization.

Which other solutions did I evaluate?

We did not evaluate any alternatives.

What other advice do I have?

The Cisco ASA product line will be replaced by Cisco FTD. Cisco FTD software is not ready for production, due to a lack of many basic NGFW features. Maybe only the high-performance Firepower 41xx/21xx/90xx Series is good as an IPS, because it is using a stable Sourcefire engine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Sr Network Engineer at a tech services company with 501-1,000 employees
Consultant
Valuable features are its ​VPNs and reliability.

What is most valuable?

VPNs, reliability.

How has it helped my organization?

Connectivity with client Telcos works perfectly way and administration is simple.

What needs improvement?

I think it's the perfect Firewall for SME.

For how long have I used the solution?

Five years.

What do I think about the stability of the solution?

No.

What do I think about the scalability of the solution?

No.

How are customer service and technical support?

10 out of 10.

Which solution did I use previously and why did I switch?

Version 5515 is better than 5510 or 5505.

How was the initial setup?

If you know how to use Cisco IOS, it's easy. Otherwise, you will find no way
of configuring it with ease.

What's my experience with pricing, setup cost, and licensing?

Go for the complete bundle, it's a one time investment only. Otherwise, in the future you will have to buy other tools as licenses for some add-on services.

Which other solutions did I evaluate?

FortiGate 100D.

What other advice do I have?

I would go for bundle licenses and hire a Cisco engineer for implementation.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Middle-Tier Admin Integrator at a tech services company with 51-200 employees
Real User
Cisco firewalls can be difficult at first but once learned it's fine.

What is most valuable?

Robustness

How has it helped my organization?

Reliability

What needs improvement?

No idea -- I learn a lot from them

For how long have I used the solution?

From 2000 until 2014

What was my experience with deployment of the solution?

Learning at the beginning

What do I think about the stability of the solution?

Nope -- If well planed you should be alright

What do I think about the scalability of the solution?

Price maybe...

How are customer service and technical support?

Customer Service:

Excellent

Technical Support:

Excellent

Which solution did I use previously and why did I switch?

Not reliable for long term -- seem inferior quality

How was the initial setup?

Depends on the product and the knowledge. Cisco firewalls can be difficult at first but once learned it's fine.

What about the implementation team?

Me, I implemented the firewalls, Cisco switches and routers.

What was our ROI?

100% in some installations it exceeded the time predicted to keep up with the work load.

Which other solutions did I evaluate?

Netscreen, Netgear, Checkpoint, others..

What other advice do I have?

Plan well the hardware requirements for future growth and heavy usage.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user4401 - PeerSpot reviewer
it_user4401Developer at a transportation company with 1,001-5,000 employees
Vendor

Can you tell me, please, how does an ASA learn about the MAC address of the host? Thank you.

PeerSpot user
Senior Network Engineer at a tech services company with 1,001-5,000 employees
Consultant
The new NAT configuration is difficult to understand. The ASDM has significantly improved over the years.

Valuable Features

The ASDM has significantly improved over the years. Real-time logging and filtering is useful. Firewall rules are easy to understand, and enable/disable.

Room for Improvement

Change from Java for ASDM to HTML5. Better options to enable/disable site-to-site VPN tunnels.

Use of Solution

8 years

Deployment Issues

The new NAT configuration is difficult to understand especially for people familiar with the pre v8.3 code.

Customer Service and Technical Support

Customer Service:

Cisco TAC is good. They will set up a remote viewing session so they can work on the firewall as if they are sitting next to you.

Technical Support:

Typically fast and useful.

Implementation Team

In-house team.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.