Cisco Secure Firewall Reviews

It provides the firewall and security for our edge network.

We are using a really old ASA device that is at end-of-life, so we're replacing it.

The most valuable feature is the access control list (ACL). 

This is an older product and has reached end-of-life.

We have been using Cisco ASA for probably ten years.

This is a very stable product.

We're just a small company, so we have not had to scale it.

The technical support is definitely very good.

The initial setup was very straightforward.

Just one person is required for maintenance.

My advice for anybody who is implementing Cisco ASA is that it is not very difficult to deploy and not very difficult to understand how to continue adding more rules to it.

I would rate this solution an eight out of ten.

I have deployed Cisco ASA as a terminator firewall. Normally, I would have preferred to have a sandwich configuration for firewalls: One possible firewall that would make an internal firewall and another for an external firewall. 

Cisco ASA is best suited for our external firewall protection.

• Its VPN and ASN features are very stable. 
• It is easy to configure. 

In terms of next-generation capabilities, Cisco is a little behind. It is way behind leaders like Palo Alto, Check Point and Fortinet. While Cisco is headed in the right direction, it will take several years for it to get there.

When I need support, Cisco has provided quality support. I like working with them because of their support system.

The setup was straightforward. I was happy with the configuration and deployment of the solution, as it was quick.

It is our firewall solution. We connect to other locations, as well as use programs in-house.

The most valuable feature is the security that it provides our company and users.

Furthermore, our company uses it for making rules for the bank to connect to our server in the DMZ, which is a security challenge.

It needs improvement as a "Next-Generation" firewall solution. In addition, it needs to be more user-friendly. 

There is no downtime, and it is working great. 

It is scalable. We have had no issues. 

The initial setup was complex. But, after that, to maintain and keep creating rules it was easy.

We evalutated Cisco ASA vs Fortinet FortiGate VM.

I have been using this product for over ten years. Most of the features fulfill my requirements. It protects our network.

The most valuable feature is the section payover. But, I think that kind of function may also come from similar products. In addition, they have the integrated IDS/IPS source powered modules. This is a new screen for us, and it is also very useful.

More than five years.

The stability of the product is good.

The scalability of the solution is OK for me. It basically fulfills my requirement.

I would rate the technical support a rating of seven out of ten.

I always consider the stability and scalability of a product when choosing a vendor.

The cost is a bit high compared to other solutions in the market.

We have looked at Juniper, Palo Alto and other brands.

We like that Cisco has a lot of experience on the market trends.

Remote network access: We primarily use ASA for VPN, NAT, PAT routing, SLA, and multiple ISP providers.

Ease of configuration: It has gotten a lot easier to configure compared to the original Cisco Pix.

ASDM provides GUI for configurations. ASDM has made configuring ASA easy. No need to memorize CLI commands.

• UTM features would be nice or some NextGen features. 
• The ASA has become a bit old and needs updating.

I have been using the 5510 a lot, and have been working with it for many years. I have also used the 5505 and other firewalls.

It is much better than most of the other firewalls that I have worked with.

It needs more tunneling capabilities. 

It is worth every penny that we have invested in it.

Starting in version 9.7 you could track a login history for audit purposes and, in 9.8, you are able to do active/backup HA with ASAv (Adaptive Security Virtual Appliance) deployed on MS Azure.

There is always room for improvement in virtually anything. However, the relatively new Firepower Threat Defense image (mix of ASA and Sourcefire network security) fills a lot of gaps and features that were missing on ASA. Moreover, with FMC (Firepower Management Console) you can complement it with even more admin and reporting capabilities for the entire platform.

No stability issues.

No scalability issues.

Excellent.

New version comes with initial setup tutorial, with very nice security policies baseline, set up by default.

Be sure of what features you are going to utilize to add/remove some from new bundles.

Best value will always be delivered by adding FMC (Firepower Management Console); at least their virtual edition.

Cisco ASA's CLI is very effective and fast to configure the firewall and make changes, but monitoring logs and connections can be eye bothering by reading all the line outputs. ASDM, however, have improved the overall ASA configuration from an GUI standpoint. I really enjoy the log monitor where I can see live logs in a more user friendly interface. The down side of ASDM is that it is build with JAVA and that means a lot vulnerabilities and it does not always work with the latest JAVA version and/or patches.

The packet tracer function, which I use the most, have provided me a packet flow through the firewall and see which rule or policy can cause a drop. Also, I can see if my NAT statement is working properly. This has allowed me to quickly troubleshoot potential firewall related issues for my organization.

L7 firewall is a key for the ASA to be competitive in the current and future market place. By integrating with SourceFire, now call FirePower, on the ASA has helped it to get into the next-generation firewall segment.