Remote network access: We primarily use ASA for VPN, NAT, PAT routing, SLA, and multiple ISP providers.
Manager at SAP
A nice GUI, but poor performance
Pros and Cons
- "Cisco ASA has an okay CLI with a nice GUI."
- "It has poor performance."
Cisco ASA has an okay CLI with a nice GUI, but has poor performance.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Tehcnician at Belize Telemedia Limited
ASDM has made configuring ASA easy. No need to memorize CLI commands.
Pros and Cons
- "ASDM provides GUI for configurations. The ASDM has made configuring ASA easy. No need to memorize CLI commands."
- "Ease of configuration: It has gotten a lot easier to configure compared to the original Cisco Pix."
- "The ASA has become a bit old and needs updating."
- "UTM features would be nice or some NextGen features."
What is our primary use case?
How has it helped my organization?
Ease of configuration: It has gotten a lot easier to configure compared to the original Cisco Pix.
What is most valuable?
ASDM provides GUI for configurations. ASDM has made configuring ASA easy. No need to memorize CLI commands.
What needs improvement?
- UTM features would be nice or some NextGen features.
- The ASA has become a bit old and needs updating.
For how long have I used the solution?
One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Cisco Secure Firewall
November 2024
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.
Regional Manager - Pre Sales at a tech services company with 51-200 employees
Helps us to identify key, persistent threats so we can set policies accordingly
Pros and Cons
- "Its in-depth monitoring and analysis help us to make better decisions and policies."
- "Integration aspects and traffic shaping need improvement."
- "Initial setup can be complex. It is complex. We have to set up ASA, SFR module, and FMC separately, which sometimes requires extensive troubleshooting, even for smaller issues."
How has it helped my organization?
It helps us to identify key, persistent threats so we can set policies accordingly.
What is most valuable?
In-depth monitoring and analysis. It helps us to make better decisions and policies.
What needs improvement?
- Integration aspects
- Traffic shaping
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
Initially there were some stability issues, but in the long-run no.
What do I think about the scalability of the solution?
It requires additional licensing to enable 10G ports.
How is customer service and technical support?
Technical support is very good.
How was the initial setup?
It is complex. We have to set up ASA, SFR module, and FMC separately, which sometimes requires extensive troubleshooting, even for smaller issues.
Which other solutions did I evaluate?
We evaluated Huawei, briefly.
What other advice do I have?
It is a good datacenter firewall, as they have now overcome integration issues with latest versions.
Disclosure: My company has a business relationship with this vendor other than being a customer: Cisco Premier Partner.
Network and System Engineer at a non-tech company with 201-500 employees
IPS features can be accessed from a separate interface
What is most valuable?
I enjoy the interface of Cisco products, especially the CLI version. I think the IPS feature in the product is best compared to products of other vendors. All the IPS features can be accessed from a separate interface, e.g., Cisco IDM.
How has it helped my organization?
We are an educational institute, and we are required to block many websites that are not suitable for students and teachers. Most of the sites, like YouTube uses an https version, thus blocking with IP address was becoming problematic. Moreover, certificate domains for Gmail and YouTube are the same. But the IPS feature in this product helps us to overcome this limitation.
What needs improvement?
Pricing of this product needs improvement.
For how long have I used the solution?
I have used this solution for two years.
What do I think about the stability of the solution?
I did not encounter any issues with stability.
What do I think about the scalability of the solution?
I did not encounter any issues with scalability.
How are customer service and technical support?
I would give technical support a rating of a nine out of 10.
Which solution did I use previously and why did I switch?
I worked with Cyberoam and Fortinet UTM at my previous job. When I joined my present company, they were already using the Cisco ASA solution. But my present company may switch to other vendors, especially Fortinet, because of the license renewal price.
How was the initial setup?
As I enjoy working on CLI, I would say that the initial setup was not complex.
What's my experience with pricing, setup cost, and licensing?
License and appliance costs are more expensive as compared to other vendors on the market.
What other advice do I have?
If your company is small or mid-range, it is better to go with other vendors, because of the pricing.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ICT Manager - Network Operations at a healthcare company
Pricing is competitive and licensing cost is on the higher side for non-profit organizations.
What is most valuable?
Firewall, VPN and Single Sign On.
How has it helped my organization?
Remote Access and SSO Authentication.
For how long have I used the solution?
One year.
What do I think about the stability of the solution?
No.
What do I think about the scalability of the solution?
Not yet.
How are customer service and technical support?
Good.
Which solution did I use previously and why did I switch?
Watchguard Firewall. Switched due to license cost.
How was the initial setup?
A bit complex compared to Watchguard Firewall.
What's my experience with pricing, setup cost, and licensing?
Pricing is competitive but licensing cost is on the higher side for non-profit organizations.
Which other solutions did I evaluate?
If so, which ones? Yes, Checkpoint, Juniper, Cyberoam.
What other advice do I have?
Cisco is good. Look at your requirements and create a matrix to figure out the best option.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Network & Data Communication Engineer at a tech services company with 201-500 employees
Most valuable features are Security, Routing and NAT.
What is most valuable?
Security, Routing and NAT.
How has it helped my organization?
Gives flexibility and several deployment options.
What needs improvement?
Some default inspection rules need better tuning. Focus development on CLI version.
For how long have I used the solution?
11 years.
What do I think about the stability of the solution?
Rarely.
What do I think about the scalability of the solution?
Yes, before Clustering was introduced.
How are customer service and technical support?
Nine out of 10.
Which solution did I use previously and why did I switch?
Yes. We changed for no special reason, just to mix things up.
How was the initial setup?
Yes, but you need to read and understand how the device functions before deployment.
What's my experience with pricing, setup cost, and licensing?
Like with all vendors, know what options you require and request the proper license accordingly. Prices are on the same level as competitors.
Which other solutions did I evaluate?
Not really, as all firewalls do most of what enterprises look for. What matters most is the after sales support.
What other advice do I have?
Read, read, read and understand your requirements beforehand.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Corporate Information Security Officer
A standard rule based firewall that has solved many remote access problems.
What is most valuable?
It's a standard rule based firewall for us. The AnyConnect VPN has solved a lot of remote access problems. High availability is good. It will fall back to the other ASA without any disruptions.
How has it helped my organization?
It has secured our DMZ.
What needs improvement?
I would like to see the following made easier:
- Objects
- Removing objects
- Correlating access rules and AnyConnect ACLs
Sometimes we suffer from older versions, such as objects, object groups, and aliases (name).
For how long have I used the solution?
We have been using the solution for nine years.
What do I think about the stability of the solution?
We did not encounter any stability issues.
What do I think about the scalability of the solution?
We did not encounter any scalability issues.
How are customer service and technical support?
The technical support is good.
Which solution did I use previously and why did I switch?
We used Cisco PIX.
How was the initial setup?
I can't really remember the setup. It was too long ago.
What's my experience with pricing, setup cost, and licensing?
We bought the solution, so there were no real recurring costs at that time.
Which other solutions did I evaluate?
We didn't evaluate any alternative products.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Technical Consultant - Network and Security at a tech services company with 51-200 employees
It provides our company with security and protection on all our devices, but we had some issues during deployment.
Valuable Features
- It provides our company with security and protection on all our devices.
- It's highly available.
Improvements to My Organization
We're able to implement best security practices to secure our company data.
Use of Solution
We've used it for over seven years.
Deployment Issues
We had some issues during deployment.
Stability Issues
No issues encountered.
Scalability Issues
No issues encountered.
Customer Service and Technical Support
Customer Service:
Customer service is excellent.
Technical Support:Technical support is excellent.
Initial Setup
It was a little complex, but not so much that we couldn't figure it out.
Implementation Team
I was the implementor for a client.
ROI
It's excellent.
Other Solutions Considered
Depends on the customer's budget, but we evaluate all vendors that meet the them. It's a mission-critical product.
Other Advice
I give it a thumbs up.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
Sophos XG
Palo Alto Networks NG Firewalls
Azure Firewall
Check Point NGFW
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Untangle NG Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Fortinet FortiOS
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between Cisco ASA And Fortinet FortiGate?
- Cisco Firepower vs. FortiGate
- How do I convince a client that the most expensive firewall is not necessarily the best?
- What are the biggest differences between Cisco Firepower NGFW and Fortinet FortiGate?
- What Is The Biggest Difference Between Cisco Firepower and Palo Alto?
- Would you recommend replacing Cisco ASA Firewall with Fortinet FortiGate FG 100F due to cost reasons?
- What are the main differences between Palo Alto and Cisco firewalls ?
- A recent reviewer wrote "Cisco firewalls can be difficult at first but once learned it's fine." Is that your experience?
- Which is the best IPS - Cisco Firepower or Palo Alto?
- Which product do you recommend and why: Palo Alto Networks VM-Series vs Cisco Firepower Threat Defense Virtual (FTDv)?