It's a great solution that amalgamates a firewall and VPN into one device. It also has a well organized GUI- ASDM.
System/Network administrator at a computer software company with 501-1,000 employees
We have issues with some versions of Java, but it does amalgamate the firewall and VPN.
What is most valuable?
How has it helped my organization?
- Easy to setup VPNs
- Firewall ACL
- Easy to modify
- Easy to perform maintenance
What needs improvement?
The ADSM is incompatible with different versions of Java.
For how long have I used the solution?
I've used it for six years.
Buyer's Guide
Cisco Secure Firewall
April 2025

Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.
What do I think about the stability of the solution?
I have issues with some versions of Java and ASDM.
How are customer service and support?
Customer Service:
It's high.
Technical Support:It's high.
Which solution did I use previously and why did I switch?
I used a Cisco 881 router as a firewall and VPN solution. ASA allows conformity and various amounts of functionality in work.
How was the initial setup?
It can be complex, since a lot of CLI commands are different with respect to the CLI of IOS routers.
What about the implementation team?
We implemented ASA without vendor support. For first time implementation, it is good to have someone with ASA experience involved.
What's my experience with pricing, setup cost, and licensing?
Prices could be a little bit lower to make the product more accessible.
Disclosure: My company has a business relationship with this vendor other than being a customer: We're a Cisco Partner.
Network Security Engineer at a tech services company with 1,001-5,000 employees
There are some stability issues due to software bugs, but in the long run the devices are very stable.
What is most valuable?
VPN - Both site to site (IPsec) and remote access (IPsec and SSL).
How has it helped my organization?
Through the use of VPNs, we were able to connect our branches together through the internet without the any additional cost.
What needs improvement?
- Throughput
- Price
For how long have I used the solution?
Since 2008, so seven years, and I have been a heavy/daily user, and all of my jobs were related to network security.
What was my experience with deployment of the solution?
No issues encountered.
What do I think about the stability of the solution?
Sometimes, due to software bugs, but in the long run the ASA is a very stable product when compared to other vendors firewall solutions.
What do I think about the scalability of the solution?
One of the major disadvantages with the ASAs is the throughput, while the network evolves, the ASA was usually causing the bottle neck.
How are customer service and technical support?
Customer Service:
It's very good when compared to other vendors.
Technical Support:It's very good when compared to other vendors.
Which solution did I use previously and why did I switch?
Mainly switching from the old Cisco PIX to a new Cisco ASA. The reason for switching is to get a higher throughput, and due to the fact the that the Cisco PIX went EoL.
How was the initial setup?
It requires training, but after that it is straight forward.
What about the implementation team?
I work for a vendor, and we implement the solution for multiple customers.
Which other solutions did I evaluate?
Yes, and we chose Cisco ASA mainly due to the fact that they have a very good, reliable and very responsive technical customer support.
What other advice do I have?
I have worked on the best firewalls in the market, and Cisco ASA is one of the best.
The below screenshots are taken from a demo of ASDM.
Disclosure: My company has a business relationship with this vendor other than being a customer: Golden Cisco Partner
Buyer's Guide
Cisco Secure Firewall
April 2025

Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.
Infrastructure Expert at a tech company with 51-200 employees
The most powerful and expensive firewall
Valuable Features:
There are a lot of companies who create firewalls but there is not a single one which can compete with ASA.
It can have access control from layer 3 to layer 7.
The ASA 5510 is more than enough for small to medium business.
It has dedicated GUI interface which is known as ASDM, a beautiful tool to manage ASA.
You can use ASA to route traffic.
AAA service supports plenty of Authentication server types.
You can configure advanced NAT in this device.
It uses Modular Policy Framework (MPF) to inspect traffic.
You can inspect traffic at different layers separately.
You can use this as a transparent firewall & fail over is instant.
The virtualization works beautifully for this device.
VPN is another added advantage.All the types of VPNs are managed through ASA.
Room for Improvement:
The 5505 does not support multiple mode.
While running this device on multiple mode you cannot use dynamic routing protocols or multicast routing.
Also the IPSEC and SSL VPNs are not supported while running in multiple mode.
sometimes analysis might take too long while performing DPI in real-time traffic.
The product is expensive. A 5580 series costs more than $50000.
Other Advice:
Its very difficult to write something about this product as it has so many options.
I have studied 1000 pages about this product and most of the organizations use this firewall as it is the best in the world. I have never seen such a powerful device which can handle 2 million connections at 20Gbps speed. It can
also inspect 4 million packets per second.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Program director at a tech consulting company with 201-500 employees
A stable firewall solution with antivirus and bot protection
Pros and Cons
- "I think Cisco ASA Firewall is the most stable firewall solution."
- "The price can be better."
What is our primary use case?
We use Cisco ASA Firewall to protect different sites at a protocol level. We also use it for antivirus and bot protection.
What is most valuable?
I think Cisco ASA Firewall is the most stable firewall solution.
What needs improvement?
The price can be better.
For how long have I used the solution?
I've been using Cisco ASA Firewall for the last ten years.
What do I think about the stability of the solution?
I think they're all are stable. I've never seen a firewall that's unstable.
How are customer service and technical support?
I'm satisfied with their technical support.
How was the initial setup?
It's easy for me to configure one because I have firewall configuration certifications. I don't know what someone with nothing in terms of experience would be able to do.
It normally takes me a week to implement and deploy. I normally need a week and three people to do maintenance.
What about the implementation team?
I used to implement it several years ago, but now I ask our engineer to do it.
What's my experience with pricing, setup cost, and licensing?
Cisco ASA Firewall should be cheaper.
What other advice do I have?
I would recommend Cisco ASA Firewall to potential users.
On a scale from one to ten, I would give Cisco ASA Firewall an eight.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
student at MC
Manual deep bracket inspection is required to use web filtering. ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security
Pros and Cons
- "ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security."
- "Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering."
What is our primary use case?
We offer publishing services. It depends on our business, but we use this solution for security.
What is most valuable?
ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security.
What needs improvement?
Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering.
For how long have I used the solution?
Three to five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Enterprise Manager at One Advanced
Provides perimeter and internal firewall services, but needs an MSSP oriented interface
Pros and Cons
- "VPN, firewall, and IDS/IPS allow us to deliver services to meet client needs across various industry verticals."
- "MSSP oriented interface: I would like a single console which would allow me to manage settings creating consistency across all customers."
What is our primary use case?
- VPN services
- IDS/IPS services using Firepower
- Provides perimeter and internal firewall services.
How has it helped my organization?
We provide managed services based on the Cisco ASA product. The brand is reassuring to customers when procuring our services.
What is most valuable?
- VPN
- Firewall
- IDS/IPS
These features allow us to deliver services to meet client needs across various industry verticals.
What needs improvement?
MSSP oriented interface: I would like a single console which would allow me to manage settings creating consistency across all customers.
For how long have I used the solution?
Less than one year.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Pre-sales engineer with 51-200 employees
Provides visibility as well as management and administration capabilities
What is our primary use case?
We use it as a perimiter firewall and do VPNs and filtering.
How has it helped my organization?
As a reseller, because Cisco includes different companies like Sourcefire, Meraki, and Talos, I think Cisco has a good portfolio for the security business, with their own devices too. For example, we have our firewall, we have a Web security appliance, things like OpenDNS with Umbrella. I think Cisco can cover with all the platforms.
What is most valuable?
All the visibility the device gives us as well as management and administration facilities.
What needs improvement?
It needs better documentation for when we present solutions to non-technical people. They need to bring together all the information, across the various firewalls, so that we can more clearly explain them.
Also, pricing could be better.
What do I think about the stability of the solution?
It's very stable.
What do I think about the scalability of the solution?
When we implement a firewall we need to be aware of whether it is growing over a short time period or a long time period. I think the scalability, from our implementation, is good because you can use the same configuration for another platform. If you implement on a small platform, it It is easy to implement the same configuration to another, bigger device.
How are customer service and technical support?
I think tech support is a large part of Cisco. It's good, it provides support around the clock, answers problems. I would rate it nine out of 10.
Which solution did I use previously and why did I switch?
SonicWall.
How was the initial setup?
For some things it is very easy, but configuring other things is a little complex. It depends on the use case.
What's my experience with pricing, setup cost, and licensing?
Cisco may be a little expensive but it has everything, and they support very well.
Which other solutions did I evaluate?
Juniper, Fortinet.
What other advice do I have?
I think Cisco has all the solutions: switching, routing, security, they have wireless. You can cover all the devices with Cisco. They have all the network and engineered tools to help resolve the issues that we have. They are really very good devices.
In terms of advice, I would say Cisco is the best company. They're very stable, there aren't too many issues. And when there is an issue they have many engineers who can solve the problem.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Consultant
Management Console and user profiling to define activities are key features
Pros and Cons
- "Management Console and user profiling to define activities."
- "As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product."
How has it helped my organization?
It’s too early to say anything about this, as it’s still under implementation.
What is most valuable?
Management Console and user profiling to define activities.
What needs improvement?
As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product.
For how long have I used the solution?
Still implementing.
What do I think about the stability of the solution?
Yes, unexpected failure and no RCA provided by the OEM.
What do I think about the scalability of the solution?
Still working on this.
How are customer service and technical support?
Technical support from OEM is a six out 10, as RCA report has still not been shared to date.
Which solution did I use previously and why did I switch?
Check Point. We moved to Firepower as an internal firewall to manage internal access and other network load.
How was the initial setup?
Straightforward, two-tire setup.
What's my experience with pricing, setup cost, and licensing?
All our requirements which we need performed by the firewall (e.g. VPN, URL white-listing, or IP based white-listing, etc.) have separate licenses and costs.
Which other solutions did I evaluate?
Yes, a couple of other of OEMs: Fortinet, Barracuda, etc.
What other advice do I have?
I rate it an eight out of 10, as it’s a new platform. Compared to Cisco ASA, it’s far better, per my usage to date.
Make sure you have an expert resource or subscribe to OEM technical support.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2025
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
Sophos XG
Palo Alto Networks NG Firewalls
Check Point NGFW
Azure Firewall
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Untangle NG Firewall
Fortinet FortiOS
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between Cisco ASA And Fortinet FortiGate?
- Cisco Firepower vs. FortiGate
- How do I convince a client that the most expensive firewall is not necessarily the best?
- What are the biggest differences between Cisco Firepower NGFW and Fortinet FortiGate?
- What Is The Biggest Difference Between Cisco Firepower and Palo Alto?
- Would you recommend replacing Cisco ASA Firewall with Fortinet FortiGate FG 100F due to cost reasons?
- What are the main differences between Palo Alto and Cisco firewalls ?
- A recent reviewer wrote "Cisco firewalls can be difficult at first but once learned it's fine." Is that your experience?
- Which is the best IPS - Cisco Firepower or Palo Alto?
- Which product do you recommend and why: Palo Alto Networks VM-Series vs Cisco Firepower Threat Defense Virtual (FTDv)?
There are companies that can compete with Cisco. Gartner has provided a report from 2012 showing that the new leader in firewalls with a new behavioral approach to firewalls is Palo Alto Networks. Not saying that Gartner has the right reports all the time but this one was correct. So remember that Checkpoint also exists and have been giving Cisco a run for their money. The caveat with Checkpoint is that some ports like X11 have to be hard coded into the top of the ACL in both directions in order to allow the traffic.
Anyone on any given day can beat the number one provider. The shift is now towards behavioral firewalling against unapproved applications and provide protection to the user no matter where they are based on user and not where they are coming from. Stay tuned as more developments come in the security field.