Cisco Secure Firewall Reviews

It's a great solution that amalgamates a firewall and VPN into one device. It also has a well organized GUI- ASDM.

• Easy to setup VPNs
• Firewall ACL
• Easy to modify
• Easy to perform maintenance

The ADSM is incompatible with different versions of Java.

I've used it for six years.

I have issues with some versions of Java and ASDM.

Customer Service:

It's high.

Technical Support:

It's high.

I used a Cisco 881 router as a firewall and VPN solution. ASA allows conformity and various amounts of functionality in work.

It can be complex, since a lot of CLI commands are different with respect to the CLI of IOS routers.

We implemented ASA without vendor support. For first time implementation, it is good to have someone with ASA experience involved.

Prices could be a little bit lower to make the product more accessible.

VPN - Both site to site (IPsec) and remote access (IPsec and SSL).

Through the use of VPNs, we were able to connect our branches together through the internet without the any additional cost.

• Throughput
• Price

Since 2008, so seven years, and I have been a heavy/daily user, and all of my jobs were related to network security.

No issues encountered.

Sometimes, due to software bugs, but in the long run the ASA is a very stable product when compared to other vendors firewall solutions.

One of the major disadvantages with the ASAs is the throughput, while the network evolves, the ASA was usually causing the bottle neck.

Customer Service:

It's very good when compared to other vendors.

Technical Support:

It's very good when compared to other vendors.

Mainly switching from the old Cisco PIX to a new Cisco ASA. The reason for switching is to get a higher throughput, and due to the fact the that the Cisco PIX went EoL.

It requires training, but after that it is straight forward.

I work for a vendor, and we implement the solution for multiple customers.

Yes, and we chose Cisco ASA mainly due to the fact that they have a very good, reliable and very responsive technical customer support.

I have worked on the best firewalls in the market, and Cisco ASA is one of the best.

The below screenshots are taken from a demo of ASDM.

There are a lot of companies who create firewalls but there is not a single one which can compete with ASA. It can have access control from layer 3 to layer 7. The ASA 5510 is more than enough for small to medium business. It has dedicated GUI interface which is known as ASDM, a beautiful tool to manage ASA. You can use ASA to route traffic. AAA service supports plenty of Authentication server types. You can configure advanced NAT in this device. It uses Modular Policy Framework (MPF) to inspect traffic. You can inspect traffic at different layers separately. You can use this as a transparent firewall & fail over is instant. The virtualization works beautifully for this device. VPN is another added advantage.All the types of VPNs are managed through ASA.

The 5505 does not support multiple mode. While running this device on multiple mode you cannot use dynamic routing protocols or multicast routing. Also the IPSEC and SSL VPNs are not supported while running in multiple mode. sometimes analysis might take too long while performing DPI in real-time traffic. The product is expensive. A 5580 series costs more than $50000.

Its very difficult to write something about this product as it has so many options. I have studied 1000 pages about this product and most of the organizations use this firewall as it is the best in the world. I have never seen such a powerful device which can handle 2 million connections at 20Gbps speed. It can also inspect 4 million packets per second.

We use Cisco ASA Firewall to protect different sites at a protocol level. We also use it for antivirus and bot protection.

I think Cisco ASA Firewall is the most stable firewall solution.

The price can be better.

I've been using Cisco ASA Firewall for the last ten years.

I think they're all are stable. I've never seen a firewall that's unstable.

I'm satisfied with their technical support.

It's easy for me to configure one because I have firewall configuration certifications. I don't know what someone with nothing in terms of experience would be able to do. 

It normally takes me a week to implement and deploy. I normally need a week and three people to do maintenance.

I used to implement it several years ago, but now I ask our engineer to do it.

Cisco ASA Firewall should be cheaper.

I would recommend Cisco ASA Firewall to potential users. 

On a scale from one to ten, I would give Cisco ASA Firewall an eight.

Public Cloud

We offer publishing services. It depends on our business, but we use this solution for security.

ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security.

Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering.

Three to five years.

• VPN services
• IDS/IPS services using Firepower
• Provides perimeter and internal firewall services.

We provide managed services based on the Cisco ASA product. The brand is reassuring to customers when procuring our services.

• VPN
• Firewall
• IDS/IPS

These features allow us to deliver services to meet client needs across various industry verticals.

MSSP oriented interface: I would like a single console which would allow me to manage settings creating consistency across all customers.

Less than one year.

We use it as a perimiter firewall and do VPNs and filtering.

As a reseller, because Cisco includes different companies like Sourcefire, Meraki, and Talos, I think Cisco has a good portfolio for the security business, with their own devices too. For example, we have our firewall, we have a Web security appliance, things like OpenDNS with Umbrella. I think Cisco can cover with all the platforms.

All the visibility the device gives us as well as management and administration facilities.

It needs better documentation for when we present solutions to non-technical people. They need to bring together all the information, across the various firewalls, so that we can more clearly explain them.

Also, pricing could be better.

It's very stable. 

When we implement a firewall we need to be aware of whether it is growing over a short time period or a long time period. I think the scalability, from our implementation, is good because you can use the same configuration for another platform. If you implement on a small platform, it It is easy to implement the same configuration to another, bigger device.

I think tech support is a large part of Cisco. It's good, it provides support around the clock, answers problems. I would rate it nine out of 10.

SonicWall.

For some things it is very easy, but configuring other things is a little complex. It depends on the use case.

Cisco may be a little expensive but it has everything, and they support very well.

Juniper, Fortinet.

I think Cisco has all the solutions: switching, routing, security, they have wireless. You can cover all the devices with Cisco. They have all the network and engineered tools to help resolve the issues that we have. They are really very good devices.

In terms of advice, I would say Cisco is the best company. They're very stable, there aren't too many issues. And when there is an issue they have many engineers who can solve the problem.

It’s too early to say anything about this, as it’s still under implementation.

Management Console and user profiling to define activities.

As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product.

Still implementing.

Yes, unexpected failure and no RCA provided by the OEM.

Still working on this.

Technical support from OEM is a six out 10, as RCA report has still not been shared to date.

Check Point. We moved to Firepower as an internal firewall to manage internal access and other network load.

Straightforward, two-tire setup.

All our requirements which we need performed by the firewall (e.g. VPN, URL white-listing, or IP based white-listing, etc.) have separate licenses and costs.

Yes, a couple of other of OEMs: Fortinet, Barracuda, etc.

I rate it an eight out of 10, as it’s a new platform. Compared to Cisco ASA, it’s far better, per my usage to date.

Make sure you have an expert resource or subscribe to OEM technical support.