Cisco Secure Firewall Reviews

Our main use case for Cisco Secure Firewall is to protect our RTU traffic, specifically on the operational technology side, for SCADA systems. For our side, we don't have encrypted traffic; for the most part, we have the firewall to protect everything behind it when it comes to RTU traffic, which is remote terminal units.

The visibility and control capabilities of Cisco Secure Firewall benefit our company by making it easier for us to parse through traffic that is denied or allowed through, and that helps us with troubleshooting, so it does help cut down on troubleshooting.

The feature of Cisco Secure Firewall that I prefer the most is the use of ASDM where we visually are able to see all of our traffic when it comes through the firewall. 

Cisco Secure Firewall does a good job unifying policies across our environments because we have many firewalls that have the same rules, so when Cisco Secure Firewalls are able to do that, that's very beneficial.

The fact that unifying policies will help us save time, costs, and be more efficient in general is very important for our company. Unfortunately, the impact of the cloud-delivered firewall on our company's security posture is negligible since we are an air-gapped system, and we do not deal with the cloud infrastructure.

Cisco Secure Firewall does a good job in helping our company implement a zero-trust security model, and it deserves an eight out of ten.

Cisco Secure Firewall could be improved in terms of the GUI and management. It could be more intuitive, as sometimes there might be too many features and buttons that make it harder when we're trying to parse through information. 

To make Cisco Secure Firewall a ten out of ten, improving the documentation of all the features would help significantly. I sometimes feel I'm just searching around on Google for specific configurations compared to Palo Alto, which has more detailed steps.

We've been using Cisco Secure Firewall for about 20 years. We've had it since the whole creation of our RT team.

In terms of stability and reliability, Cisco Secure Firewall is reliable. We haven't had real issues where these firewalls have gone down or anything of that nature, so we're happy with the consistency.

When it comes to the scalability of Cisco Secure Firewall, it scales very efficiently and is easy to implement with the growing needs of our company.

Our experience with customer service or technical support through TAC for Cisco Secure Firewall could be more in-depth instead of going through the first levels. 

We often find ourselves trying to escalate faster because we need timely responses. I would rate the customer service and technical support from Cisco Secure Firewall a six out of ten. They're good and know what they're doing in general. That said, it's not where we want it to be.

We considered Palo Alto before choosing Cisco Secure Firewall, and we do have some Palo Altos on the network to compare. We're mostly using Cisco products in general. I'm aware Palo Alto is a strong competitor when it comes to firewalls.

The deployment is pretty seamless. Sometimes we do have some issues with Palo Alto Fireworks, where when it comes to deploying, it's not as intuitive. It doesn't work correctly, and there are some bugs that come up. So we have to troubleshoot that aspect. Cisco Secure Firewalls is pretty pretty seamless. 

The biggest return on investment when using Cisco Secure Firewall comes from how intuitive it is. The more it's able to identify issues during troubleshooting, the better the ROI we achieve.

I'm not too concerned about the pricing of Cisco Secure Firewall. The pricing is fixed, and we're comfortable with it since pricing doesn't matter as much since we have to purchase it if there's a need for it.

The main differences between Cisco Secure Firewall and Palo Alto come down to the GUI. They are on par when comparing unified policy and how to make things more intuitive for monitoring traffic and creating rules based on that traffic.

We haven't used any new features or functionalities in Cisco Secure Firewall recently. The features work efficiently, and I can't think of anything new that I would want right now.

I would rate Cisco Secure Firewall overall an eight out of ten; it's reliable, and we have no real issues.

Our company's use case for Cisco Secure Firewall is to separate and protect the different server network ranges in our data center and to provide access to and from those services that sit in our data center to users and customers alike. We also use Cisco Secure Firewall on the edge to provide internet access to and from the internet for our business.

The most valuable aspect of Cisco Secure Firewall for me is not a specific feature but the fact that it is quite stable as a firewall overall. It is not too buggy or disruptive when performing our day-to-day operations, and that is the main thing about it.

Centralized management of Cisco Secure Firewall benefits our organization because we have multiple firewalls, but we go to one single page or use the Firewall Management Center to administer policies and make changes. This allows us to see what is going on from a visibility perspective, so all troubleshooting, configuration, and administration of the firewall happens at one single place, which is beneficial.

A single pane of glass for management is available.

One thing I would improve in Cisco Secure Firewall is somehow embedding the capability to use an asterisk-type of firewall rules in the access control policy. An example could be star.google.com; being able to use an asterisk for anything in the subdomain would be beneficial, as I know some of Cisco's competitors allow that on their firewalls, which eliminates the need for an additional appliance to facilitate that component.

I have been using Cisco Secure Firewall for about five years.

Currently, Cisco Secure Firewall has been up and running for about three years since its last reboot, so it is quite stable.

I find the solution to be scalable, especially with the other products that Cisco is developing. For instance, Cisco Secure Cloud now allows us to potentially take the management functions of Cisco Secure Firewall, move it into the cloud, and integrate it with other Cisco security products, managing everything from one single pane.

I have worked with Cisco's customer support.

When it comes to customer support, referring to TAC, I find that Cisco's support stands out. It is very important for us as a business to have that support when needed, and Cisco has often never failed in providing that support.

If I were to rate the support overall from one to ten, I would give it a nine.

While I rate it a nine, to make it a ten, it could be improved based on individual cases. Some support people truly embody Cisco's values in responding and assisting, but there are times when some individuals may not be as helpful as others, leading to a disconnect in the support experience.

Positive

Deploying Cisco Secure Firewalls is quite straightforward, as Cisco provides a lot of available documentation online, extensive support, and training, which makes it easy for engineers and customers to use Cisco products effectively.

The deployment time for Cisco Secure Firewalls varies. Currently, I am going through a refresh where we are replacing older Firepower systems with newer ones, but in the past, it has been relatively simple, typically taking within an hour or two to get everything up and running.

I have been part of the deployment of Cisco Secure Firewalls.

From a return on investment perspective, I think Cisco Secure Firewalls keep our organization safe and protect the organization's image from a governance standpoint. With cybersecurity being a big issue in the world, Cisco Secure Firewalls protect data, the environment, organization, and keep things safe. It is always reassuring for customers to know that the organization I work for invests in products like Cisco Secure Firewall to protect ourselves.

Cisco Secure Firewall is similar to insurance in that it provides peace of mind.

I rate Cisco Secure Firewalls a nine overall. While there are features I think could be added to achieve a perfect ten, I still regard it higher than its competitors. From both a technical and peace of mind perspective, Cisco Secure Firewall is the frontrunner.

I would tell someone considering purchasing Cisco Secure Firewalls that they will not be disappointed. My overall review rating for Cisco Secure Firewall is nine.

Cisco Secure Firewall is used for securing perimeters, such as internal or external perimeters of the network.

I consider a valuable feature of Cisco Secure Firewall to be that it serves its purpose. ASA is nice, but it is outdated now. When it comes to FTD, complexity is one of the things. I am not sure they should build it from scratch.

Cisco Secure Firewall has helped improve my company over the last 15 years. Nowadays, you cannot live without a firewall. We are currently moving to another vendor.

Navigating through Cisco Secure Firewall is not intuitive. Complexity is another significant issue that needs to be addressed.

I have been using Cisco Secure Firewall for 15 years.

Cisco Secure Firewall is working with some bugs and glitches, but it is stable overall. ASA is a super stable firewall, even though it is outdated nowadays. FTD is working fine with some glitches.

Scalability depends on which Cisco Secure Firewall you are buying. For the enterprise level, it is scalable, but not significantly.

I have contacted Cisco support about these issues and opened many TAC cases for the firewalls.

I would evaluate Cisco support as good. Cisco is the best there. However, they need to rebuild this product. I love Cisco products, but when it comes to the firewall, I do not.

We are transitioning to Palo Alto.

I find Palo Alto to be much easier to operate and much more stable. If you want to incorporate FTD with another Cisco product, then you need to go with Cisco to have the full ecosystem. Since we do not have that requirement, we are going to another vendor, which is definitely easier to handle.

I have knowledge about the pricing and licensing.

A couple of days ago, I was working on a project and received a quote for the FTD 1230. For the same level with Palo Alto, even though we had a huge discount with Cisco, it turned out to be more expensive than Palo Alto. The pricing is quite expensive. My overall review rating for this product is 6.

My use case for Cisco Secure Firewall is because the old solution for the VPN access for the employees and also for the external contractors was already out of date, and there was no possibility of somehow prolonging it. So we did the search for a new solution and from the auction and bidding, Cisco Secure Firewall came.

I consider the most valuable aspect of Cisco Secure Firewall to be that we are basically using it only for termination of the VPN, so that's basically the most valuable thing for us.

If I could improve Cisco Secure Firewall in any way, I have no clue, to be honest. I really don't know what to improve. It's working as it should be. Maybe it would be nice to have a better overview regarding the logging, regarding the issues a client can have with the VPN. But I can understand that because the primary feature for the firewall is not the VPN; it's the firewall, but we are not using the firewall.

There is still room to improve. There can be some things that can be better, such as some of the menu and some of the visibility. It's not chaotic, but it's not that user-friendly.

The GUI of Cisco Secure Firewall could improve, as there are better solutions in terms of how they look and how they can be navigated.

I find the solution reliable and stable, and I can say that there is no downtime. As I am used to Cisco products, they are stable and reliable.

I think that what we bought is overkill, but whatever. Basically, it can serve up to 1,000 clients on VPN, so for us it's basically unlimited. The largest number I have seen on the dashboard was 300 users connected on the VPN.

My experience with Cisco customer support has been nice all the time. Sometimes they can take their time, but if they are properly motivated, they can be fast.

If I had to rate their support from one to ten, with ten being best and one being worst, I would give it an eight.

Positive

I evaluated basically the new solution from Pulse Secure, which is now called Ivanti.

The reason we chose Cisco Secure Firewall was more or less politics because Ivanti didn't have the hardware, and they will not have the hardware in the foreseeable future. So we went with the only one who was able to provide it to us.

The deployment of Cisco Secure Firewall was kind of straightforward and was not problematic.

It took us two months, together with the migration, but the thing is that we needed to change the groups and rules and everything in the background. It was more or less up to us, not up to the platform. We needed to change things on our side.

It was internal, not the product's fault. The migration was lengthy.

Regarding the pricing and licensing of Cisco Secure Firewall, it's not up to me.

I know that it was purchased from our partner, from the local distributor.

On a scale of one to ten, with ten being best and one being worst, I would rate Cisco Secure Firewall overall with my past experience as nice. Because I cannot say it was good, from the point of view when I was able to look through Cisco Secure Firewall, it was nice. The FTD, the Firepower Threat Detection, is really mature, but the former ASA was a pain in the ass.

The former ASA was a pain in the ass because when someone is used to the Cisco way, the ASA was a strange thing. My overall rating for this product is 8 out of 10.

My main use cases for Cisco Secure Firewall include revamping old networks, security, content filtering, amp protection, et cetera.

Cisco Secure Firewall is easy to configure, and you can do it all in one pane of glass. It is really simple to configure. The solution allows my junior admins to go into the dashboard and look at any issues or reconfigure any features that need to be tweaked without me physically having to be there.

I have been using the assurance feature in Cisco Secure Firewall recently, and I am starting to see that it is a lot more beneficial for me, with all the analytics and reporting that it provides. 

Cisco Secure Firewall allows us to pinpoint exactly where the packets are being delivered or dropped, and we are able to identify issues quicker than with other models or other vendors.

I assess Cisco Secure Firewall's ability to unify policies across my environment as having ease of building. We need to be able to scale and deploy without running a bunch of commands, especially when managing multiple locations acting as separate entities. It is important to my organization since our team is really small. As an engineer, it is just myself and a few juniors. I can verbally tell them to look at specific things or deploy certain features. It gives them the confidence to touch a firewall without being insecure.

The impact of the cloud-delivered firewall on my organization's security posture is very important. It allows us to place certain policies compared to the old infrastructure that is currently in there, with outdated hardware. It allows us to control the firmware and deploy the firmware. In evaluating Cisco Secure Firewall, I find that it helps us implement a zero-trust security model by allowing us to create one policy and deploy it across all of our networks versus multiple agents. Cisco Secure Firewall is very helpful and convenient for me.

I faced challenges moving away from the MS switches to the CS switches, as it is a little different. I am experiencing some small issues with IP reservations, however, I am working with the Meraki engineers to work around or configure it the next day. 

Regarding stability and reliability, I have experienced false negative alerts with the CS models, which indicate that my switch has gone down when in reality, it has not. That is a fix that is needed.

I would say I have been using Cisco Secure Firewall for the past two months.

Regarding stability and reliability, I have experienced false negative alerts with the CS models, which indicate that my switch has gone down, but in reality, it has not. That is a fix that is needed.

Cisco Secure Firewall scales tremendously with the growing needs of my organization. I know in the future we are going to start deploying SD-WAN and other applications that will require all of our clinics to connect to our HQ, and deploying Meraki will make their IPsec tunnels very seamless.

I evaluate customer service and technical support based on productivity. If I can reduce ticketing by 10% to 20% by deploying these solutions, I consider or job done. 

On a scale of one to ten, I would rate the customer service and technical support of Cisco a ten. There is always someone on call. They are very thorough; they know the product and work with you to resolve issues. That is important for me.

Positive

Prior to adopting Cisco Secure Firewall, I was using different solutions at various locations. As we transition and take on these clinics, we have anywhere from home networks, where someone's uncle installed something, to very outdated firewalls. When we come in and present Meraki and what it can do, it becomes a done deal.

My experience with the deployment of Cisco Secure Firewall has been awesome.

I come in when they have the old network and deploy it. I install a cabinet and new drops. I configure the Meraki gear onto their old network side by side. 

Especially during downtime, I can plug the firewall into that rack to get the external IP configured. Once my ISP comes in, I apply those IP addresses to the firewall.

I have seen a return on investment with Cisco Secure Firewall.

I handle pricing, setup costs, and licensing with our vendors. I contact our vendors, we go over the pricing and the licensing. I make sure they get all the proper codes. As I purchase and license these firewalls, it is all in one place and easy to read and do.

Before selecting Cisco Secure Firewall, I considered Fortinet, which was probably one of the bigger competitors, and SonicWall. We thrive in the Meraki policy. What stood out to me in the evaluation process, compared to other options, was the ease of deployment, the dashboard, being able to manage everything in one place, and Meraki support.

I did not purchase the product on AWS Marketplace.

My advice to other organizations considering Cisco Secure Firewall is to make sure they plan for their organization. Plan for your growth, a three-year growth, and then scale your solutions accordingly. 

On a scale of one to ten, I would rate Cisco Secure Firewall overall a solid ten.

We are deploying Cisco Secure Firewall for customers in the cloud, on-premise, or all around, depending on the customer. We have small customers that are migrating to the cloud, so we have to deploy virtual firewalls as well as on-premise solutions for both large-scale and small-scale operations.

The best return on investment when using Cisco Secure Firewall is the visibility. From my point of view, the best return on investment is the visibility. With Firepower Management and the FMC, you are able to really see everything that's going on in your network.

From my point of view, the stability and reliability of the product is quite good. The firewall sensors and the management are quite stable. We are encountering some problems, but mostly when you implement the solution correctly, you don't have any problems besides hardware failure, which is really rare. 

Scalability for Cisco Secure Firewall is a good point. It's hard to say because mostly we are consulting and planning together with the customer. If they can see upfront or if they know when they have to scale big, then we can scale with them. I think the appliances are well scaled for the use of the customer.

I have a lot of experience with the customer service and technical support of Cisco. Recently, we managed to get one of the Cisco engineers to connect with us to solve some customer problems.

My experience with the customer service and technical support of Cisco is quite excellent. The engineers are top-notch and they know what they are doing. They are really experts in their field.

Regarding customer service, I'm not as familiar with that aspect. However, with the technical support, when you know the right people and when you really have problems which you can't solve on your own, they are behind you and they can help you mostly.

Negative

I have worked with other solutions in the past, different ones. The vibe which is in Cisco equipment caught me from the early days. When I started, the first security appliance I saw was Cisco PIX. I worked sometimes with Cisco ASA, and this was all before I came to Bechtle. Now I'm where I want to be.

Deploying Cisco Secure Firewall is getting easier, so I would describe the experience as straightforward. You are now able to preconfigure the appliances to send out, so you don't need engineers on site. In some cases, you can preconfigure and send it to the customer, and the customer is able to plug it in and it has access to WAN or to the internet. You are up and can run the system. I would rate Cisco Secure Firewall overall as an eight or a nine out of ten.

This is mostly the system I'm working with, so I do work with other solutions other than Cisco Secure Firewall, but we do have other teams working with other vendors. We are at a point where things are getting more and more complicated and you need more and more knowledge to do the implementation correctly. My goal is to do Cisco and to do it the best I can and do it properly.

I'm mostly on the implementation side, so pricing, the setup cost, and the licensing are not really my part in the business. I hear it's quite expensive, but the service you get is worth it. When you invest so much, you will get a lot of service. About licensing, I don't have experience with other vendors regarding licensing, so I would say the licensing is quite good. I'm not sure if there are any other downsides, so I consider it acceptable.

Our company's use case involves integration with Cisco Secure Firewall for our clients, typically for remote access VPN. The purpose of our remote access VPN integration is to connect with Duo. We also perform integration with Cisco ICE and integration directly with the firewall.

The most valuable feature of Cisco Secure Firewall for me relates to the remote access VPN, because companies need multi-factor authentication. The selling point of the product revolves around multi-factor authentication for VPNs. I have implemented this with Cisco firewall, Cisco ICE, and Palo Alto integration with Duo.

If I could improve the product in any way to make it better for my clients, that would be beneficial. For now, everything is fine from my perspective, although there may be room for improvement that I have not yet identified.

I have been using Duo for two years.

I find Cisco Secure Firewall to be stable and scalable. It is reliable. The solution has experienced downtime.

I have worked with Cisco support. My experience with Cisco support is fine. When I need to open a case, I have done so. I did not contact Duo support, but I did contact support for Cisco firewall and Cisco ICE. I did not work with an engineer for Duo.

They are responsive. In general, it takes them two to three hours to get back to me. When they need to search for something, it may take a day.

Negative

Deploying Duo is quite simple because Duo has very good documentation for all integrations. It typically takes a couple of days to deploy because we need to schedule meetings with our clients. When we gather all the information, we can integrate it, then test it and put it in production.

I have experience with the implementation.

The benefit of using this integration for our company is that clients want solutions from us. Our clients need to find a solution for multi-factor authentication, and we recommend them to use Cisco Secure Firewall with Duo. We integrate that with their firewalls or AAA servers. Cisco Secure Firewall integrates well. I am not involved with pricing and licensing concerns, as our company has a sales team who handles that. My company is a partner. I rate this product ten out of ten.

We have two deployment models for the use case: one is a perimeter firewall and one is a data center firewall. If you have a perimeter, you will position Cisco Secure Firewall as a perimeter firewall; it fits more in data as a data center firewall because in a data center firewall, you are inspecting incoming traffic and you need a very good IPS, so Cisco Secure Firewall is very effective as a data center firewall.

The best feature in Cisco Secure Firewall is the stability; we have a stable product with no lagging or crashing, unlike others. Additionally, the IPS is the next-generation IPS from Cisco, which has many features and many signatures with updated signatures for my IPS.

I switched to Cisco Secure Firewall to get very good IPS signatures and next-generation IPS; that is a market leader from Cisco.

The stability is very good. I do not experience any downtime, crashes, or performance issues; that is the best feature from Cisco Secure Firewall.

Most of the time, Cisco provides features on some versions and the updated versions will move them; for example, we can do firewall policies based on users, which is from Active Directory. It should be from Cisco ISE, so it is a very bad drawback from Cisco Secure Firewall. Not all customers have Cisco ISE, and we need to integrate to make a policy on users, not just by IP, but with users also. We had integration before with LDAP and Active Directory, but on some versions, Cisco requires us to do it through Cisco ISE.

I have five years of experience with Cisco Secure Firewall overall.

The stability is very good. I do not experience any downtime, crashes, or performance issues; that is the best feature from Cisco Secure Firewall.

Cisco Secure Firewall is providing scalability. I rate the scalability as a number 10.

Positive

I rate the technical support a number 10.

Positive

Compared to Fortinet, we have a complex configuration, but we still have a stable product rather than Fortinet's product.

Cisco Secure Firewall requires maintenance. Maintaining it is slightly complex; it is not easy or very easy.

I am a customer. It was purchased through a partner. I was satisfied with my experience with the partner.

I have seen a return on investment of 50.

The pricing for Cisco Secure Firewall is very good, and we got many discounts from them.

Cisco Secure Firewall is deployed on-premises. We have a team of four users using the solution. I rate this review a 10.