Cisco Secure Firewall Reviews

We primarily use it as a corporate, perimeter firewall for traffic to the internet and back, for surfing. We also have some site-to-site connections with customers.

So far, there hasn't been any breach, so we are very happy.

It has also helped to reduce the operational costs of our firewall. There is a report that is automatically generated. You don't have to search for and prepare everything by yourself. You don't need staff to prepare the information because it is automated. We only go through this report once a week and if there are some special events, we can take care of them.

The next-generation features, like IPS, among others, are the most valuable. IPS is mandatory in modern networks for protection against malicious attacks and network anomalies.

Also, it gives you great visibility when doing deep packet inspection, but you have to do HTTP inspection. If you don't do HTTP inspection, the visibility is not complete. That is the case for every firewall vendor.

The ease of use, when it comes to managing Cisco Firepower NGFW Firewalls, is getting better because the UI is improving. It was a bit cumbersome in previous versions. Checkpoint, for example, has one of the most intuitive user interfaces, and now Cisco is really improving.

The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface. Cisco is getting better and becoming more and more user-friendly.

Cisco needs a more intuitive user interface. When you know what to do, it's easy. Otherwise, you need training. You can install it and do the initial configuration, but if you don't have the proper training it's also possible to configure it the wrong way. If that happens, some things might pass through that you don't know about.

We have been using Cisco Secure Firewall for about five years, from the beginning of the Cisco Firepower 2100 Series.

We were on version 6.2.2 but now we're up to version 7.7.0, and it has really improved. It was not hard to implement but there were many bugs in the earlier version and some were serious, but now it's stable. There are no more bugs. It's really getting better. I would recommend Firepower to every customer now because it's stable. It's a really nice firewall.

The model we have is okay for our environment, so it's scalable. We haven't seen any problems in that regard. There are 50 or 60 devices behind it and about 500 clients. It is used in a very specific environment for a large Slovenian system.

The device has achieved its purpose. We won't implement any other features.

Cisco support is the best, especially if you compare it to other vendors. Cisco may be a bit expensive compared to other vendors, but the support is really good. When you open a case they're really responsive and they resolve every case. This is my personal experience, not only when it comes to Firepower but for the whole Cisco portfolio, which I have been working with since 2005.

Positive

The initial configuration was done within a few hours, but getting all the policies in place took about a month. That was not related to the firewall, it was related to all the requirements from management and from other people as well. But the configuration to get it set up initially was straightforward, nothing special.

My colleagues and I did the deployment. We are an internal team. We are integrators, so we were able to do it by ourselves.

When it comes to XDR, the cost-effectiveness of this firewall depends on the use case because you don't always need XDR functionality. SecureX is included free of charge, so from that point of view, maybe Cisco is not that expensive compared to other vendors.  Other vendors' XDR products are not free of charge. 

But if you just look at just the firewall functionality, Checkpoint is expensive but Cisco is not the cheapest. Fortinet is cheaper.

Where we have seen ROI is due to the support, time savings, ease of management, and the reporting.

Aside from the user interface, which is getting better, Cisco is at the top for functionality and in all other respects. We work with Fortinet, Checkpoint, and we used to work with Juniper, in addition to Cisco.

With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall. They don't give you that direct visibility into the host, such as which operating the host has.

We don't work with Juniper anymore because its user interface is really not okay. You only have the CLI or you have to use Security Director for management, which is very complex and not user-friendly. That is why we abandoned Juniper as a product.

I would rate Cisco at eight out of 10 overall, and Check Point would be a seven. Check Point fields a great solution in this space, but they have very bad support, and support is one of the most important things. Having great blogs doesn't help if support doesn't come through when you need it.

We mainly use it for policy-based VPNs to IPSec one of the businesses. We also use it as a firewall solution for remote VPN users. We have vendors who have access to our VPN solution, and they get a dedicated network.

We can automate the VPN. The build process and how we've standardized it makes it very easy for us to focus on other tasks. We know that an end user can push a button, and the VPN will get built. They only bring us in for troubleshooting or higher-level issues with the other vendor. Because of that program, the ability to use Cisco ASA every time, in the same way, makes our job easy.

Once we started standardizing and using the same solution, we've been able to correlate that so we know what we are doing. We can train even less experienced and newer guys to do the tasks that in turn frees up the higher-level engineers. It has cut out the VPN work for higher-level engineers. They may have been spending ten hours a week previously, and now they may spend ten hours in the quarter.

It has improved our cybersecurity resilience. It has allowed us to see some differences with partners using weaker ciphers, which allows us to validate what we're using and reevaluate it. We put exceptions in cases where we have to. The security risk team is as well aware of those, and they can essentially go back on a buy-in or see if the vendor has upgraded to plug in a security hole. It has given us that visibility to see where we are weak with our vendors.

Being able to use it as a policy-based VPN is valuable. It's very easy to understand. 

It's very easy to troubleshoot. It may be because I'm comfortable with it or because I've used it for so long, but it's easy to use for me. I don't have any problems with how to set it up or use it.

For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager.

We've been using Cisco ASA at least for the last six years. That's how long I've been in this organization, but my organization has been using it longer. 

We don't open bugs for it. It just works for what we've used it for. The last time we opened up an ASA bug would have probably been three years ago. From a reliability standpoint of what we're using it for, it's fantastic.

We've had no problems with scaling our business. We went from using probably 200 active VPNs an hour to over 600 VPNs without blinking an eye at that.

I enjoy Cisco's tech support. Just like any tech support out there, you could get a great or fantastic engineer, or you may get somebody who has just learned, so you just have to work with it. However, working with Cisco TAC, you find less of that than you do with other companies. 

Just to give them a shout-out, whenever we hit the Australian TAC, they're absolutely fantastic. Sometimes I feel that we should wait our hours when we open a ticket just so that we get one of them. They know their stuff. They absolutely do, so whoever they're hiring there, they got to keep that up and spread that out. I'd rate them a nine out of ten.

Positive

I've worked with Check Point's firewall, and I've worked with Palo Alto's firewall. Things like packet capturing and packet tracing that I can manipulate to pretend I'm doing traffic through the firewall are a lot easier to do with ASAs than with other products.

We have other firewalls in our environment. We still use Palo Alto. We do have a little bit of a mix with Palo Alto in our environment, but in terms of VPN specifically, the way that Palo Alto does route-based VPN by default doesn't flow well with most people out there. It works great with cloud providers. Cisco can do route-based VPNs too. We have a route-based VPN solution with Cisco as well. We just use an ISR for that instead of a firewall.

I've been part of the deployment. Specifically, how NATTING and the firewalls work, that part is not difficult at all, but there are some challenges when you take any product and manipulate the order of operations, but that's not a Cisco challenge. You're pairing different information. There are some tools that usually try to help with those conversions, but most of the time, I find it just easier to develop what you need and just build it from scratch.

We implemented it on our own.

We've seen an ROI in terms of our high-level engineers having to work less on the product. I've been able to provide it to the NOC because of the use of the solution. They see value in that.

Pricing is more for my leadership, but I give them the quotes, and if they approve, they're happy. They've never wavered, so I wouldn't say it's out of the realm where they're considering another product. It must be in the direct price range for our leadership to not blink an eye when we give it to them.

To those evaluating this solution, I'd say that it's a solid product. It works. It does what we need. It gives us peace of mind to sleep at night. I'd definitely put it up there with some of the other firewalls to consider.

I'd rate Cisco ASA a nine out of ten.

One of the most important roles of Cisco Secure Firewall is as a central firewall for the internet. We use it for segmentation of the outside network, DMZ networks, inside networks, and also as an intrusion prevention system for protecting our resources from the internet. All Access Control Lists are implemented on this firewall.

These days, it's normal to require that networks be more open because of the recent changes brought about by the COVID pandemic. The need for hybrid work environments and more collaborations has made securing the network more challenging. However, Cisco offers us monitoring and configuration, and with one platform, we are able to be more flexible and be able to control our security and our network.

The security features that protect our networks are the most valuable for me and my department, as we are responsible for the security of our network. We investigate cases and analyze traffic to see what's going on. These features are also very valuable when we are investigating communication between some services in the bank and what's happening in the network.

We are very satisfied with Cisco Secure Firewall for securing our infrastructure from end to end so we can detect and remediate threats. We have not seen a lot of false positives, and we haven't seen many situations when the traffic was interrupted without a proper cause. We are confident that the signatures that Cisco Secure Firewall uses are very good and reliable. For us, this is very important because we are a relatively small security team, and we don't have much manpower to be able to analyze every signature or event. By default, Cisco Secure Firewall is reliable, and that is the most important factor for us. Cisco is a large company that invests in security, and if it has reliable signatures and processes in intrusion detection, then that is very good for us.

Implementing Cisco Secure Firewall has saved us time because we rely on most of the out-of-the-box signatures. It has reduced the time and effort spent in configuration within the security network.

We have encountered problems when implementing new signatures and new versions on our firewall. Sometimes, there is a short outage of our services, and we have not been able to understand what's going on. This is an area for improvement, and it would be good to have a way to monitor and understand why there is an outage.

We use Cisco Secure Firewall and Cisco ISE.

In general, Cisco Secure Firewall is stable. We have had problems when we automatically deployed some signatures. There have been issues with the memory of the Firewall Management Center, and we've had to reload the system.

Our company has approximately 2,500 employees and 500 devices. In terms of scalability, Cisco Secure Firewall is sufficient for our needs.

We usually work with our local partner because it's much more convenient and faster. Because of their experience, they are able to solve some of our problems or issues without Cisco's technical support. For bigger problems such as bugs, we work with Cisco's technical support.

Because we mainly work with our local partner for technical support, I would rate them at ten out of ten.

Positive

The initial setup was relatively simple for us. During migration, we used the Cisco Firewall migration tool. From our point of view, the migration tool was okay.

We have a very reliable partner who helps us with Cisco products. They helped us to deploy Cisco Secure Firewall. I think it's important for every company to have local partners with enough knowledge and experience on whom they can rely. 

Our experience working with our partner was great. They have a lot of knowledge and experience with implementation.

We have always used Cisco firewalls. Cisco products have been the standard in networking in our company for many years. This has been beneficial because some of our core IT activities are connected with Cisco. Also, it has been proven that Cisco Secure Firewall is a reliable product that can help us have stable and reliable networks and services.

We have some experience with Check Point, which we started using recently. Cisco is more hardware-oriented, and Check Point is more application-orientated. The two vendors have a slightly different approach to the same problem.

On a scale from one to ten, I would rate Cisco Secure Firewall at eight because it's a very reliable product. We can use predefined signatures and don't have to do a lot of customization. However, we have had a few small issues with the deployment of some signatures and with the availability of Firewall Management Center.

We are one of our Swedish municipalities. We use this solution to support our environment and keep it safe and secure.

At the moment, Cisco SecureX is just for the monitoring part. We are migrating servers from an old infrastructure to a new one. It monitors how they're behaving on the network.

We have 500 sites using it. It's a mix of remote sites and connected sites. We have a lot of devices. We are a Swedish municipality, so we do everything from healthcare to taking care of the roads. We have a wide spectrum of users, so we have to supply everyone with what they need. So, we have a lot of devices in our network.

Cisco SecureX is doing a good job for us in terms of securing our infrastructure from end to end so that we can detect and remediate threats. It's detecting what we want it to detect, and it's protecting us from what we want to be protected against. So, it does its job. That's our need at the moment.

It has saved us time. Attackers are constantly trying to get hold of our environment. We've had around 20 to 30 breach attempts to get ahold of our environment. It protects us from that. It also protects us when an attempt is underway. We can see them starting to get into our network, so we can prevent it in time. The time saved varies. It can be days of work.

Its efficiency and security are the most important. We are more efficient and more secure.

We use Cisco switches and firewalls, Cisco DNA, and Cisco SecureX. The integration between various Cisco products is working very well. It's quite seamless for us.

There should be more integration with Microsoft Identity.

We get customer support through ITEA for a bunch of solutions. We get the help we need. I'd rate them a nine out of ten. You can always do better.

We haven't used any other solution for a long time. We have been a Cisco customer for a long period.

I was involved in its design. Some parts of the initial setup were quite easy and some parts were quite complex. We were quite early adopters of some parts of the Cisco brand, so we had some challenges, but overall, it was quite straightforward.

For some parts, we took the help of a third party called ITEA. Our experience with them was good.

We haven't calculated the overall ROI. There are different areas we use it for. For some management areas, we can calculate ROI, but in some areas, we can't.

You get what you pay for. It's always priced based on what you get and what it can handle. It's acceptable.

To those evaluating this solution, I'd advise finding out what you want to use it for. Our usage is quite basic. Overall, I am quite satisfied with what we are using it for.

Overall, I'd rate it a nine out of ten.

It is primarily our VPN solution. Initially, it was used in our firewalling. Then, we transitioned it into just our standalone VPN service for the company.

It is on-prem. We have it in two different data centers: our main data center and our backup data center.

With what is going on in the world, e.g., hybrid work and work from home, and everything that happened, VPN was everything to us. Without it, we wouldn't have been able to operate.

Typically, before COVID hit, we were a very much work-in-the-office type of environment with five to 10 people on our VPN solution. We quickly ramped up to 500 people when COVID happened, which is the majority of our full-time users. Onboarding our entire company onto this solution was pretty cool.

It is very good at what it does. It is a very dependable, long-standing product that you can trust. You know exactly how it works. It has been in the market for a lot longer than I have. So, it is great at its core functionality.

We are still running the original ASAs. The software that you are running for the ASDM software and Java application has never been a lot of fun to operate. It would have been nice to see that change update be redesigned with modern systems, which don't play nicely with Java sometimes. Cybersecurity doesn't seem to love how that operates. For us, a fresher application, taking advantage of the hardware, would have been a better approach.

I have been with the company for seven years, and we have had it the entire time. Cisco Advanced Services came in in 2013, which was two years before I joined. They did a deployment and installed it then.

There is your regular day-to-day maintenance, e.g., the patches and updates. Because it sits at the edge, it is exposed to the world. With threats always being of concern, you often have to patch and update. However, it is nothing more than regular maintenance

We have never had to ramp up more than a small- to medium-business use case. For that, it has been great. Limitation-wise, we would run into challenges if we ever hit 2,000 to 2,500 users. We would then have to move onto hardware. Its scalability is only limited by the size of the appliance. So, if you ever have to exceed that, then you just have to buy a new box.

ASA has always been great because it has been such a longstanding product. There is a lot of knowledge in-house with Cisco. I always know if we call to get help, it is great. I do wonder in the future, as the product gets close to the end of its life, if those people will move onto other things and it gets lost a bit. However, it has always been easy enough to find that help.

For the ASA specifically, probably nine.

Positive

We were just looking for a different feature set. We found that ASA was rock-solid as a VPN piece. We wanted to separate the VPN from our firewall policy management, so we just moved it over to VPN as a solution.

We had a partnership with Cisco. They came in and redid the entire environment. Before that, there was no Cisco environment whatsoever. So, they came in with the Nexus switching and Catalyst Wireless solution, then the VPN came with that as well as the ASA.

I have never found it hard to deploy. We didn't have a BCP solution set up as our secondary when COVID hit, which was something that we had to scramble to put together. However, it was something like a couple of days' work. It wasn't really a big deal or really complicated. It was a fairly straightforward system to separate and manage.

It brings us the ability to work from anywhere and has allowed us to work remotely without having to incur a lot of other costs. If we didn't have this type of solution, since we have so many on-prem services that are required, we would have likely lost money and been unable to deliver. We have a video services team who helped build the content for our sporting events. When you are watching a Leaf game and those swipes come by as well as the clips and things, those are all generated in-house. Without the ability to access our on-premise resources, we would have been dead in the water. So, the return on that is pretty impressive.

We integrate it with our ISE solution, TACACS+, etc. We have a Windows NPS server for MFA through Azure. We don't have any challenges with it. It has always worked well. I can't think of a time when we have ever had problems with either of those things. It has worked just fine.

I would rate the solution as nine out of 10.

Our primary use case for this solution is to improve network security. 

The maturity of our company's security implementation depends on our clients. Some of our clients really need a lot of work but some of them are advantaged. We are major implementors for Cisco. 

We implement it for our clients and we also use it internally. Our security maturity is advanced. We have been in IT business for over 75 years. We have major netowrk firewall experts in the company, so we know what to do. 

Our company uses more than thirty security tools. Ideally, we would use an end to end unified tool. But network security is far from that so we need to use multiple tools. 

Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality. 

The most valuable feature is the intelligence. It sends a warning for a potential attack, a zero-day attack. It sends us an advanced warning. We really like this feature. 

We use other Cisco tools for switches, routers, and AppDynamics. We also use their wireless tool. We are Cisco's biggest partner, so we use the majority of their solutions. This is one of the reasons people become a Cisco-shop, because of the integration. 

The integration between these products isn't perfect. 

Firepower provides us with application visibility and control. We have a standard evaluation procedure with around 136 criteria. We have a team that does the evaluation and there were viruses reported.

In terms of its ability to provide visibility into threats, we put a different application to be tested. We check how much we can see. What kind of network traffic goes through different devices. We know what's going on. If something went wrong, we see the attack, we know where and which attack. We put it into our testing center. You can never get 100% visibility. Sometimes we can't detect until the damage is done. That is the danger of being in the firewall business. You never know what kinds of tricks a hacker will use. It's endless work.

Talos is pretty decent. It offers smart intelligence. It helps my team detect what is going on. Without it, the ability of the power stations would be much less. Talos is one of the reasons that we go with Cisco. It is a big advantage.

We use automated policy application and enforcement. Any of the networks are very complex. It has freed up a lot of our time. Now, it's much better but it's still far from enough. We have saved 90% of our time due to the automation. 

Firepower has improved our enterprise defense ability by a lot. 

We use the whole suite of Cisco device management options. Compared to ten years ago, I have seen a lot of improvement, but it's still far from enough. I wish the intelligence will be improved. There is a big learning curve now. If a new gear comes into place, then the first three months aren't so accurate. With machine learning, it is getting better. The intelligence should be there from day one. But it will still need to learn the environment and which attack is the most common.

We are still trying to figure out the best practices for harmonizing policies and enforcement across heterogeneous networks. It's something new. More and more applications are going onto the cloud and we need the hybrid Firepower ability. 

The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.

There is a bit of an overlap in their offerings. Which causes clients to overpay for whatever they end up selecting. 

I have been using Firepower for 3 years. 

I see a lot of improvement in terms of stability but it's still not 100%. We still have bugs and things will go wrong that will cause the system to not function and we will have to reboot and restart. That is something that Cisco should fix. 

The scalability is reasonable and okay. 

One of the clients we have has 21,000,000 node. 

We use their support a lot. In my view, they need a lot of improvement. A lot of the representatives are far away and they don't have a lot of knowledge. You need to get to level two or three for them to be able to help. My team is very experienced so it takes a lot for us to make a call to technical support. We need to talk to the right person to work out the issue. The support structure is not able to reach the right level right away. This is a problem that Cisco needs to work a lot to improve one. 

We also use Palo Alto, Check Point, Fortinet, Juniper, and Microsoft. 

Cisco came into firewalls much later. I would say they're top ten but they're not number one yet. They need to do more work. Cisco does better than the smaller players. 

The best firewall option is Palo Alto. 

Considering the expertise and the way they detect an advanced attack, Palo Alto is better than Cisco. 

Compared to many years ago, the configuration is much more simplified. It is still not one button to get it all done. It's not easy enough. It hasn't reached the level where a junior staff member can get the job done. 

For my enterprise environment, the deployment goes wave by wave. It can take six to eight weeks. We do a rolling upgrade. It's not something that can be done in one action because the network is so huge and complex. 

We have a uniform implementation strategy. We have a standard upgrading proceeding. We do testing and verify and then we put it into production.  

We are the integrators and consultant team. 

18 months

Be careful

Yes

Get your homework done. Get to know in-depth what Cisco can do and compare it with Palo Alto. If you're happy with Cisco, go for it but Palo Alto is the safer choice. 

I would rate it an eight out of ten. 

The main use cases are firewalling, routing, site-to-site VPN, and remote access. We have some older 5585-X ASAs in place. We do have Firepower 2000 Series and 4000 Series. 

For most setups, we do have high availability in place. We've at least two devices in active-active or active-standby. If it's a highly secure setup, we sometimes have two firewalls.

Cisco has a huge variety of products and features. It's a benefit to have the knowledge of all those things and also put it in the firewalling products. The knowledge that comes from other products or solutions that Cisco is selling is finding a place in security as well, and that's one of the key benefits.

There are time savings when you have a good solution in place for stopping or preventing security risks. In general, it isn't saving me time on a daily basis, but there is peace of mind knowing that you are being protected.

Basic firewalling is obviously the most valuable. In addition to that, secure access and remote access are also very useful for us. When COVID came, a lot of people had to stay at home, and that was the basic use case for having remote access.

One con of Cisco Secure Firewalls is that Java is used a lot for the older generation of these firewalls. Java is used for the ASA and the ASDM tool for administration. It's an outdated way of administering, and it's also a security risk to use this kind of solution. This is a pro of Firepower or the newer generation of firewalls because they are using HTML for administration.

In general, they can make it easier to manage the solutions. They can make it easier in terms of administration and provide a single tool for different firewalling solutions. They have different tools to manage different firewalls, such as Firepower or ASA. Sometimes, both are on the same thing. You have ASA with Firepower modules, so you manage some of the things via HTML, and then you manage some of the things via another management tool. It's not seamless. It should be bundled together in one solution.

I have been using this solution for six to seven years.

They have been very stable. I did not have any cases where a network was down due to firewalling. Fortunately, I did not have any hacker attacks, but that's being lucky. It's not something I would point out to firewalling or configuration. It's just that sometimes you're lucky and sometimes you're not.

It's very scalable. Cisco is for mid to large businesses. For small businesses, there are solutions that are cheaper, but that's not the main focus. 

A large environment comprises several thousand users. We have small to large size environments, but we mostly have mid to large.

Cisco's tech support is good in general. It varies and depends on with whom you're speaking and how the knowledge on the other side is. That's basically the same for our company. I'd rate them an eight out of ten. A ten would be perfect, and no one is perfect. You can reach maybe a nine, but no one can reach a ten.

Positive

For more security, we sometimes have two firewalls. We have other vendors in place, such as FortiGate or Palo Alto. We have Cisco at the front or at the end, and another vendor on the other side so that there is more security, and if there is a security breach in one solution, we still have the other one. These firewalls differ mostly in administration and how you configure things but not so much in terms of features. They may differ in small things, but in the end, they are all doing the same things.

I deploy and manage them afterward. I'm not only in the designing and implementing; I'm also in the operational business. Its deployment is not more complicated than other solutions. It's fine. When it comes to documentation, in general, Cisco is very good.

We mostly try to do it ourselves. Our approach is to have knowledge or any certification of the topic we are trying to take.

I'm not a salesperson. I'm more from the technical perspective, and I don't know if there are any savings at the end, but I believe that all that was bought in the past was used the way we wanted it to use. So, the money was well spent.

Licensing is not only for Secure Firewalls, and it's too complicated.

To someone evaluating or considering Cisco Secure Firewall, I'd advise having a good greenfield approach regarding what component to use. If there is no greenfield, you should evaluate what solutions you need and what type of use case you have and then decide based on that.

I'd rate Cisco Secure Firewall an eight out of ten. Cisco is a big player in networking and security, and that's basically the pro on their side.

We are a large company in the country in which we operate. We are a government agency dealing with taxes and we provide services for all taxpayers within the country. We have services for internal users, as well as services for public users. The main reason we use these firewalls is to protect our environment and to provide our services efficiently so that we are up and running 24/7.

Our solution is deployed in a private cloud. Everything is hosted in our environment and provided as cloud services. We are in the process of moving our infrastructure from the previous environment to the new environment where Cisco firewalls are installed.

In terms of our security maturity as an organization, we are young. In fact, we are young as a country. We have been providing electronic services for more than 10 years for our clients. We have a huge number of clients, with over 120,000 users who subscribe to our system and who access our services on a daily basis or, at a minimum, three to four times per year.

We use a few tools for security in terms of management, both internal and external, but we are mainly relying on Cisco. Our network is based on Cisco, and we also protect our mail system with Cisco. Previously, and in parallel, we used Sophos next-generation firewalls.

The solution provides us with application visibility and control and, at this stage, we are happy with it. Similarly, we are very happy with Cisco Firepower Management Center. We're still at an early stage, but we haven't seen any problems with the Cisco products. We are still switching on features and looking at how they are working.

When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.

We also believe that Cisco is updated about all security issues and threats and efficient enough to provide us with the features and protection we need.

We just installed them recently. We started installation at the end of 2020 and we completed it this month, April 2021.

It's still early, but we believe the stability is alright.

The scalability of the solution is better than the other firewalls we have, due to technical features. Our technicians have realized that this is much more scalable compared to other solutions.

So far, the technical support has been excellent.

The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough.

We did a proper implementation plan according to the complexity of our network and our requirements. Then we used the best method for implementing it while mitigating our risks and meeting our requirements. We found a good way to implement it.

The setup took us two calendar months, but in terms of the actual time required to configure it, it was not so long. The setup took approximately as long as for other firewalls we have used.

It's hard to talk about ROI when it comes to security, but security now is expensive. You have to pay for it.

For us, the pricing was more economical than other products we used. There were no extra costs.

We evaluated a lot of the providers: Juniper, Palo Alto, Check Point, and Fortinet. Our technical team really researched things for a considerable amount of time, and they came up with a decision that this would be the best.

Cisco was chosen because there were many features according to assessments made by other users and as noted in technical data sheets we looked at during the research. They came up with a few features which are better than what other products have. 

Also, especially when you have been a long-time user of Cisco products and services, we found that from a budget perspective it was going to be much more preferable than the others.

We are very satisfied with the service and the product. I don't think that any product would be better than Cisco when it comes to next-generation firewalls.