Try our new research platform with insights from 80,000+ expert users
reviewer2211633 - PeerSpot reviewer
CTO at a government with 10,001+ employees
Real User
Does what we need to do and when we need to do it
Pros and Cons
  • "Cisco Secure Firewall is robust and reliable."
  • "The process of procuring modern-day technology within the DOD needs to improve."

What is our primary use case?

We use Cisco Secure Firewall for traditional firewall use cases, like VPN, segmenting of traffic, and creating PPSs.

How has it helped my organization?

We need reliable communication to do what we do, and that's very important. The solution does what we need to do and when we need to do it. It has a great reputation for the support that we need because if things don't work within the Department of Defense, people don't survive. Communication and keeping the adversary out are key components of our work. So we need a robust, reliable, and secure product, and that's what Cisco provides us.

What is most valuable?

Cisco Secure Firewall is robust and reliable.

What needs improvement?

The process of procuring modern-day technology within the DOD needs to improve.

Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.

For how long have I used the solution?

I've spent quite a few years with Cisco Secure Firewall.

What do I think about the stability of the solution?

Cisco Secure Firewall is a very stable solution.

What do I think about the scalability of the solution?

Cisco Secure Firewall is a very scalable solution.

How are customer service and support?

Cisco Secure Firewall's technical support is great, reliable, and responsive.

How would you rate customer service and support?

Positive

What was our ROI?

We have seen a return on investment from using Cisco Secure Firewall. From the DOD's perspective, we need a reliable and robust solution that has to be reliable in real-time. Cisco Secure Firewall is a reliable solution that works when needed.

What other advice do I have?

Cisco Secure Firewall is a great scalable, secure, and robust product.

There is a dedicated team designed to handle firewalls.

I have a good impression of Cisco Talos and its effects on our security operations. They have a great reputation for doing a lot of great things.

Cisco Secure Firewall has helped our organization improve its cybersecurity resilience.

Overall, I rate Cisco Secure Firewall nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Co-Founder at Multitechservers
Real User
Great remote VPN features, easy to set up, and offers 24/7 access to support
Pros and Cons
  • "Cisco ASA provides us with very good application visibility and control."
  • "If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."

What is our primary use case?

We are primarily using the solution for VLAN implementations and also for remote VPN capability - basically it's used for connecting to remote offices securely.

How has it helped my organization?

After implementing tools, including Cisco ASA, unauthorized access comes down a lot. We are not facing asset issues as of now. We are not facing an issue related to malicious traffic or any bad activity in our network.

What is most valuable?

The solution can allow and block traffic over the VLANs.Some of the unauthorized actions and malicious traffic can also be blocked effectively, as we are following PCI DSS compliance. We are a card industry. We are using cards as a payment method, and therefore we need to follow the compliance over the PCI DSS. That's why we chose one of the best products. ASA Firewall is very secure.

It's always easy to integrate Cisco with the same company products. If you are using other CIsco products, there's always easy integration.

Cisco is one of the most popular brands, and therefore the documentation is easily available over the internet.

They are best-in-class.

The remote VPN feature is one of the best features we've found. 

We like that there is two-factor authentication on offer.  We can integrate a Google authenticator with Cisco ASA so that whenever a person is logging on to any network device, they need to enter the password as well as the security code that is integrated by Google. It's a nice added security feature.

Cisco ASA provides us with very good application visibility and control. The Cisco CLI command line is one of the easiest we found on the market due to the fact that the GUI and the user interface are very familiar. If you're a beginner, you can easily access it. There's no complicated UI.

When compared to other products available, the cost is pretty similar. There's no big gap when you compare Cisco pricing to other products. 

There are multiple features in a single appliance, which is quite beneficial to us.

Support that is on offer 24/7. Whenever we face some technical issue, we can reach out to them easily.

We have not had any security breaches. 

They provide a helpful feature that allows us to configure email. 

We are getting a lot from the appliance in real-time.

What needs improvement?

There's an upgraded version of the 5500 that has come to the market. It offers the latest encryption that they have. If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve. The rest is good.

For how long have I used the solution?

We've been using the solution for about five or more years at this point. It's been a while. 

What do I think about the stability of the solution?

The stability and availability are very good. there are no bugs or glitches. It doesn't crash or freeze. it's a reliable solution. 

What do I think about the scalability of the solution?

We have it in our infrastructure for around 15 plus users, including Fortinet sites.

We have found that whenever the traffic spikes at peak times, the product automatically scales up to the requirement. We have also implemented the single sign-on it, and therefore, it automatically scales up. We haven't felt any limitations. Currently, we are using it for 1500 plus users. At any given time, there are around 700 plus users available in the office. It's a 24/7 infrastructure. We have tested it for up to 750 plus users, and it's perfectly fine.

How are customer service and technical support?

Technical support is excellent. they are always available, no matter the time of day, or day of the week. We are quite satisfied with their level of support. They are quite helpful and very responsive. I'd rate them at a ten out of ten. They deserve perfect marks.

Which solution did I use previously and why did I switch?

We did not previously use a different solution. When the office was launched we implemented Cisco as a fresh product.

We are using a Cisco ASA Firewall, as well as Sophos at the remote sites. We are using another product is for log collecting. There are three solutions that basically cover us for security purposes. Those, at least, are the physical devices we are using as of now. The rest are cloud solutions such as Nexus. 

That said, I personally, have used Sophos XG as a firewall in the past. Sophos is good in terms of traffic blocking and identifying interruptions to the traffic. The features are better on Cisco's side. For example, there is two-factor authentication and a remote VPN. The only benefit I found in Sophos was the way it dealt with the traffic. 

How was the initial setup?

The initial setup was not overly complex or difficult. It was quite straightforward and very easy to implement. 

Deployment takes about 20 to 25 minutes. 

In terms of the implementation strategy, at first, we put up the appliances in the data center. After that, we connected it with the console. After connecting the console, we had an in-house engineer that assisted. Cisco provided us onboarding help and they configured our device for us. We have just provided them the IP address and which port we wanted up. Our initial configuration has been done by them.

What about the implementation team?

While most of the setup was handled in-house, we did have Cisco help us with the initial configurations.

What was our ROI?

The ROI we are getting from Cisco ASA is higher availability, which we are getting all the time. On top of that, it's good at blocking traffic and protecting us from cyber-crime issues.

What's my experience with pricing, setup cost, and licensing?

The pricing is pretty reasonable. it's standard and comparable to other solutions. The maximum difference between products might be $20 to $40. It's not much of a difference. 

Which other solutions did I evaluate?

We did not evaluate other solutions. We trust Cisco. It's a very good product and well known in the market.

What other advice do I have?

We are a customer and an end-user.

We are using physical Cisco appliances.

We use a lot of Cisco products, Cisco router (the 3900-series routers), and Cisco switches.

In the next quarter, we will implement SD-WAN. Once the SD-WAN is implemented, then we will go with an automated policy and DNS kinds of tools. We are in the process of upgrading to Cisco ASA Firepower in the next quarter. We have not integrated Cisco ASA with Cisco's SecureX solution.

I'd recommend the solution, especially for medium-sized or larger companies and those who are looking for long-term solutions (for example those with a user base of around 2,000 plus users in and around 20 plus applications). It's reliable and offers users a lot of features. This helps companies avoid having to rely on other third-party solutions.

If you are new to Cisco, you should take advantage of the education they have on offer. Cisco provides access to training and it's worth taking advantage of this.

Overall, I'd are the solution at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
April 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.
Cosultant at Kadaster
Real User
Top 20
Stable with a straightforward setup and good overall features
Pros and Cons
  • "The implementation is pretty straightforward."
  • "In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."

What is our primary use case?

The solution is primarily used for protecting the environment, or the cloud environments for our customers.

What is most valuable?

All the specific features you find within the NextGen firewall are quite useful. The touch intel feature is specifically useful to us. We deliberately choose this kind of product due to its set of features. 

The implementation is pretty straightforward.

What needs improvement?

The security market is a fast-changing market. The solution needs to always check if the latest threats are covered under the solution. 

It would always be helpful if the pricing was improved upon a bit.

In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard.

For how long have I used the solution?

We've been using the solution for about five or more years at this point.

What do I think about the stability of the solution?

The solution is stable. It's very reliable. It doesn't crash or freeze and doesn't seem to be plagued by bugs or glitches.

What do I think about the scalability of the solution?

The solution can scale quite well. A company that needs to expand it can do so easily.

In our case, we have clients with anywhere between 1,000 and 10,000 users.

How are customer service and technical support?

We have our own in-house team that can assist our clients should they need technical support. They're quite knowledgeable and can handle any issues.

Which solution did I use previously and why did I switch?

I also have experience with Fortinet and Check Point.

How was the initial setup?

The implementation isn't complex. It's straightforward. However, it also depends on the specifications of the customer. Normally we check that out first and then we can make a judgment of how to best implement the solution.

Typically, the deployment takes about two days to complete.

In terms of maintenance, we have about five people, who are engineers, who can handle the job.

What about the implementation team?

We deliver the solution to our customers.

What's my experience with pricing, setup cost, and licensing?

You do need to pay for the software license. In general, it's a moderately expensive solution. It's not the cheapest on the market.

What other advice do I have?

We're a partner. We aren't an end-user. We are a managed security provider, and therefore we use this solution for our customers.

We always provide the latest version of the solution to our clients.

Typically, we use both cloud and on-premises deployment models.

I'd recommend the solution to others. It's quite good.

On a scale from one to ten, I would rate it at an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Supervisor of Computer Operations at Neil McFadyen
User
Setting up rules for HTTPS and SSH access to the management interface are straightforward
Pros and Cons
  • "I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."
  • "I found that setting up rules for HTTPS and SSH access to the management interface are straightforward, including setting the cypher type."
  • "10Gb interfaces should be available on more models."
  • "It is surprising that you need to have a virtual appliance for the Firepower Management Center. It is not good if you have to setup a VMware server just for it."
  • "It is confusing to have two management interfaces, e.g., ASDM and Firepower Management Center."

What is our primary use case?

We use it for our university department firewall. It replaced our 12-year-old Cisco ASA 5520, which used to protect web servers, mail servers, SVN repositories, office computers, research computers, and computer labs. It was used for blocking the internet for exams. It was not used for IPS, so we did not buy the new threat protection or malware license. We connected it to a Layer 3 switch for faster Inter-VLAN routing.

How has it helped my organization?

It works better through specs than our old ASA 5520. It seems to perform the same functionality unless you buy the additional threat protection licenses, so this is a disappointment. I found a bug where the ASDM could not be used with Windows 2016, but it did work with Windows 10.  

What is most valuable?

  • Most of same old ASA 5520 config could be used for the new 5516-X model. The ASDM interface is improved and can also be configured to the Firepower settings. 
  • I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful, and I am not sure how other firewalls handle the issue of internal versus external DNS, so this was a reason to keep the same type of firewall.
  • Customizing logging event of syslog to feed into Splunk is very useful for management and monitoring just for the importance events instead of a huge stream of thousands of unneeded events.
  • I found it quite easy to block computers from the internet, e.g, in a computer lab with students doing an exam using software for the course when needed.
  • I use access to a list to block IPs which have attacked our web servers on the outside interface, since I do not have IPS.
  • I found that setting up rules for HTTPS and SSH access to the management interface are straightforward, including setting the cypher type.
  • It is very useful to use the command line interface for modifying or adding to the config because sometimes the ASDM interface is hard to find when the setting is more complicated.
  • The text config file is great to have, to know what is in the config, instead of having to check every setting in the GUI.
  • While the CLI is used the most, sometimes the ASDM is faster and easier to use to set some settings.

What needs improvement?

  • It is confusing to have two management interfaces, e.g., ASDM and Firepower Management Center. It would be nice to have a Windows program instead of a virtual appliance for the Firepower Management Center.  The ASA and Firepower module seem redundant, not sure which one to set the rules in, but maybe that was for backward compatibility. I am not sure that is very useful.
  • It is surprising that you need to have a virtual appliance for the Firepower Management Center. It is not good if you have to setup a VMware server just for it.
  • 10Gb interfaces should be available on more models. 

For how long have I used the solution?

Still implementing.

What's my experience with pricing, setup cost, and licensing?

ASA pricing seems high compared to other firewalls, such as the Sophos XG models. 

The licensing features are getting more complicated. These should be simplified. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Bob Wholley - PeerSpot reviewer
Bob WholleyTitleSr. Systems Engineer at a tech company with 5,001-10,000 employees
Real User

Have you checked out Fortinet's Fortigate UTM appliances and Security Fabric? They wiill save you money and provide more security.

reviewer2212530 - PeerSpot reviewer
Systems Engineer at a engineering company with 5,001-10,000 employees
Real User
Top 20
A ubiquitous and easy-to-deploy product with a good support team
Pros and Cons
  • "The solution is pretty easy to deploy."
  • "I would like to see an IE version of the solution where it is ruggedized."

What is our primary use case?

I'm a design consultant. We primarily use the product to secure various client networks, major infrastructure, highways, and urban surveillance.

What is most valuable?

The solution is pretty easy to deploy. It is pretty ubiquitous too, so it is easy to get. It pretty much does the job we need it to do.

What needs improvement?

I would like to see an IE version of the solution where it is ruggedized. Most of what we do is infrastructure based on highways. Now that the product has a hardened switch, the only thing left in our hubs that isn't hardened is probably the firewall. It would be nice to pull the air conditioners out of the hubs.

For how long have I used the solution?

I have been using the solution for 20 years.

What do I think about the stability of the solution?

I've never had a stability problem with firewalls.

What do I think about the scalability of the solution?

The solution seems to be very scalable. I probably don't have much experience with scalability because, by the nature of how our networks work, we don't scale them; we just add another one.

How are customer service and support?

Support is very good. I've never had a problem with any form of support.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used only a couple of other products over the years due to client preference. In general, Cisco Secure Firewall is easier to deploy mostly because of the depth of personnel trained in it. Every other product seems to be a niche thing that two people know, but Cisco once again seems ubiquitous throughout the industry. Our customers choose Cisco for various reasons, from cost to a preference for Cisco. It meets the task that they need to meet. It's really the spectrum.

How was the initial setup?

The deployment is pretty straightforward. It's the same as deploying any other Cisco equipment. If you know what you're doing, it's not a huge deal.

What was our ROI?

I believe our clients have seen an ROI. Their networks are more secure. Various agencies have tested a few of them to prove it, and they've proven okay. Since they weren't attacked, they have received an ROI.

What's my experience with pricing, setup cost, and licensing?

The licensing is not so bad. The solution’s pricing could be lower. It's not horrible, though.

What other advice do I have?

The application visibility and control are pretty good. It seems to do everything we've ever needed it to do. I've never asked the product to do something that it couldn't do. The solution has been pretty successful at securing our infrastructure from end to end. Most of our client’s staff have reported that the product is not as maintenance intensive as they would like. They never had to deal with maintenance before, but now they do. We deploy new systems for our clients.

I haven't had much experience with Cisco Talos directly. I know it's there, but I haven't really been involved. I haven't experienced it, which I believe is a good thing. It's doing its job if I don't have to get involved with it. The product has definitely helped improve our organization’s cybersecurity resilience. We weren't secure at all before, and we are a known target since we’re based in infrastructure. The solution has been very helpful in providing security.

It is a good product. I would definitely look into it. There is great value in going to a partner to a reseller to deploy the product. They understand the equipment and have expertise. Normally, they're local, so local knowledge is always useful. They have done deployments before, so sometimes they know tips or tricks that aren't in the manuals.

People evaluating the solution should give it a look. Definitely, it is worth taking a look at it.

Overall, I rate the product a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Marijo Sutlovic - PeerSpot reviewer
Head of Information Security at Otp banka d.d.
Video Review
Real User
Out-of-the-box signatures have reduced the time and effort spent in configuration
Pros and Cons
  • "Implementing Cisco Secure Firewall has saved us time because we rely on most of the out-of-the-box signatures. It has reduced the time and effort spent in configuration within the security network."
  • "We have encountered problems when implementing new signatures and new versions on our firewall. Sometimes, there is a short outage of our services, and we have not been able to understand what's going on. This is an area for improvement, and it would be good to have a way to monitor and understand why there is an outage."

What is our primary use case?

One of the most important roles of Cisco Secure Firewall is as a central firewall for the internet. We use it for segmentation of the outside network, DMZ networks, inside networks, and also as an intrusion prevention system for protecting our resources from the internet. All Access Control Lists are implemented on this firewall.

How has it helped my organization?

These days, it's normal to require that networks be more open because of the recent changes brought about by the COVID pandemic. The need for hybrid work environments and more collaborations has made securing the network more challenging. However, Cisco offers us monitoring and configuration, and with one platform, we are able to be more flexible and be able to control our security and our network.

What is most valuable?

The security features that protect our networks are the most valuable for me and my department, as we are responsible for the security of our network. We investigate cases and analyze traffic to see what's going on. These features are also very valuable when we are investigating communication between some services in the bank and what's happening in the network.

We are very satisfied with Cisco Secure Firewall for securing our infrastructure from end to end so we can detect and remediate threats. We have not seen a lot of false positives, and we haven't seen many situations when the traffic was interrupted without a proper cause. We are confident that the signatures that Cisco Secure Firewall uses are very good and reliable. For us, this is very important because we are a relatively small security team, and we don't have much manpower to be able to analyze every signature or event. By default, Cisco Secure Firewall is reliable, and that is the most important factor for us. Cisco is a large company that invests in security, and if it has reliable signatures and processes in intrusion detection, then that is very good for us.

Implementing Cisco Secure Firewall has saved us time because we rely on most of the out-of-the-box signatures. It has reduced the time and effort spent in configuration within the security network.

What needs improvement?

We have encountered problems when implementing new signatures and new versions on our firewall. Sometimes, there is a short outage of our services, and we have not been able to understand what's going on. This is an area for improvement, and it would be good to have a way to monitor and understand why there is an outage.

For how long have I used the solution?

We use Cisco Secure Firewall and Cisco ISE.

What do I think about the stability of the solution?

In general, Cisco Secure Firewall is stable. We have had problems when we automatically deployed some signatures. There have been issues with the memory of the Firewall Management Center, and we've had to reload the system.

What do I think about the scalability of the solution?

Our company has approximately 2,500 employees and 500 devices. In terms of scalability, Cisco Secure Firewall is sufficient for our needs.

How are customer service and support?

We usually work with our local partner because it's much more convenient and faster. Because of their experience, they are able to solve some of our problems or issues without Cisco's technical support. For bigger problems such as bugs, we work with Cisco's technical support.

Because we mainly work with our local partner for technical support, I would rate them at ten out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was relatively simple for us. During migration, we used the Cisco Firewall migration tool. From our point of view, the migration tool was okay.

What about the implementation team?

We have a very reliable partner who helps us with Cisco products. They helped us to deploy Cisco Secure Firewall. I think it's important for every company to have local partners with enough knowledge and experience on whom they can rely. 

Our experience working with our partner was great. They have a lot of knowledge and experience with implementation.

What other advice do I have?

We have always used Cisco firewalls. Cisco products have been the standard in networking in our company for many years. This has been beneficial because some of our core IT activities are connected with Cisco. Also, it has been proven that Cisco Secure Firewall is a reliable product that can help us have stable and reliable networks and services.

We have some experience with Check Point, which we started using recently. Cisco is more hardware-oriented, and Check Point is more application-orientated. The two vendors have a slightly different approach to the same problem.

On a scale from one to ten, I would rate Cisco Secure Firewall at eight because it's a very reliable product. We can use predefined signatures and don't have to do a lot of customization. However, we have had a few small issues with the deployment of some signatures and with the availability of Firewall Management Center.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Fredrik Vikstrom - PeerSpot reviewer
IT Architect at Skellefteå Kommun
Real User
Improves efficiency and security, integrates well, and has reasonable pricing
Pros and Cons
  • "Its efficiency and security are the most important. We are more efficient and more secure."
  • "There should be more integration with Microsoft Identity."

What is our primary use case?

We are one of our Swedish municipalities. We use this solution to support our environment and keep it safe and secure.

At the moment, Cisco SecureX is just for the monitoring part. We are migrating servers from an old infrastructure to a new one. It monitors how they're behaving on the network.

We have 500 sites using it. It's a mix of remote sites and connected sites. We have a lot of devices. We are a Swedish municipality, so we do everything from healthcare to taking care of the roads. We have a wide spectrum of users, so we have to supply everyone with what they need. So, we have a lot of devices in our network.

How has it helped my organization?

Cisco SecureX is doing a good job for us in terms of securing our infrastructure from end to end so that we can detect and remediate threats. It's detecting what we want it to detect, and it's protecting us from what we want to be protected against. So, it does its job. That's our need at the moment.

It has saved us time. Attackers are constantly trying to get hold of our environment. We've had around 20 to 30 breach attempts to get ahold of our environment. It protects us from that. It also protects us when an attempt is underway. We can see them starting to get into our network, so we can prevent it in time. The time saved varies. It can be days of work.

What is most valuable?

Its efficiency and security are the most important. We are more efficient and more secure.

We use Cisco switches and firewalls, Cisco DNA, and Cisco SecureX. The integration between various Cisco products is working very well. It's quite seamless for us.

What needs improvement?

There should be more integration with Microsoft Identity.

How are customer service and support?

We get customer support through ITEA for a bunch of solutions. We get the help we need. I'd rate them a nine out of ten. You can always do better.

Which solution did I use previously and why did I switch?

We haven't used any other solution for a long time. We have been a Cisco customer for a long period.

How was the initial setup?

I was involved in its design. Some parts of the initial setup were quite easy and some parts were quite complex. We were quite early adopters of some parts of the Cisco brand, so we had some challenges, but overall, it was quite straightforward.

What about the implementation team?

For some parts, we took the help of a third party called ITEA. Our experience with them was good.

What was our ROI?

We haven't calculated the overall ROI. There are different areas we use it for. For some management areas, we can calculate ROI, but in some areas, we can't.

What's my experience with pricing, setup cost, and licensing?

You get what you pay for. It's always priced based on what you get and what it can handle. It's acceptable.

What other advice do I have?

To those evaluating this solution, I'd advise finding out what you want to use it for. Our usage is quite basic. Overall, I am quite satisfied with what we are using it for.

Overall, I'd rate it a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1895487 - PeerSpot reviewer
Senior Network Architect at a tech services company with 10,001+ employees
Real User
A stable and secure solution that works well
Pros and Cons
  • "Cisco tech is always good and helpful. I would rate them as 10 out of 10."
  • "Cisco ASA is starting to get old and Firepower is taking over. All the good things happening are with Firepower."

What is our primary use case?

We are using it for security on everything from small customers to big data centers.

How has it helped my organization?

It is stable. We saw benefit from this in just a few days.

What is most valuable?

Cisco AnyConnect is my favorite. It is awesome. It also exists on Firepower and newer things.

What needs improvement?

Cisco ASA is starting to get old and Firepower is taking over. All the good things happening are with Firepower. Everything that I could wish for is in Firepower. We will probably not be doing too many new installations of ASAs since Firepower is mostly taking over.

For how long have I used the solution?

I have been using it for 15 to 20 years.

What do I think about the stability of the solution?

It is stable and secure. There are a few bugs, etc. Overall, we are very happy with it. We have never looked at anything else because it works so well. I would rate the stability as 10 out of 10. It is very good.

There is maintenance. We have to keep an eye out for software upgrades and forced changes to the configuration. We have a network operations team of 15 people who take care of these things from day to day.

What do I think about the scalability of the solution?

The solution's scalability is very good.

We use it on customers who have two employees up to customers with 5,000 employees. It is also used for customers who have one site or several sites. It is all over the place

How are customer service and support?

Cisco tech is always good and helpful. I would rate them as 10 out of 10.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I didn't use another solution previously.

How was the initial setup?

All our deployments have been different. Some have been really easy and others have been really complex. It could go either way: some are complex and some are easy. The complex solutions could take days or a couple of weeks to deploy. Easy solutions take a day.

If it was a big project, there would be a pre-project identifying what we were going to do and making a plan for it, then we would realize that plan. If it was a smaller thing, we would just jump into it.

What about the implementation team?

It was deployed in-house. Depending on the solution and its complexity, it could take a single person to a team of 20 people to deploy it.

What was our ROI?

Our return on investment is having a network that we don't need to think too much about. It works, and that is it.

What's my experience with pricing, setup cost, and licensing?

Cisco is always expensive, but you get what you pay for. It is expensive for a reason. It is a good solution, and good solutions cost money.

AnyConnect is an extra license. If you want the IDS/IPS things, those are usually extra too.

Which other solutions did I evaluate?

I evaluated Check Point, Palo Alto, and Fortinet, but Cisco won the race. Since we were already running most of our other networking with Cisco, it felt natural to land on Cisco.

What other advice do I have?

I would rate the solution as 10 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.