What do you like most about Cisco Firepower NGFW Firewall?

Network segmentation is the most valuable feature.

The product offers good scalability.

Cisco Secure Firewall's security solutions, advanced malware protection, and DDoS communication are very good.

The solution's dashboard is fine, and in terms of support, Cisco is better than other OEMs in the market.

The greatest benefit that this has provided to our organization is that we've been able to adjust the time that it takes to implement firewall changes. It's gone from a week to less than half a day to implement a change, which means that our DevOps team can be much more agile, and there is much less overhead on the firewall team.

Firewall help with cybersecurity resilience. I really like this Cisco product. It's user-friendly. I don't like some other vendors. I've tried those in the past. Cisco is pretty easy. A caveman could do it.

FMC is very good in terms of giving a lot of visibility into what the firewall is seeing, what it's stopping, and what it's letting through. It lets the administrator have a little bit of knowledge of what's coming in or out of the device. It's excellent.

The solution is pretty easy to deploy.

Cisco Secure Firewall is reliable, which is why we opted for it during the pandemic for our remote users.

The ASA has seen significant improvement due to the IPS.

The most valuable feature is IPS. It's a feature that's very interesting for tackling the most current attacks.

URL filtering is valuable.

The grouping of the solutions helps save time. If you have a problem and you have a high-level overview of the system, you can easily dig deeper into the problem. For example, I can check to see why ASA isn't working but the reason for the outage is actually because of Duo. I can spend a lot of time working in the wrong direction because I didn't have an overview.

The security features are the most valuable. My customers find the security products very useful because nowadays there are many threats from the internet and other malicious users. The security products really help.

Our company operates in Saudi Arabia, primarily working with government sectors. If any hardware malfunctions, the defective device is removed, and we receive a replacement from the reseller. We have not encountered any issues related to delays in receiving replacements for malfunctioning devices which has been beneficial.

It's the VPN side of things that has been most useful for us. It allows us to secure our users even when they're working from home. They are able to access all of our resources, no matter where they are in the world.

Application inspection, network segmentation, and encrypted traffic detection or encrypted traffic analysis (ETA) are valuable for our customers.

The most beneficial aspect of the Cisco Secure Firewall is the AnyConnect component within the firewall package, which we selected specifically for VPN usage due to its exceptional integration with various third-party devices and applications.

Its efficiency and security are the most important. We are more efficient and more secure.

Implementing Cisco Secure Firewall has saved us time because we rely on most of the out-of-the-box signatures. It has reduced the time and effort spent in configuration within the security network.

Cisco Secure Firewall has improved our customers' security posture because it offers Next-Gen features, granularity, and reporting on the back of it. You can see the amount of users accessing Office 365, for example, and whether they're having a good or bad experience. You can see the threats that are coming into your network. You can see anyone who is compromised from within your network.

Protecting our landscape in general and being able to see logging when things aren't going as set out in policies are valuable features. Our security department is keen on seeing the logging.

The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team.

Collaboration with other Cisco products such as ISE and others is the most valuable feature.

We found the initial setup to be easy.

The deep packet inspection is useful, but the most useful feature is application awareness. You can filter on the app rather than on a static TCP port.

This solution helped us to identify the key areas where we need to focus to block traffic that is malicious to our organization.

IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors.

The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful.

With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall.

The content filtering is good.

One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now.

Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity.

I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.

The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands.

If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly.

Cisco's technical support is the best and that's why everybody implements their products.

When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.

One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage that discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful.

It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective.

I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete.

The most important features are the intrusion prevention engine and the application visibility and control. The SNORT feature in Firepower is also valuable.

If configured, Firepower provides us with application visibility and control.

The solution offers very easy configurations.

We have not had to deal with stability issues.

The feature set is fine and is rarely a problem.

There are no issues that we are aware of. It does its job silently in the background.

A good intrusion prevention system and filtering.

The most valuable feature is stability.

You do not have to do everything through a command line which makes it a lot easier to apply rules.

The customer service/technical support is very good with this solution.

I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable.

It's got the capabilities of amassing a lot of throughput with remote access and VPNs.

The most valuable features of this solution are the integrations and IPS throughput.

The most valuable feature is the access control list (ACL).

The implementation is pretty straightforward.

I like the firewall features, Snort, and the Intrusion Prevention System (IPS).

The Adversity Malware Protection (AMP) feature is the most valuable.

It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard.

Provides good integrations and reporting.

The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy.

The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate.

One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses.

Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.

Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality.

With the FMC and the FirePOWERs, the ability to quickly replace a piece of hardware without having to have a network outage is useful. Also, the ability to replace a piece of equipment and deploy the config that the previous piece of equipment had is pretty useful.

The protection and security features, like URL filtering, the inspection, and the IPS feature, are also very valuable for us. We don't have IT staff at most of the sites so for us it's important to have a robust firewall at those sites

We can easily track unauthorized users and see where traffic is going.

The IPS, as well as the malware features, are the two things that we use the most and they're very valuable.

The most valuable features of Cisco firewalls are the IPS and IDS items. We find them very helpful. Those are the biggest things because we have some odd, custom-made products in our environment. What we've found through their IPS and IDS is that their vulnerability engines have caught things that are near-Zero-day items, inside of our network.

Once you add Firepower onto to it and you start enabling some of its features, you get some IDS/IPS involved with it and you can even do web filtering.

The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly.

I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment.

They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities.

Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching.