We had implemented our Cisco API and Cisco Stealthwatch. We use the Cisco Secure Firewall for easy integration that can collaborate with all these Cisco solutions. My operations will also have less maintenance and the same existing team.
Cybersecurity Designer at a financial services firm with 1,001-5,000 employees
Real User
Top 20
2023-08-03T14:54:00Z
Aug 3, 2023
I'm a Cybersecurity Designer working for a financial services company in London, England with about 4,500 employees. We've been using Cisco Secure Firewall for about a decade now. Currently, our deployment is entirely on-premise. We do use a hybrid cloud, although we don't have any appliances in the cloud just yet, that is something that we're looking to do over the next five years. The primary use case is to provide the ability to silo components of our internal network. In the nature of our business, that means that we have secure enclaves within the network and we use Cisco Secure Firewall to protect those from other aspects of the network and to control access into those parts of the network.
I use it every day. It's something that's part of my daily tasks every day. I log in, look at logs, and do some firewall rule updates. We have a managed services team. I'm not part of that team, I use it for our company. I look at why things are being dropped or allowed. I'm using an older version. They got rid of EIGRP out of FlexConfig, which was nice. Now there's policy-based routing, which is something that I have to update my firewalls or my FMC so I can utilize that product. Right now I use the Cisco-recommended version of FMC which is 7.0.5.
I've deployed them in a number of different use cases. I've deployed them at the internet edge. I've used those VPN concentrators, and I've deployed them at the data center core, segmenting VLANs.
Senior Network Engineer at a comms service provider with 1-10 employees
Real User
Top 20
2023-06-15T10:25:00Z
Jun 15, 2023
We are a Cisco partner and we are currently using Cisco Firepower for our internet edge, intrusion prevention systems, and filtering. We use virtual appliances in the cloud and hardware appliances on-premises.
We are Cisco partners. We have been selling Cisco products for more than 25 years, and we are a major player in various African markets, such as Morocco and French-speaking countries in Africa. We have been offering a wide range of Cisco-branded security products. The most important ones were the ASA firewalls, and now, we have the next-generation ones, XDR, and all the applications or all hybrid security solutions offered by Cisco, including Umbrella, on-premise Identity Service Engine, and all the other third-party solutions. Our main objective is to show customers the added value of Cisco products and how they can tackle all the security issues and all the threats or the cyber security issues rising on a daily basis nowadays. Cisco Talos, for instance, is something that we propose, and we also propose all the restrictions to be up-to-date. Cisco's ecosystem is very wide in security, so we have very good use cases. In the beginning, customers used to implement ASA firewalls mainly as the network firewall in data centers, branch offices, all locations, and also in the DMZ. Nowadays, the perspective has changed, and also with the design requirement, the nature of the cloud hybrid solutions leads us to use more sophisticated tools based in the cloud, but we still cover all the security aspects from the branch office to the data centers.
System Engineer at a computer software company with 201-500 employees
Real User
Top 20
2023-04-03T12:34:00Z
Apr 3, 2023
We use Cisco IronPort, Firepower, Secure Firewall, Email, and Secure Connect. As with most products, integration could be better where needed. Sometimes, for example, the Cisco Secure Firewall and IronPort are in a class of their own. When it comes to management and logging, there's room for improvement. Most of the products aren't configured on their own, but they are related together. There should be some sort of management. We would need a supervisor to manage it before using all of the solutions together.
Engineer at a tech services company with 501-1,000 employees
Real User
Top 20
2023-04-02T13:22:00Z
Apr 2, 2023
We deploy the firewall on the customer end and the customer can facilitate the VPN for their clients. We use Cisco Umbrella to secure their network and their endpoints.
Networking Project Management Specialist at Bran for Programming and Information Technology
MSP
Top 20
2023-04-02T13:19:00Z
Apr 2, 2023
To safeguard our clients' system data and related aspects, we rely on Next-Generation Firewalls as a system integrator. In particular, we use Cisco Secure Firewall for enhanced security measures. We have provided our services to the National Information Center in Riyadh, which is a government database. They installed Cisco Secure Firewall systems and have given us positive feedback, which is why most of the areas prefer to use Cisco. To date, we have not received any negative feedback from our clients regarding any issues, such as hacking. Everything has been secure, and I hope it stays that way in the future.
Executive Vice President, Head of Global Internet Network (GIN) at NTT Security
Real User
Top 20
2023-04-02T13:16:00Z
Apr 2, 2023
We have all kinds of use cases. Our customers are large enterprises, and they need perimeter security. Zero trust, network access control, and network segmentation are quite important these days. We are a partner and reseller. We implement, and we resell. As a Cisco Secure reseller, we have all the expertise. Our customers are usually overworked and have no time to learn how to implement these things and get some expertise. That's what we bring in. We help them select the right solution, select the proper design and architecture, and implement it. They basically lack the time and expertise, and we are a trusted advisor who helps them with their issues.
Network specialist at a retailer with 10,001+ employees
Real User
Top 10
2023-04-02T13:11:00Z
Apr 2, 2023
We are currently utilizing the Cisco Secure Firewall, partially due to its historical relevance and partly because Cisco continues to maintain a prominent position in providing client VPN access. We have employed Cisco Firepower and ASA on Firepower to facilitate client VPN access and to enforce fundamental layer four security policies. We utilize security products in central locations to provide VPN access for clients throughout Europe.
We are one of our Swedish municipalities. We use this solution to support our environment and keep it safe and secure. At the moment, Cisco SecureX is just for the monitoring part. We are migrating servers from an old infrastructure to a new one. It monitors how they're behaving on the network. We have 500 sites using it. It's a mix of remote sites and connected sites. We have a lot of devices. We are a Swedish municipality, so we do everything from healthcare to taking care of the roads. We have a wide spectrum of users, so we have to supply everyone with what they need. So, we have a lot of devices in our network.
Solution Architect at a energy/utilities company with 1,001-5,000 employees
Real User
Top 20
2023-03-30T21:21:00Z
Mar 30, 2023
I'm working as a Solution Architect for an energy provider in Austria. We have approximately 1,500 people working in Austria and also in some neighboring countries. We are using Cisco Secure Firewall. We started with Cisco ASA long ago, and now, we have Cisco Firepower or Cisco Secure Firewall. We are using the product as a perimeter firewall and for remote access VPN and site-to-site VPN tunnels with other partner companies. So, the primary use case of Cisco Secure Firewall is to secure our perimeter, but it's also for the remote access VPN for employees in the home office or if they are outside the company.
One of the most important roles of Cisco Secure Firewall is as a central firewall for the internet. We use it for segmentation of the outside network, DMZ networks, inside networks, and also as an intrusion prevention system for protecting our resources from the internet. All Access Control Lists are implemented on this firewall.
Our main use case for Cisco Secure Firewall is helping clients who want to upgrade from an old firewall and move to a next-generation firewall. We also get a lot of clients who have a next-generation firewall provider, but the firewall is not up to the task. It doesn't have all the feature sets that they need, and Cisco Secure Firewall ticks those boxes.
Product Owner at a manufacturing company with 10,001+ employees
Real User
Top 20
2023-03-30T08:23:00Z
Mar 30, 2023
We use WSA proxy and Cisco Firepowers with the FMC suite and Cisco Umbrella. We mainly use WSAP for on-premises data centers to get traffic outbound to the internet. Cisco Umbrella is for our endpoints, and Cisco firewalls are to protect our perimeter but also internal choke points to secure segments on our LAN. Currently, we don't have any integrations between the three of them. They all run in isolation.
Our primary use case for Cisco Secure is through Cisco FMC, which we have automated using Cisco's Terraform provider for FMC. Our automation journey began with the Cisco ACI fabric, where we leveraged the Terraform provider for ACI. Eventually, we realized we could also automate firewalls and our HA clusters using the Terraform provider for FMC. This allowed us to create DMZ networks, specify IPS and IDS rules, and follow the infrastructure as a code concept. Our cross-common security team can review the repository in GitLab and approve it with a simple click of a button. This is the primary benefit we get from automation. Additionally, we can use the infrastructure as a code concept with the management center. Cisco FMC also has a great API, which makes it easy to integrate with our code, ACI, and other systems. Cisco Security and Cisco Firewalls have been effective in protecting our organization from external threats, such as DDoS attacks.
System Administrator at a healthcare company with 501-1,000 employees
Real User
Top 20
2023-02-15T14:23:00Z
Feb 15, 2023
The Cisco Secure Firewall is placed between the separate VLANs. It's a common and effective method of protecting VLANs against internal risks such as Checkpoints and external parameters.
We use it for data center security for both the north-south and east-west. With Firepower, you get the next-generation functionality and the next-generation firewall features. Traditionally, when you have a layer three access list, it's really tricky to get the flexibility you need to allow staff to do what they need to do with their apps without being too prescriptive with security. When Firepower comes in, you get much more flexibility and deeper security. They were mutually exclusive previously but are not so much anymore. We have, probably, 20,000 to 25,000 end users going through the firewalls. Physical locations-wise, there are four data centers in Northern Europe, and the other locations are in the public cloud, that is, Azure and AWS.
Security admin at a wholesaler/distributor with 10,001+ employees
Real User
2022-06-26T16:17:00Z
Jun 26, 2022
This solution is a next-generation firewall. We use it to inspect our traffic going through the internet edges. This solution blocks Tor nodes or botnets that try to invade the system using various methods for intrusion.
Systems Engineer at a healthcare company with 201-500 employees
Real User
2022-06-15T16:40:00Z
Jun 15, 2022
For our customers, Firepower is a classic perimeter firewall. Sometimes it's also for branch connections, but for those cases, we prefer Meraki because it's simpler. If a customer has Meraki and requires advanced security features, we will offer Firepower as a perimeter solution for them. Meraki is for SD-WAN and Firepower is for the perimeter. Firewalls are not a new technology but they have a very distinct role in an enterprise for defending the perimeter. Firepower is for organizations that have traditional infrastructures, rather than those that are heavily utilizing cloud services. For us, the clients are government agencies and ministries, and we have a lot of them as our customers in Latvia.
We primarily use it as a corporate, perimeter firewall for traffic to the internet and back, for surfing. We also have some site-to-site connections with customers.
Engineering Services Manager at a tech services company with 201-500 employees
Reseller
2021-09-14T14:27:00Z
Sep 14, 2021
It's deployed in multiple ways, depending on the use case. Generally speaking, we have them as edge firewalls, but I have some customers who use them as data center firewalls, and some customers who use them as VPN firewalls. And in some places, they're the east-west firewalls, as they would be called in a core network. We do have some that are for cloud firewalling, that we're using in Azure and AWS. But generally speaking, they're deployed as edge firewalls and on-prem.
Senior Network Security Engineer at a tech services company with 11-50 employees
Real User
2021-08-25T17:02:00Z
Aug 25, 2021
We are using it for firewall and intrusion prevention. I have deployed it into different environments: retail, commercial, law, real estate, and the public sector. Retail is the biggest environment that I have deployed this firewall into, with 43 different sensors and a range up to 10 GbE throughput. I am using up to version 7.0 across the board as well as multiple models: 1000 Series or 2100 Series.
They were placed in a company on the perimeter near the ISP. There were two clusters. One cluster was at the front, and one cluster was near the data center to filter the traffic from the users to the data center and from the data center to the users and outside.
Telindus, our company, is an integrator. We sell Firepower and we do use it ourselves. I use all the different versions of the product. We either replace our customers' other brands of firewalls with Firepower, or we upgrade their old Cisco ASA Firewalls to the new Firepower firewalls. The type of device we advise them to install depends on the customer's requirements and the throughputs needed. Our primary use case for Firepower is for big networks.
We are currently using this solution as a VPN and an internet firewall in some locations. In our data center, we are still using FortiGate as an internet firewall but we are evaluating other options.
Director of Information Technology at a government with 501-1,000 employees
Real User
2021-04-13T13:39:00Z
Apr 13, 2021
We are a large company in the country in which we operate. We are a government agency dealing with taxes and we provide services for all taxpayers within the country. We have services for internal users, as well as services for public users. The main reason we use these firewalls is to protect our environment and to provide our services efficiently so that we are up and running 24/7. Our solution is deployed in a private cloud. Everything is hosted in our environment and provided as cloud services. We are in the process of moving our infrastructure from the previous environment to the new environment where Cisco firewalls are installed. In terms of our security maturity as an organization, we are young. In fact, we are young as a country. We have been providing electronic services for more than 10 years for our clients. We have a huge number of clients, with over 120,000 users who subscribe to our system and who access our services on a daily basis or, at a minimum, three to four times per year. We use a few tools for security in terms of management, both internal and external, but we are mainly relying on Cisco. Our network is based on Cisco, and we also protect our mail system with Cisco. Previously, and in parallel, we used Sophos next-generation firewalls.
The primary use case is mainly around perimeter security at the HQ and the branch. This will include using the Next-Generation Intrusion Prevention System (NGIPS), using advanced malware protection for networks on the firewall, and remote access VPN as well as site-to-site VPN. I work for a Cisco partner and managed service provider. We have a number of customers. Typically, the standard setup that we have is a Firepower Management Center Virtual, running in VMware, with physical FTD appliances (as the firewalls) on-premises. We work with more mid-size organizations who typically have email security, web security, endpoint security, and perimeter security. In terms of products, that would be: * Cisco Umbrella * Cisco Cloud Email Security * Cisco Secure Endpoint * Firepower, for the perimeter. That would be a typical technology mix. Sometimes, some customers will consume something like Duo Security for multi-factor authentication. We are primarily running ASA Firewalls with the FTD image. We are also running some Firepower 1000 Series.
IT Security Director at Athletic & Therapeutic Institute of Naperville, LLC
Real User
Top 20
2021-02-09T01:25:00Z
Feb 9, 2021
It is for defense, protecting workloads from a distributed type of an environment. On-premises, we are hosting several different distributed user session type environments. In our case, it is remote desktop services, which enable users to go out and browse the Internet, in some cases to do legitimate services, and in other cases, it is more of a personal browsing session. In this case, the primary purpose is to protect those user sessions when they are accessing the Internet. The secondary use case is to protect these services and applications from inbound threats, e.g., Internet scanning, Internet exploit attempts, any sort of attack, reconnaissance, or anything of that nature coming from the public Internet. Firepower is an add-on to Cisco ASAs that enables intrusion prevention detection and some additional advanced functionalities. We have both. We have two on-premise data centers where Firepower is deployed.
Networking Specialist at a healthcare company with 1,001-5,000 employees
Real User
2021-02-02T22:07:00Z
Feb 2, 2021
We use it to configure the perimeter firewalls. In FireSIGHT, we have two firewalls in a cluster with high ability, then we have five firewalls in Offices. We use those firewalls as a perimeter for Offices. We have all the devices in the Firepower Management Center system. We always work with Firepower devices in Firepower Management Center. We have offices around the world. We are in Europe, the USA, and South America.
We helped a customer to configure a new data center network. We provided the core firewalling. Between virtual routing instances, or virtual networks, we had two Firepower 2130s in HA. We did the routing and firewalling between the VRS and, in the same data center, we have an internet edge firewall also set in HA that provided the routing and firewalling to the internet and to Azure. In the same data center we had two ASAs for out-of-band management. If an error occurred in the data center, we could VPN into the ASA and troubleshoot the routing issues in the data center.
Senior Network And Security Engineer at a pharma/biotech company with 201-500 employees
Real User
2021-02-01T15:40:00Z
Feb 1, 2021
We use it for the actual firewall and also site-to-site VPN. Our company is always growing. Every day's a new day and there is always something new to learn. We are a mature organization, but we can never sit still. We have two company locations and we use Cisco Firepower as our main firewall at both locations. Overall, for security, we use about seven tools. Within our company, there are just two people that maintain this solution. Myself and the IT manager. I'm the network administrator.
We use the platform to provide secure perimeter internet access for customers and also to provide secure networks or secure SANs for customers. We have a global partnership with Cisco and I'm a re-sales and security manager of IT services.
System Administrator at a non-profit with 1-10 employees
Real User
2021-01-07T20:30:30Z
Jan 7, 2021
We use the solution to monitor the connections as part of our parameter protection for our network. We restrict what kind of traffic comes in and out, we use it basically for traffic management.
Administrator at a university with 1,001-5,000 employees
Real User
2020-12-19T23:58:40Z
Dec 19, 2020
Cisco Firepower NGFW Firewall has a lot of environment to use for your network to see what kind of critical threats are coming or going. I use it to find out what this threat is and then formulate a strategy for it. I use it a lot on my simple network to see how it works, inspect the network traffic, and so on.
Lead Network Engineer at a government with 1,001-5,000 employees
Real User
2020-11-27T17:49:41Z
Nov 27, 2020
The way we've installed Firepower was for the migration process. For example, there was a data center consolidation, and therefore we had to move everything. We offer data center products to our customers across VPN funnels. We had to move away from older ASAs, so it's a lift and shift. We move older ASAs, which were dispersed in many sites, and we consolidated a couple of services in a single site. Firepower was left there in place. I came in and I took over the administration duties, and now I'm trying to put everything together in a way that it makes sense. With Firepower, they have better hardware. It's fitted for more throughput, more load. I'm trying to centralize service delivery on this high-availability pair and move all the remote access to Firepower. Then, it's all part of a transition process from a hybrid cloud to a full cloud deployment on a cloud provider. It's mostly just a necessary pain, until we move away from our on-prem deployments. Currently, I'm working with Azure, etc. and I try to look at the main design of the whole process, even though it's going to take two years. COVID has also made everything very, very slow for us as we try to move away from our initial plan.
Security Consultant at a tech services company with 51-200 employees
Real User
2020-11-20T12:21:55Z
Nov 20, 2020
We are a service provider and we work on a variety of different projects for many customers. We do not use this product ourselves. Rather, we deploy it for different customers. The primary use case is to protect the organization from unauthorized use.
Solution Architect at a tech services company with 11-50 employees
Real User
2020-11-12T17:12:29Z
Nov 12, 2020
We are a solution provider and Cisco NGFW is one of the products that we implement for our clients. My clients use it for internet access within the enterprise.
Chief Technology Officer at Future Point Technologies
Reseller
Top 5
2020-11-10T15:08:05Z
Nov 10, 2020
Our primary use case is as a data center firewall for internet firewalls and also as a VPN concentrator. I'm the chief technology officer and we are partners of Cisco.
My primary use case with Cisco Firepower NGFW is implementing, configuring, maintaining, and troubleshooting lab and customer devices in both lab and production environments. Using best practices for configuration, as well as fine-tuning intrusion policies and utilizing as many of the features that the firewall has to offer, which are feasible in said environment. Overall, I am confident to say that I have worked with every flavor of Cisco Firepower NGFW, be it their older IPS-only sensors, ASA with Firepower services, as well as the FTD sensor itself.
Senior Solution Architect at a tech services company with 51-200 employees
Real User
2020-05-25T08:21:00Z
May 25, 2020
I use Firepower for all kind of customers; healthcare, government, banks etc. All all of them have different use cases and requirements. In most cases, I would mostly end up with enterprises or government organizations. If you are already have all Cisco gears, I would suggest to consider it as it will allow you to have a more integrated approach toward other network components.
I protect my two servers with the help of Firepower. Both servers are connected to the Firepower and I monitor the traffic to both servers with it. I block traffic from all countries except the USA, for security purposes.
We have an offshore development center with around 1,400 users (in one location) where we have deployed this firewall. The maturity of our organization’s security implementation is a four out of five (with five being high). We do have NOC and SOC environments along with in-built access to our systems. We use Acunetix as one of our major tools. We do have some open source. There are a couple of networks where we are using the Tenable tool. We have implemented an SIEM along with a Kaspersky at the cloud level. In the Cisco firewall, we installed Kaspersky in the firewall logs which upload to Kaspersky for us to review back.
Our primary use case for this solution is to improve network security. The maturity of our company's security implementation depends on our clients. Some of our clients really need a lot of work but some of them are advantaged. We are major implementors for Cisco. We implement it for our clients and we also use it internally. Our security maturity is advanced. We have been in IT business for over 75 years. We have major netowrk firewall experts in the company, so we know what to do. Our company uses more than thirty security tools. Ideally, we would use an end to end unified tool. But network security is far from that so we need to use multiple tools.
Currently, we have 16 remote sites. Some of them are sales offices and some of them are industrial plants. And we have a centralized IT department here in Brazil. The business asked me to support those remote sites. We started using the Firepower Threat Defense, which is one of the versions of next-gen firewalls from Cisco, at some of the sites. We have them operating at five sites, and we are deploying at a sixth site, in Mexico, with the same architecture. That architecture has the firewall running on the site's router, and we manage them all from here in Brazil.
Senior Network Engineer at a consultancy with 1,001-5,000 employees
Real User
2019-10-15T05:02:00Z
Oct 15, 2019
The primary use case of for Cisco firewalls is to segment our network. We're using them on the perimeter network for traffic filtering. Since deploying them, we have seen a maturing of the security in our organization. We're using both the FTD 2100 and 4100. We have about 40 sites that are using our approximately 80 FTDs. We have about 2,000 users.
Our primary use cases for FTD are IPS, intrusion detection, and to get visibility into the network and the traffic that is going on in some sites. We always have them in-line, meaning that they're between two networking connections, and we analyze the traffic for the purposes of internal detection. In production, from the FTD line, we mostly have 2110s and 2130s because we have a lot of small sites, and we are starting to put in some 4110s. We only have FirePOWER here, but we don't use them most of the time as next-gen firewalls but more as an IPS. Everything is on-premises. We don't use public clouds for security reasons.
Network Administration Lead at Forest County Potawatomi Community
Real User
2019-09-27T04:38:00Z
Sep 27, 2019
We use them in multiple places on our network. We use them on the edge of our network, in more of the traditional sense for inbound and outbound filtering. We also use them as a center of our network between all of our users and servers, so that all user traffic going through our servers is IPS and IDS as well. We have multiple Cisco 5000 Series firewalls and we also have a 4110 Series firewall, all running the FireSIGHT threat detection image. We keep that up to date within three months. If a new release comes out within three months, we're updating. The software deployment is on-prem.
We are a reseller and system integrator, and this is one of the solutions that we provide for our end users. We have experience with many firewall products from different vendors. The specific use case depends on the customer and their environment. They design the firewalls, and we supply the appropriate equipment. The majority of deployments are on private networks.
Architect - Cloud Serviced at a comms service provider with 10,001+ employees
Real User
Top 20
2019-05-13T08:56:00Z
May 13, 2019
Our primary use case is whatever is best for our customer. I'm the service provider. The customer's main purpose is to use the malware services protection and the firewall itself, as well as the application awareness feature.
Cisco has a new general firewall: the Firepower NGFW. If you take a look at the Cisco Firepower product line, they have three models available: * A low-scale model: the 2000 series * A high-end model: the 4000 series * The carrier-grade model: the 9000 series We have already used the 4000 and 2000 series over here. We've been using this solution in Bangladesh for some customers over the last eight months. We've been using FPR 2110, 2120, 2130, & 2140. We also employ the FPR 4130 and 4140. We have been using this equipment on our last few projects. We used it as a transfer and for firewalling. The most recent one we are using for firewall support as well.
Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of...
Cisco Secure Firewall is a next-generation firewall that can be used for various security applications.
Our use for Cisco Secure is for the firewall.
I use the solution in my company for some internal testing purposes, so I don't use it in a real environment. I use it in my dummy lab environment.
We had implemented our Cisco API and Cisco Stealthwatch. We use the Cisco Secure Firewall for easy integration that can collaborate with all these Cisco solutions. My operations will also have less maintenance and the same existing team.
My company uses Cisco Secure Firewall for its protection and security features.
I'm a Cybersecurity Designer working for a financial services company in London, England with about 4,500 employees. We've been using Cisco Secure Firewall for about a decade now. Currently, our deployment is entirely on-premise. We do use a hybrid cloud, although we don't have any appliances in the cloud just yet, that is something that we're looking to do over the next five years. The primary use case is to provide the ability to silo components of our internal network. In the nature of our business, that means that we have secure enclaves within the network and we use Cisco Secure Firewall to protect those from other aspects of the network and to control access into those parts of the network.
I use it every day. It's something that's part of my daily tasks every day. I log in, look at logs, and do some firewall rule updates. We have a managed services team. I'm not part of that team, I use it for our company. I look at why things are being dropped or allowed. I'm using an older version. They got rid of EIGRP out of FlexConfig, which was nice. Now there's policy-based routing, which is something that I have to update my firewalls or my FMC so I can utilize that product. Right now I use the Cisco-recommended version of FMC which is 7.0.5.
I've deployed them in a number of different use cases. I've deployed them at the internet edge. I've used those VPN concentrators, and I've deployed them at the data center core, segmenting VLANs.
I'm a design consultant. We primarily use the product to secure various client networks, major infrastructure, highways, and urban surveillance.
We use Cisco Secure Firewall for remote VPN.
We are a Cisco partner and we are currently using Cisco Firepower for our internet edge, intrusion prevention systems, and filtering. We use virtual appliances in the cloud and hardware appliances on-premises.
We are Cisco partners. We have been selling Cisco products for more than 25 years, and we are a major player in various African markets, such as Morocco and French-speaking countries in Africa. We have been offering a wide range of Cisco-branded security products. The most important ones were the ASA firewalls, and now, we have the next-generation ones, XDR, and all the applications or all hybrid security solutions offered by Cisco, including Umbrella, on-premise Identity Service Engine, and all the other third-party solutions. Our main objective is to show customers the added value of Cisco products and how they can tackle all the security issues and all the threats or the cyber security issues rising on a daily basis nowadays. Cisco Talos, for instance, is something that we propose, and we also propose all the restrictions to be up-to-date. Cisco's ecosystem is very wide in security, so we have very good use cases. In the beginning, customers used to implement ASA firewalls mainly as the network firewall in data centers, branch offices, all locations, and also in the DMZ. Nowadays, the perspective has changed, and also with the design requirement, the nature of the cloud hybrid solutions leads us to use more sophisticated tools based in the cloud, but we still cover all the security aspects from the branch office to the data centers.
We use the solution to secure our external software application and user access through different ports.
We use Cisco IronPort, Firepower, Secure Firewall, Email, and Secure Connect. As with most products, integration could be better where needed. Sometimes, for example, the Cisco Secure Firewall and IronPort are in a class of their own. When it comes to management and logging, there's room for improvement. Most of the products aren't configured on their own, but they are related together. There should be some sort of management. We would need a supervisor to manage it before using all of the solutions together.
We deploy the firewall on the customer end and the customer can facilitate the VPN for their clients. We use Cisco Umbrella to secure their network and their endpoints.
To safeguard our clients' system data and related aspects, we rely on Next-Generation Firewalls as a system integrator. In particular, we use Cisco Secure Firewall for enhanced security measures. We have provided our services to the National Information Center in Riyadh, which is a government database. They installed Cisco Secure Firewall systems and have given us positive feedback, which is why most of the areas prefer to use Cisco. To date, we have not received any negative feedback from our clients regarding any issues, such as hacking. Everything has been secure, and I hope it stays that way in the future.
We use them for some of our border firewalls in our data centers and also as our VPN concentrator.
We have all kinds of use cases. Our customers are large enterprises, and they need perimeter security. Zero trust, network access control, and network segmentation are quite important these days. We are a partner and reseller. We implement, and we resell. As a Cisco Secure reseller, we have all the expertise. Our customers are usually overworked and have no time to learn how to implement these things and get some expertise. That's what we bring in. We help them select the right solution, select the proper design and architecture, and implement it. They basically lack the time and expertise, and we are a trusted advisor who helps them with their issues.
We are currently utilizing the Cisco Secure Firewall, partially due to its historical relevance and partly because Cisco continues to maintain a prominent position in providing client VPN access. We have employed Cisco Firepower and ASA on Firepower to facilitate client VPN access and to enforce fundamental layer four security policies. We utilize security products in central locations to provide VPN access for clients throughout Europe.
We are one of our Swedish municipalities. We use this solution to support our environment and keep it safe and secure. At the moment, Cisco SecureX is just for the monitoring part. We are migrating servers from an old infrastructure to a new one. It monitors how they're behaving on the network. We have 500 sites using it. It's a mix of remote sites and connected sites. We have a lot of devices. We are a Swedish municipality, so we do everything from healthcare to taking care of the roads. We have a wide spectrum of users, so we have to supply everyone with what they need. So, we have a lot of devices in our network.
I'm working as a Solution Architect for an energy provider in Austria. We have approximately 1,500 people working in Austria and also in some neighboring countries. We are using Cisco Secure Firewall. We started with Cisco ASA long ago, and now, we have Cisco Firepower or Cisco Secure Firewall. We are using the product as a perimeter firewall and for remote access VPN and site-to-site VPN tunnels with other partner companies. So, the primary use case of Cisco Secure Firewall is to secure our perimeter, but it's also for the remote access VPN for employees in the home office or if they are outside the company.
One of the most important roles of Cisco Secure Firewall is as a central firewall for the internet. We use it for segmentation of the outside network, DMZ networks, inside networks, and also as an intrusion prevention system for protecting our resources from the internet. All Access Control Lists are implemented on this firewall.
Our main use case for Cisco Secure Firewall is helping clients who want to upgrade from an old firewall and move to a next-generation firewall. We also get a lot of clients who have a next-generation firewall provider, but the firewall is not up to the task. It doesn't have all the feature sets that they need, and Cisco Secure Firewall ticks those boxes.
We use WSA proxy and Cisco Firepowers with the FMC suite and Cisco Umbrella. We mainly use WSAP for on-premises data centers to get traffic outbound to the internet. Cisco Umbrella is for our endpoints, and Cisco firewalls are to protect our perimeter but also internal choke points to secure segments on our LAN. Currently, we don't have any integrations between the three of them. They all run in isolation.
Our primary use case for Cisco Secure is through Cisco FMC, which we have automated using Cisco's Terraform provider for FMC. Our automation journey began with the Cisco ACI fabric, where we leveraged the Terraform provider for ACI. Eventually, we realized we could also automate firewalls and our HA clusters using the Terraform provider for FMC. This allowed us to create DMZ networks, specify IPS and IDS rules, and follow the infrastructure as a code concept. Our cross-common security team can review the repository in GitLab and approve it with a simple click of a button. This is the primary benefit we get from automation. Additionally, we can use the infrastructure as a code concept with the management center. Cisco FMC also has a great API, which makes it easy to integrate with our code, ACI, and other systems. Cisco Security and Cisco Firewalls have been effective in protecting our organization from external threats, such as DDoS attacks.
The Cisco Secure Firewall is placed between the separate VLANs. It's a common and effective method of protecting VLANs against internal risks such as Checkpoints and external parameters.
For customers and ease of remote solutions for VPN support.
This is an SSL that can decrypt and encrypt SSL traffic.
We use it for data center security for both the north-south and east-west. With Firepower, you get the next-generation functionality and the next-generation firewall features. Traditionally, when you have a layer three access list, it's really tricky to get the flexibility you need to allow staff to do what they need to do with their apps without being too prescriptive with security. When Firepower comes in, you get much more flexibility and deeper security. They were mutually exclusive previously but are not so much anymore. We have, probably, 20,000 to 25,000 end users going through the firewalls. Physical locations-wise, there are four data centers in Northern Europe, and the other locations are in the public cloud, that is, Azure and AWS.
This solution is a next-generation firewall. We use it to inspect our traffic going through the internet edges. This solution blocks Tor nodes or botnets that try to invade the system using various methods for intrusion.
For our customers, Firepower is a classic perimeter firewall. Sometimes it's also for branch connections, but for those cases, we prefer Meraki because it's simpler. If a customer has Meraki and requires advanced security features, we will offer Firepower as a perimeter solution for them. Meraki is for SD-WAN and Firepower is for the perimeter. Firewalls are not a new technology but they have a very distinct role in an enterprise for defending the perimeter. Firepower is for organizations that have traditional infrastructures, rather than those that are heavily utilizing cloud services. For us, the clients are government agencies and ministries, and we have a lot of them as our customers in Latvia.
We use it for our data center. We have clusters of the solution to protect the equipment in our data center. We also use it for site-to-site VPN hubs.
We primarily use it as a corporate, perimeter firewall for traffic to the internet and back, for surfing. We also have some site-to-site connections with customers.
It is the primary data firewall for our organization and our data centers.
It's deployed in multiple ways, depending on the use case. Generally speaking, we have them as edge firewalls, but I have some customers who use them as data center firewalls, and some customers who use them as VPN firewalls. And in some places, they're the east-west firewalls, as they would be called in a core network. We do have some that are for cloud firewalling, that we're using in Azure and AWS. But generally speaking, they're deployed as edge firewalls and on-prem.
We are using it for firewall and intrusion prevention. I have deployed it into different environments: retail, commercial, law, real estate, and the public sector. Retail is the biggest environment that I have deployed this firewall into, with 43 different sensors and a range up to 10 GbE throughput. I am using up to version 7.0 across the board as well as multiple models: 1000 Series or 2100 Series.
They were placed in a company on the perimeter near the ISP. There were two clusters. One cluster was at the front, and one cluster was near the data center to filter the traffic from the users to the data center and from the data center to the users and outside.
Telindus, our company, is an integrator. We sell Firepower and we do use it ourselves. I use all the different versions of the product. We either replace our customers' other brands of firewalls with Firepower, or we upgrade their old Cisco ASA Firewalls to the new Firepower firewalls. The type of device we advise them to install depends on the customer's requirements and the throughputs needed. Our primary use case for Firepower is for big networks.
We are currently using this solution as a VPN and an internet firewall in some locations. In our data center, we are still using FortiGate as an internet firewall but we are evaluating other options.
We primarily use this firewall for IPS, IAM, threat defense, and NAT. I am from the networking department.
We are a large company in the country in which we operate. We are a government agency dealing with taxes and we provide services for all taxpayers within the country. We have services for internal users, as well as services for public users. The main reason we use these firewalls is to protect our environment and to provide our services efficiently so that we are up and running 24/7. Our solution is deployed in a private cloud. Everything is hosted in our environment and provided as cloud services. We are in the process of moving our infrastructure from the previous environment to the new environment where Cisco firewalls are installed. In terms of our security maturity as an organization, we are young. In fact, we are young as a country. We have been providing electronic services for more than 10 years for our clients. We have a huge number of clients, with over 120,000 users who subscribe to our system and who access our services on a daily basis or, at a minimum, three to four times per year. We use a few tools for security in terms of management, both internal and external, but we are mainly relying on Cisco. Our network is based on Cisco, and we also protect our mail system with Cisco. Previously, and in parallel, we used Sophos next-generation firewalls.
The primary use case is mainly around perimeter security at the HQ and the branch. This will include using the Next-Generation Intrusion Prevention System (NGIPS), using advanced malware protection for networks on the firewall, and remote access VPN as well as site-to-site VPN. I work for a Cisco partner and managed service provider. We have a number of customers. Typically, the standard setup that we have is a Firepower Management Center Virtual, running in VMware, with physical FTD appliances (as the firewalls) on-premises. We work with more mid-size organizations who typically have email security, web security, endpoint security, and perimeter security. In terms of products, that would be: * Cisco Umbrella * Cisco Cloud Email Security * Cisco Secure Endpoint * Firepower, for the perimeter. That would be a typical technology mix. Sometimes, some customers will consume something like Duo Security for multi-factor authentication. We are primarily running ASA Firewalls with the FTD image. We are also running some Firepower 1000 Series.
It is for defense, protecting workloads from a distributed type of an environment. On-premises, we are hosting several different distributed user session type environments. In our case, it is remote desktop services, which enable users to go out and browse the Internet, in some cases to do legitimate services, and in other cases, it is more of a personal browsing session. In this case, the primary purpose is to protect those user sessions when they are accessing the Internet. The secondary use case is to protect these services and applications from inbound threats, e.g., Internet scanning, Internet exploit attempts, any sort of attack, reconnaissance, or anything of that nature coming from the public Internet. Firepower is an add-on to Cisco ASAs that enables intrusion prevention detection and some additional advanced functionalities. We have both. We have two on-premise data centers where Firepower is deployed.
We use it to configure the perimeter firewalls. In FireSIGHT, we have two firewalls in a cluster with high ability, then we have five firewalls in Offices. We use those firewalls as a perimeter for Offices. We have all the devices in the Firepower Management Center system. We always work with Firepower devices in Firepower Management Center. We have offices around the world. We are in Europe, the USA, and South America.
We helped a customer to configure a new data center network. We provided the core firewalling. Between virtual routing instances, or virtual networks, we had two Firepower 2130s in HA. We did the routing and firewalling between the VRS and, in the same data center, we have an internet edge firewall also set in HA that provided the routing and firewalling to the internet and to Azure. In the same data center we had two ASAs for out-of-band management. If an error occurred in the data center, we could VPN into the ASA and troubleshoot the routing issues in the data center.
We use it for the actual firewall and also site-to-site VPN. Our company is always growing. Every day's a new day and there is always something new to learn. We are a mature organization, but we can never sit still. We have two company locations and we use Cisco Firepower as our main firewall at both locations. Overall, for security, we use about seven tools. Within our company, there are just two people that maintain this solution. Myself and the IT manager. I'm the network administrator.
I often work with financial sector companies such as banks as well as retail organizations.
We are using the solution for airports.
We use this solution for our firewall and intrusion prevention system.
We use the platform to provide secure perimeter internet access for customers and also to provide secure networks or secure SANs for customers. We have a global partnership with Cisco and I'm a re-sales and security manager of IT services.
This is a product that is used at the infrastructure level to protect the network from outside traffic.
We use the solution to monitor the connections as part of our parameter protection for our network. We restrict what kind of traffic comes in and out, we use it basically for traffic management.
Cisco Firepower NGFW Firewall has a lot of environment to use for your network to see what kind of critical threats are coming or going. I use it to find out what this threat is and then formulate a strategy for it. I use it a lot on my simple network to see how it works, inspect the network traffic, and so on.
The way we've installed Firepower was for the migration process. For example, there was a data center consolidation, and therefore we had to move everything. We offer data center products to our customers across VPN funnels. We had to move away from older ASAs, so it's a lift and shift. We move older ASAs, which were dispersed in many sites, and we consolidated a couple of services in a single site. Firepower was left there in place. I came in and I took over the administration duties, and now I'm trying to put everything together in a way that it makes sense. With Firepower, they have better hardware. It's fitted for more throughput, more load. I'm trying to centralize service delivery on this high-availability pair and move all the remote access to Firepower. Then, it's all part of a transition process from a hybrid cloud to a full cloud deployment on a cloud provider. It's mostly just a necessary pain, until we move away from our on-prem deployments. Currently, I'm working with Azure, etc. and I try to look at the main design of the whole process, even though it's going to take two years. COVID has also made everything very, very slow for us as we try to move away from our initial plan.
I am a pre-sales engineer, and I do comparisons based on my customer's requests.
We are a service provider and we work on a variety of different projects for many customers. We do not use this product ourselves. Rather, we deploy it for different customers. The primary use case is to protect the organization from unauthorized use.
The solution is primarily used for protecting the environment, or the cloud environments for our customers.
We are a solution provider and Cisco NGFW is one of the products that we implement for our clients. My clients use it for internet access within the enterprise.
I use it to protect my DMZ from external attacks.
Our primary use case is as a data center firewall for internet firewalls and also as a VPN concentrator. I'm the chief technology officer and we are partners of Cisco.
My primary use case with Cisco Firepower NGFW is implementing, configuring, maintaining, and troubleshooting lab and customer devices in both lab and production environments. Using best practices for configuration, as well as fine-tuning intrusion policies and utilizing as many of the features that the firewall has to offer, which are feasible in said environment. Overall, I am confident to say that I have worked with every flavor of Cisco Firepower NGFW, be it their older IPS-only sensors, ASA with Firepower services, as well as the FTD sensor itself.
I use Firepower for all kind of customers; healthcare, government, banks etc. All all of them have different use cases and requirements. In most cases, I would mostly end up with enterprises or government organizations. If you are already have all Cisco gears, I would suggest to consider it as it will allow you to have a more integrated approach toward other network components.
I protect my two servers with the help of Firepower. Both servers are connected to the Firepower and I monitor the traffic to both servers with it. I block traffic from all countries except the USA, for security purposes.
We have an offshore development center with around 1,400 users (in one location) where we have deployed this firewall. The maturity of our organization’s security implementation is a four out of five (with five being high). We do have NOC and SOC environments along with in-built access to our systems. We use Acunetix as one of our major tools. We do have some open source. There are a couple of networks where we are using the Tenable tool. We have implemented an SIEM along with a Kaspersky at the cloud level. In the Cisco firewall, we installed Kaspersky in the firewall logs which upload to Kaspersky for us to review back.
Our primary use case for this solution is to improve network security. The maturity of our company's security implementation depends on our clients. Some of our clients really need a lot of work but some of them are advantaged. We are major implementors for Cisco. We implement it for our clients and we also use it internally. Our security maturity is advanced. We have been in IT business for over 75 years. We have major netowrk firewall experts in the company, so we know what to do. Our company uses more than thirty security tools. Ideally, we would use an end to end unified tool. But network security is far from that so we need to use multiple tools.
These are our primary edge firewalls at two data centers.
Currently, we have 16 remote sites. Some of them are sales offices and some of them are industrial plants. And we have a centralized IT department here in Brazil. The business asked me to support those remote sites. We started using the Firepower Threat Defense, which is one of the versions of next-gen firewalls from Cisco, at some of the sites. We have them operating at five sites, and we are deploying at a sixth site, in Mexico, with the same architecture. That architecture has the firewall running on the site's router, and we manage them all from here in Brazil.
The primary use case of for Cisco firewalls is to segment our network. We're using them on the perimeter network for traffic filtering. Since deploying them, we have seen a maturing of the security in our organization. We're using both the FTD 2100 and 4100. We have about 40 sites that are using our approximately 80 FTDs. We have about 2,000 users.
Our primary use cases for FTD are IPS, intrusion detection, and to get visibility into the network and the traffic that is going on in some sites. We always have them in-line, meaning that they're between two networking connections, and we analyze the traffic for the purposes of internal detection. In production, from the FTD line, we mostly have 2110s and 2130s because we have a lot of small sites, and we are starting to put in some 4110s. We only have FirePOWER here, but we don't use them most of the time as next-gen firewalls but more as an IPS. Everything is on-premises. We don't use public clouds for security reasons.
We use them in multiple places on our network. We use them on the edge of our network, in more of the traditional sense for inbound and outbound filtering. We also use them as a center of our network between all of our users and servers, so that all user traffic going through our servers is IPS and IDS as well. We have multiple Cisco 5000 Series firewalls and we also have a 4110 Series firewall, all running the FireSIGHT threat detection image. We keep that up to date within three months. If a new release comes out within three months, we're updating. The software deployment is on-prem.
We are a reseller and system integrator, and this is one of the solutions that we provide for our end users. We have experience with many firewall products from different vendors. The specific use case depends on the customer and their environment. They design the firewalls, and we supply the appropriate equipment. The majority of deployments are on private networks.
Our primary use case is whatever is best for our customer. I'm the service provider. The customer's main purpose is to use the malware services protection and the firewall itself, as well as the application awareness feature.
Cisco has a new general firewall: the Firepower NGFW. If you take a look at the Cisco Firepower product line, they have three models available: * A low-scale model: the 2000 series * A high-end model: the 4000 series * The carrier-grade model: the 9000 series We have already used the 4000 and 2000 series over here. We've been using this solution in Bangladesh for some customers over the last eight months. We've been using FPR 2110, 2120, 2130, & 2140. We also employ the FPR 4130 and 4140. We have been using this equipment on our last few projects. We used it as a transfer and for firewalling. The most recent one we are using for firewall support as well.