IT Central Station is now PeerSpot: Here's why
Phosika Sithisane - PeerSpot reviewer
Executive Director at ict training and development center
Real User
Top 20
Good at blocking threats and pretty reliable but needs a better user interface such as web interface for easier create policy
Pros and Cons
  • "It's pretty reliable and allows for isolation capabilities within the network."
  • "The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use."

What is our primary use case?

We primarily use the solution for basic firewall configurations such as NAT, FORWARD PORT and Block TCP-UDP Port.

   

How has it helped my organization?

My company is very small just built last year, i now am using cisco asa 5510 for NAT and Port Forward and limit users access directly from internet only via Remote-VPN.

What is most valuable?

The ability to block threats is its most valuable aspect.

Most clients in Laos use the basic setup, which works quite well. It ensures that nothing can get onto the local network.

It's pretty reliable and allows for isolation capabilities within the network.

The ADSM is very good.

I like that I can use the command line. I use a lot of Cisco and often work with this. If you are comfortable with the command line, it's quite good.

What needs improvement?

The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use.

Cisco does not have a lot of web management. We have to use ASTM server management to make up for it.

Buyer's Guide
Cisco ASA Firewall
August 2022
Learn what your peers think about Cisco ASA Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
620,319 professionals have used our research since 2012.

For how long have I used the solution?

I've been using the solution, give or take, for around five years at this point.

What do I think about the scalability of the solution?


How are customer service and support?

When we need assistance from technical support, we typically deal with the team in China. They've been very good. Whenever I have a problem, they can resolve it. They are knowledgeable and responsive. We're satisfied with the level of support we get.

Which solution did I use previously and why did I switch?

We typically offer clients a few different solutions. For example, we may recommend Fortinet.

How was the initial setup?

For a new user, the initial setup may be a bit difficult. For me, since I am comfortable with Cisco, it's pretty straightforward. A new connection has its own complexities. It may be a different thing on Java SDK. There may be some programs that may not be able to access it.

What's my experience with pricing, setup cost, and licensing?

In Laos, clients don't have much wiggle room when it comes to cost. The economy right now isn't very good. Most just choose the basic solution in order to avoid pricey licensing fees.

Which other solutions did I evaluate?

subscription payment  

What other advice do I have?

We're just customers. We use it in our office and suggest it to clients. However, we don't have a business relationship with Cisco.

We try to adhere to our client's needs, and therefore, if they specify hardware they want to use, like Fortinet, we tend to accommodate them.

That said, if they ask my opinion, I usually recommend Cisco ASA.

I know a lot about the product and I'm good at controlling everything. I have a lot of knowledge and understanding after working with it so closely. That's why I tend to favor it when my customers ask for advice.

Overall, I would rate the solution seven out of ten. If the user interface were a bit better, I'd rate it higher.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Suebsak Komjezsda - PeerSpot reviewer
Senior MIS Manager at a tech company with 201-500 employees
Real User
Top 20
Stable with great security and good scalability
Pros and Cons
  • "The solution is excellent for enterprise-level networks."
  • "If the implementation was easier, it would be a lot better for us."

What is our primary use case?

We tend to use the solution as it's forced on us by corporate. Our company wants us to use it.

What is most valuable?

The solution is stable. We haven't had any issues in that sense.

The security of the hardware is excellent. Cisco is very serious in its approach to security.

We have a high level of trust in Cisco and its products.

The solution is excellent for enterprise-level networks.

What needs improvement?

The solution is difficult to use. There's more required than a typical firewall. It's different than, for example, Palo Alto and Fortinet, which we find are easier to set up. 

If the implementation was easier, it would be a lot better for us.

It would be such a great product for us if it was easier to manage.

For how long have I used the solution?

I've been working with the solution for more than ten years. It's been a long time. It's been over a decade at this point.

What do I think about the stability of the solution?

The solution is quite stable. We have no problems with bugs or glitches. It doesn't crash or freeze. It's good.

What do I think about the scalability of the solution?

We've found the solution to be scalable. A company shouldn't have any issues with expanding it if it needs to.

We have about 300 users on the solution currently. We do plan to continue to use Cisco in the future.

How are customer service and technical support?

We use third-party technical support that's offered and we're quite satisfied with the level of attention we receive.

Which solution did I use previously and why did I switch?

I have knowledge of Palo Alto and Fortinet.

While those two are easier to set up and control, nothing compares to Cisco in terms of security. They're very strong in that regard. We also find Cisco to be more stable.

However, we only use Cisco firewalls in our organization. We don't use anything else.

How was the initial setup?

The implementation is not so straightforward. It's rather complex and we have a lot of trouble with it.

The implementation took us about one month.

We plan to implement an updated version next month as well.

We need three to eight people to handle the setup.

What about the implementation team?

I did not handle the implementation by myself. Rather, it's done by another team including the original support from Singapore and with license support from headquarters in Japan.

However, our team does handle the implementation in-house, and we can handle the setup for clients as well.

What's my experience with pricing, setup cost, and licensing?

We do need to purchase licenses. Those come from headquarters in Japan. They handle the details in terms of pricing. I'm not sure of the overall costs.

What other advice do I have?

We're both a customer of Cisco and a reseller.

This month we plan to upgrade from our existing hardware.

Overall, we've been happy with the results we've gotten. I would rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco ASA Firewall
August 2022
Learn what your peers think about Cisco ASA Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
620,319 professionals have used our research since 2012.
Network engineer at a government with 10,001+ employees
Real User
Keeps the outsiders on the outside and enables us to monitor content going out
Pros and Cons
  • "The ASDM (Adaptive Security Device Manager) which is the graphical user interface, works out, and Cisco keeps it current."
  • "Cisco still has a lot of work to do. You can convert an ASA over to a Firepower, but the competitors, like Palo Alto and Juniper, are coming in. And believe it or not, they are a little bit more intuitive. Cisco has a little bit more work to do. They're playing catch up."

What is our primary use case?

We use it for content management and filtering. We wanted to separate DMZ traffic from normal customer traffic. We were also looking to set up portals for outside interests that needed to come in. We have our firewall set up for VPN and, with COVID breaking out, that became more important. We also use it for remote access control.

How has it helped my organization?

It improved our security. It keeps the outsiders on the outside and enables us to monitor the content that's going out from within the organization.

What is most valuable?

The ASDM (Adaptive Security Device Manager) which is the graphical user interface, works out, and Cisco keeps it current.

What needs improvement?

Cisco still has a lot of work to do. You can convert an ASA over to a Firepower, but the competitors, like Palo Alto and Juniper, are coming in. And believe it or not, they are a little bit more intuitive. Cisco has a little bit more work to do. They're playing catch up.

There is also content filtering. The bad actors are so smart nowadays, that they can masquerade as the data for a given port, and they can actually transfer data through that port. The only thing that the older firewalls know about is the port. They can't read the data going across it. That's where content filtering comes in, like Palo Alto has, with next-generation firewalls.

For how long have I used the solution?

I have been using Cisco ASA Firewalls from the beginning, when they moved over from the PIX.

What do I think about the stability of the solution?

They're pretty reliable. Even from a hardware perspective, we haven't lost any power supplies or the like. An ASA works until we remove it. The maintenance is very minimal. 

What do I think about the scalability of the solution?

It's very scalable. Every organization sets it up differently, but we've been able to perform upgrades with minimal service disruption. We have ASAs in multiple locations.

How are customer service and support?

Being a government-supported organization, the technical support is great. They send us equipment. It's top-notch.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Cisco has been a leader in firewalls, and the US government primarily chooses Cisco first, before it chooses competitors.

Which other solutions did I evaluate?

We have a variety of providers from Juniper to Palo Alto, et cetera. But the Cisco GUI is pretty consistent, so most individuals catch on. But when it comes to the Firepower, we're going to need some more training on that, as we're upgrading and moving to the Firepower.

What other advice do I have?

I like the ASA product, maybe because I'm an old guy, more so than the transition to the Firepower. The ASAs have worked ever since the PIX days and they work very reliably. Even with the upgrades, your rules don't change. That's true even with a major OS upgrade.

Things are changing and the ASAs are becoming dated. People want content filtering and so on now.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Pardeep Sharma - PeerSpot reviewer
Network security engineer at a tech services company with 1,001-5,000 employees
Real User
Top 5
A simple and reliable firewall with best support and very good netting, routing, and VPN functionalities
Pros and Cons
  • "Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA. The biggest advantage of Cisco products is technical support. They provide the best technical support."
  • "Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this."

What is our primary use case?

I am using Cisco ASA 5525 for netting, routing, and site-to-site VPN. We have two sites. I am using Cisco ASA Firewall on one site and Check Point Next-Generation Firewall on another site.

How has it helped my organization?

We have integrated it with Cisco Anyconnect. This feature has been very good for us during the lockdown.

What is most valuable?

Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA.

The biggest advantage of Cisco products is technical support. They provide the best technical support.

What needs improvement?

Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this.

For how long have I used the solution?

We have been using this solution for one and a half years.

What do I think about the stability of the solution?

It is stable and reliable. If you are looking for security from Layer 1 to Layer 4, Cisco ASA is good, but if you are looking for Layer 7 security, deep security, and malware detection, this is not the right product. You have to use some other product.

What do I think about the scalability of the solution?

We have more than 400 employees. We are currently not thinking of increasing its usage because we need more security, and Cisco ASA is not good for Layer 5 to Layer 7 security.

How are customer service and technical support?

The biggest advantage of a Cisco product is technical support. They provide 24/7 support on 365 days. Their technical support is one of the best. I would rate them a ten out of ten.

How was the initial setup?

Cisco ASA is very not complex. It is a very simple firewall. If you are configuring it through CLI, it is easy. If you configuring it through ASDM, it will be more difficult for a beginner engineer.

It takes around two to three days to cover all the parameters. It is very easy to deploy in an existing network, which is one of the main advantages of Cisco ASA.

What's my experience with pricing, setup cost, and licensing?

We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS.

Which other solutions did I evaluate?

I considered pfSense, but when I checked the reviews, pfSense's reviews were really bad, so we purchased Cisco ASA.

What other advice do I have?

I am very happy with this product in terms of netting, routing, and VPN functionalities. If you are a small organization with around 100 people and you are not thinking of Layer 7 security, deep security, and malware detection, Cisco ASA would be very useful and cost-effective for you.

I would rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
President at a tech vendor with 11-50 employees
Real User
Top 20
Great diagnostics combined with a high-security VPN
Pros and Cons
  • "I like them mostly because they don't break and they have great diagnostics."
  • "They should improve their interface."

What is most valuable?

I like them mostly because they don't break and they have great diagnostics. If something is awry, you can generally figure it out. And of course, everybody has a VPN, but I like the security of their VPN.

What needs improvement?

They should improve their interface and ensure that people actually know what they're doing before they start programming; that would make me happy. But that's never going to happen — it's a total pipe dream.

Some of the next-generation stuff that Cisco is doing now allows you to add web filtering and provides more security inside the device. That's why we were looking at the Next-Generation Firewall.

For how long have I used the solution?

I have been using this solution since they developed it.

What do I think about the stability of the solution?

I've had a couple of issues. Way back, they had a power supply that had to be changed out. They also had some issues with the 5500 series. Other than that, they're pretty rock-solid.

What do I think about the scalability of the solution?

Within their limitations, yes, they're scalable. You don't want to put a 5506 in when you need a 5525 — you'll never get it there. If properly sized, they're scalable, but you can't make a 5506 a 5525 — there're different processors and everything. You have to know where you're going. You have to know your customer first.

How are customer service and technical support?

The tech support is good. The documentation is verbose almost to the point of being confusing if you don't know what it is you're looking for.

It's only confusing if you have somebody who is not familiar with it. They give you every option in great detail, so you can spend time searching through a manual that you might not otherwise. Here's an example: take Sophos or SonicWall — let's say the manual for SonicWall is 25 to 30 pages; that same Cisco documentation is going to be three times that size or more.

It's not that it needs to be simplified, the people using it need to be knowledgeable. It is not a novice box, we'll put it that way.

Which solution did I use previously and why did I switch?

We've been with Cisco for a long time. We've used their routers and gadgets for years and years.

How was the initial setup?

The initial setup is quite straightforward.

What's my experience with pricing, setup cost, and licensing?

I would guess that the market value of Cisco is going to be towards the higher-end. I don't know that it's the highest, but feature for feature, I'd say it's probably well-priced.

What other advice do I have?

Cisco ASA Firewall Is not as much of a plug and play solution as some of the others. You just need to make sure that you do your research.

On a scale from one to ten, I would give Cisco ASA Firewall a rating of nine.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Data center design at a comms service provider with 10,001+ employees
Real User
Provides great security for our applications
Pros and Cons
  • "One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI."
  • "It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection."

What is our primary use case?

We use them for site-to-site VPN solutions as well as other VPN activities, and for general application security.

We needed a good VPN solution and, as our network grew, we had more applications that were virtualized and that can be spun up. We needed a solution that would keep us ahead.

How has it helped my organization?

Cisco ASA provides great security for our applications.

What is most valuable?

One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI. When I first started learning firewalls, Cisco was the first one that was taught to me and it was pretty easy to grasp. When I'm teaching other engineers to use Cisco ASAs, the results of their learning are immediate.

What needs improvement?

It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection.

Also, the ASAs need to be improved a little bit to keep up with the demand for high bandwidth and session count applications.

For how long have I used the solution?

I've been using Cisco ASAs for about 11 years.

What do I think about the stability of the solution?

It's reliable. It doesn't have all the features of some of the newer firewalls, but it's very reliable. It doesn't break. It's pretty rock-solid.

What do I think about the scalability of the solution?

We have at least a pair in every one of our data centers. We gateway our applications around the firewall system, meaning all application data goes through firewalls.

How are customer service and support?

We have good support from Cisco for the ASAs. That helps us out a lot. Some of our ASAs are pretty old and technically not supported anymore, but TAC always helps us out.

How was the initial setup?

The initial one, for me, was a little bit complex because I hadn't done it before. It was inline and an active/standby pair, so it involved a little bit more than just deploying one firewall. 

We had some documentation written and we tested it in the lab and then the deployment took about four hours.

We deployed it alongside different solutions and then we cut over to it when it wouldn't impact the customers.

The maintenance involves doing code upgrades periodically to keep up with the security environment requirements. One person handles that.

What about the implementation team?

We deployed with a consultant from Cisco support. Our experience with them was good. They provided a lot of documentation ahead of time to help us with our configuration.

From our side there were two people involved. One was doing the configuration and the other person was checking to make sure there were no errors, looking at IPs and the like.

What's my experience with pricing, setup cost, and licensing?

The licensing is straightforward and simple, so we don't have to keep relicensing every year as we do with other applications.

Which other solutions did I evaluate?

We use Juniper as well.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Analytical Engineer at a pharma/biotech company with 10,001+ employees
Real User
Keeps away threats trying to come into my organization
Pros and Cons
  • "With the pandemic, people began working from home. That was a pretty big move, having all our users working from a home. More capacity needed to be added to our remote VPN. ASA did this very well."
  • "It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices."

What is our primary use case?

We are using it for our VPN. We have a remote VPN and then a VPLS connection. Overall, it is a pretty big design.

We were looking for an opportunity to integrate our Firepower with Cisco ASA.

We mainly have these appliances on the data center side and in our headquarters.

How has it helped my organization?

It did help my organization. The firewall pretty much covers most stuff. They have next-gen firewalls as well, which have more threat analysis and stuff like that. 

The firewall solution is really important, not just for our company, but for every organization. It keeps away threats trying to come into my organization.

With the pandemic, people began working from home. That was a pretty big move, having all our users working from a home. More capacity needed to be added to our remote VPN. ASA did this very well.

What is most valuable?

The most valuable features are the remote VPN and site-to-site VPN tunnels.

I use the solution to write policies and analyze the data coming in via the firewalls.

What needs improvement?

It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices.

I would like to see more identity awareness.

For how long have I used the solution?

I have been using it for over six years.

What do I think about the stability of the solution?

The stability is pretty good. They are keeping up the good work and making updates to the current platform. 

How are customer service and support?

The support is good. They have been there every time that we need them. I would rate them as nine out of 10.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have used Check Point and Palo Alto. We are still using those but for more internal stuff. For external use, we are using the Cisco client.

How was the initial setup?

The initial deployment was straightforward. We have worldwide data centers. For one data center, it took three days from design to implementation. 

What about the implementation team?

It was a self-deployment. It took eight people to deploy.

What's my experience with pricing, setup cost, and licensing?

It was pretty good and not expensive on the subscription side. Cisco is doing a good job on this.

Which other solutions did I evaluate?

We also evaluated Zscaler, which is more cloud-based. It was pretty new and has a lack of support on the system side.

What other advice do I have?

They have been keeping up by adding more features to the next-gen and cooperating with other vendors.

I would rate this solution as nine out of 10. It is pretty good compared to its competitors. Cisco is doing well. They have kept up their old traditional routing and fiber policies while bringing on new next-gen features.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Network Security Engineer at a tech services company with 201-500 employees
Real User
Top 5Leaderboard
Good UI but too expensive and not very stable
Pros and Cons
  • "The user interface, the UI, is excellent on the solution."
  • "The stability is not the best."

What is our primary use case?

I primarily use the solution for the IPsec only. 

What is most valuable?

The user interface, the UI, is excellent on the solution. Let's say you want to check the real-time locker - you can create it by the UI using ADSM.

What needs improvement?

The VPN portion of the solution isn't the greatest.

The stability is not the best.

The solution is far too expensive.

For how long have I used the solution?

I've been working with the solution for about six months, or maybe a little bit less than that.

What do I think about the stability of the solution?

I haven't found the stability to be very good. The IPsec stability leaves a lot to be desired. They really need to work on the solution's stability capabilities.

In ASA, I built the IPsec between ASA and Fortigate due to the fact that most of the time I have to restart the timer to flow the data.

What do I think about the scalability of the solution?

We only have two to three users who directly deal with the solution within our company. Overall, we have between 100-200 employees. We haven't really scaled it.

I personally would prefer not to use ASA going forward. However, I don't know if the company itself has any plans to increase usage or not.

How are customer service and technical support?

While I've dealt with Cisco technical support in the past on other solutions, I have not contacted them in regards to this specific product.

That said, my past experience with Cisco technical support has been very positive and I found them to be very helpful in general. I just can't speak to this specific product.

How was the initial setup?

I was pretty junior when the solution was initially implemented in the organization. For that reason, I did not take an active role in implementing the solution. I wouldn't be able to really discuss the setup specifics or the level of difficulty.

I'm not exactly sure who handles maintenance, if any, within our organization.

What's my experience with pricing, setup cost, and licensing?

The licensing is quite expensive. I don't have the exact amount, however, it's my understanding that it's a very pricey solution. There's a lot of competition out there, including from Fortigate, which offers just as good, if not better products.

What other advice do I have?

I'm not overly familiar with ASA. I only work with it on an administration level.

I work with the latest version and I use the ASDM version server.

I wouldn't recommend that an organization choose ASA as a solution. They should look into other options.

Overall, I would rate the solution at a six out of ten. We haven't had the greatest experience.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco ASA Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: August 2022
Product Categories
Firewalls
Buyer's Guide
Download our free Cisco ASA Firewall Report and get advice and tips from experienced pros sharing their opinions.