IT Central Station is now PeerSpot: Here's why
Cybersecurity Architect at a financial services firm with 5,001-10,000 employees
Real User
Provides our organization with a sense of security, reliability, and trustworthiness
Pros and Cons
  • "The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment."
  • "The solution is overcomplicated in some senses. Simplifying it would be an improvement."

What is our primary use case?

It has been great for blocking incoming bad actors. The new Firepower modules have been a welcome additive to that.

How has it helped my organization?

Cybersecurity resilience has helped us be able to react and respond in a quick fashion to anything that may be happening or any anomalies within the environment.

The solution has provided us a sense of security, reliability, and trustworthiness.

What is most valuable?

The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment.

Its resilience helps offer being able to react and self-heal.

What needs improvement?

The solution is overcomplicated in some senses. Simplifying it would be an improvement.

Buyer's Guide
Cisco ASA Firewall
August 2022
Learn what your peers think about Cisco ASA Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
622,358 professionals have used our research since 2012.

For how long have I used the solution?

I have used the ASA solutions for a better part of 10 years.

What do I think about the stability of the solution?

The stability is unparalleled.

All solutions require maintenance, and we do that routinely. Anywhere from three to four people from the network teams to application owners are involved in the maintenance. This is a firewall in production, so we need to do maintenances after hours, but it would be nice if we didn't need to do it after hours

What do I think about the scalability of the solution?

Scalability is unparalleled. It is easy to scale.

We don't have plans to increase our usage at this time.

How are customer service and support?

In previous years, Cisco's tech support has been great. Although, I have seen it declining. I would rate their support as seven out of 10.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We have used the Check Point firewalls as well as several different vendors.

What was our ROI?

It secures the network. The ROI is really incalculable at this point as keeping our data secure is keeping the company's assets secure.

Which other solutions did I evaluate?

We did evaluate other vendors.

What other advice do I have?

You need to be always looking ahead and proactively developing to build resilience.

I would rate the solution as eight out of 10. It is a world-class firewall.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Stoyan Zhekov - PeerSpot reviewer
General Manager at MS Solutions Ltd.
Real User
Top 20
Secure, stable, user-friendly, and the partner support is good
Pros and Cons
  • "The most valuable feature is that it's secure."
  • "In the future, I would like to be able to use an IP phone over a VPN connection."

What is our primary use case?

We are using the ASA in our network to create a VPN between six places. We also use it for servers and data synchronization.

What is most valuable?

The most valuable feature is that it's secure.

It is really stable and I've never had an occasion that due to this firewall, I have had issues with the network, a breakdown, or otherwise.

This is a user-friendly product. Once you have a specialist who can configure it properly, you'll be pretty protected everything you want is in it.

What needs improvement?

In the future, I would like to be able to use an IP phone over a VPN connection.

For how long have I used the solution?

I have been working with Cisco ASA Firewall for at least seven years.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

We have not tried to scale our network. It was established a long time ago and nothing has changed since then.

How are customer service and technical support?

I have been auditing their partners in Bulgaria and I am in contact with them on a regular basis. I have not had any real issues with my equipment but overall, I think that the support is perfect.

Which solution did I use previously and why did I switch?

We were using the ASA 5505 and our network is faster now, so we are now in the process of upgrading our network to the 5506 model. The 5505 is a 100 megabit product, which is very low.

What about the implementation team?

We had a company that set everything up for us. They have Cisco engineers and I'm paying them annually for next-business-day support. They do all of the maintenance for us.

What's my experience with pricing, setup cost, and licensing?

They have a lot of different models but most of them are really expensive. This is the main thing because, for us, the price is important.

What other advice do I have?

Overall, I am pretty satisfied with this product and I recommend it.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Cisco ASA Firewall
August 2022
Learn what your peers think about Cisco ASA Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
622,358 professionals have used our research since 2012.
Information Security Manager at a financial services firm with 501-1,000 employees
Real User
Top 5
Flexible, high quality, and provides good security
Pros and Cons
  • "It's a flexible solution and is well-known in the community."
  • "In the next release, I would like to see the VPN and UTM features included."

What is our primary use case?

We are using this product to filter network traffic.

What is most valuable?

It's a flexible solution and is well-known in the community. Most professionals are familiar with Cisco products and we prefer to work with products that we know. That is why we chose to work with Cisco firewalls, and also for the quality.

What needs improvement?

In the next year, we are planning to migrate to the Cisco Firepower. Our planned product would be Cisco Firepower 20 or the 40 series.

In the next release, I would like to see the VPN and UTM features included.

For how long have I used the solution?

I have been using the Cisco ASA Firewall for the past ten years.

We have a few different versions that we are using. Some are 5505, 5510, and 5515.

What do I think about the stability of the solution?

It's stable. We have not had any issues with stability.

What do I think about the scalability of the solution?

It's a scalable solution. We have five or six users in our organization.

How are customer service and technical support?

We have not contacted technical support because we have not had any issues.

Which solution did I use previously and why did I switch?

Previously, we did not use any other solutions. Our company is almost 11 years old and have been using this solution for ten years. We have been using this solution from the beginning.

How was the initial setup?

I have not been present for most of the deployments, but from my experience, the deployment is not complex for organizations like ours because we have less equipment and infrastructure. 

In Ethiopia, most of the deployments, especially in government organizations, are on-premises because of government policy.

Our policies are limited and not complex.

Overall, I would say that it's pretty straightforward. While I was not a part of the deployment and had to guess, I would say it may have taken a week to deploy.

We require a team of four or five to maintain this solution.

What other advice do I have?

In summary, this is a good product and I recommend it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Lead Network Engineer at a tech services company with 51-200 employees
Real User
Top 20
A recommended firewall solution that is straightforward, stable, and reliable
Pros and Cons
  • "We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution."
  • "We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls."

What is our primary use case?

We mostly use it for remote access. We also use this firewall between different segments of our enterprise network.

We have legacy models of this solution. We are using models 5510 and 5520.

What is most valuable?

We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution.

What needs improvement?

We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls.

For how long have I used the solution?

We have been using Cisco ASA Firewall for around one hour and a half years.

What do I think about the stability of the solution?

It is quite stable. We didn't have any issues or crashes, so we find it to be a solid solution.

How are customer service and technical support?

We don't have Cisco support because these models are excellent.

How was the initial setup?

It has moderate complexity. I didn't have any prior experience in configuring these firewalls. That's why I found its initial setup to be of moderate complexity, but now, I have got used to using and maintaining these devices.

What's my experience with pricing, setup cost, and licensing?

We're using the smart license for this firewall. The models that we have require licensing for remote access.

What other advice do I have?

I would absolutely recommend this solution. It is a very straightforward and reliable solution. I would definitely like to propose and offer this solution to other colleagues.

Cisco doesn't have any plans to develop this kind of solution more. Cisco ASA Firewall will not be developed in the future. The next-generation firewall is the next step in the development of the Cisco firewall. For this reason, we are investigating the possibility of migrating to another product.

I would rate Cisco ASA Firewall a nine out of ten. We are very happy with this solution. It is very straightforward and reliable, but it is quite a legacy solution and lacks performance. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Network Security Engineer at a tech services company with 51-200 employees
Real User
A proactive threat defense solution with a good Inline Mode configuration
Pros and Cons
  • "The Inline Mode configuration works really well, and ASA works very impressively."
  • "I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall."

What is our primary use case?

I use it for VPNs, remote-access VPNs, environment issues, and failover issues. I also use the
content mode, NAT, and PAT in this firewall. We always use ASA for VPN sites and firewall sites. We use the edge for internet access for data center servers or company customers' internet access.

How has it helped my organization?

We always use ASA for integration another companies  and branches easily. 

What is most valuable?

The Inline Mode configuration works really well, and ASA works very impressively.

What needs improvement?

I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic at all. It's important, and you'll need an additional firewall. 

All next-generation firewalls don't have much control over Layer 7, but there's a little bit of control for inspection. ASA never controlled Layer 7, and it's a bad point.

 I don't like to use ASDM, a graphical interface, and other solutions for ASA. I wouldn't say I like this, and it's not good(ASDM).

For how long have I used the solution?

I have over seven years of experience with Cisco ASA Firewall.

What do I think about the stability of the solution?

It's stable. ASA works very well, and it's impressive. I use only ASA and only the Inline Mode. 

What do I think about the scalability of the solution?

It's a scalable, high availability solution. It's an active/standby model for VPN. But if you don't use VPN in these devices, it works as an active/active high availability model.

How was the initial setup?

If you're a Cisco Administrator or Cisco certified, the initial setup isn't a problem. But if you don't know Cisco devices and how they work, it can get a little complicated.

What other advice do I have?

I would advise new users to look at next-generation firewalls like FTD or other models from Cisco. It's better than Cisco ASA. Cisco ASA Firewall isn't a next-generation firewall.

On a scale from one to ten, I would give Cisco ASA Firewall an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Hari Pandu Dairi - PeerSpot reviewer
Network Engineer at a tech services company with 201-500 employees
Real User
Top 5
Easy to operate with good technical support, but needs better logging features
Pros and Cons
  • "The command line is the same as it is on the Cisco iOS router."
  • "The solution needs to have better logging features."

What is our primary use case?

We primarily provide implementation and maintenance services to our clients.

What is most valuable?

The software itself is very simple.

The solution is easy to operate. It's not overly complex.

The command line is the same as it is on the Cisco iOS router.

The technical support is very helpful and responsive.

What needs improvement?

The solution needs to have better logging features.

Cisco needs to migrate its ASA Firewall to a management console or to a web console.

For how long have I used the solution?

I've been working with the solution for six years at this point.

What do I think about the stability of the solution?

The solution is largely stable. Once we adopted Cisco services, we found that everything was pretty reliable. There aren't bugs or glitches. It doesn't crash or freeze. It's quite good.

What do I think about the scalability of the solution?

The scalability is a problem as the solution has a low throughput.

How are customer service and technical support?

We've been in touch with technical support and I've always found them easy to reach. They're responsive and helpful. I find their service much better than, for example, Fortinet or Palo Alto. Overall, we're satisfied with Cisco with respect to their technical support.

Which solution did I use previously and why did I switch?

We have some experience working with Palo Alto and Fortinet solutions as well.

What's my experience with pricing, setup cost, and licensing?

While I don't have the exact pricing of the solution, it's my understanding that Cisco is rather costly. It's not the cheapest option on the market. It's expensive. It's more costly, for example than Palo Alto.

What other advice do I have?

We have a gold partnership status with Cisco, however, we are also partners with companies such as Fortinet and Palo Alto.

For a next-generation firewall, I would likely recommend Palo Alto. However, if a company had the budget, I would recommend Fortinet. That said, for a VPN gateway, I would recommend Cisco ASA.

In general, I would rate Cisco's ASA Firewall at seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Principal Network Engineer at a manufacturing company with 501-1,000 employees
Real User
Top 20
Good monitoring capability, but it lacks the next-generation firewall functionality
Pros and Cons
  • "The most valuable features for my client are the ASDM and monitoring."
  • "Cisco ASA is not a next-generation firewall product."

What is our primary use case?

I am a consultant and when clients ask for white papers or studies, I do the research. At that point, they do whatever change processes they have; I give them all of the numbers and other relevant data, but that's the extent of what we do in my organization.

They are just using it as a stateful packet inspection firewall, traditional firewalling.

How has it helped my organization?

At this point, my client is looking for their next solution so something may not be working.

What is most valuable?

The most valuable features for my client are the ASDM and monitoring.

They have familiarity with the Cisco CLI.

What needs improvement?

Cisco ASA is not a next-generation firewall product.

For how long have I used the solution?

My client has been using the Cisco ASA solution for approximately five years.

What do I think about the stability of the solution?

They've been using it for five years and my assumption is that it's been good for what they needed it t do. However, they were consulting to move forward with something different.

What do I think about the scalability of the solution?

The scalability is very limited because as a traditional firewall, it's a step behind. As far as the scale goes, my assumption is that you just buy a bigger model.

Which solution did I use previously and why did I switch?

I was not consulting with this client when they implemented the Cisco ASA.

This is a hardware-based device, versus a virtual one, so it's maxed out.

How was the initial setup?

My assumption is that it's a typical HA, basic setup.

Which other solutions did I evaluate?

My client is looking for a next-generation firewall solution to replace the Cisco ASA.

What they need is a step up from what they already have that includes application-controlled firewall rules, as well as other features that ASA doesn't currently have.

What other advice do I have?

My suggestion for anybody who is looking at Cisco ASA is to work with the vendor, as they have newer products.

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Lead Network Engineer
Real User
Enables secure communication with our peers, but needs more next-gen features
Pros and Cons
  • "They are easy to maintain."
  • "I would like to see them add more next-generation features so that you don't need a lot of appliances to do just one task. It should be a single solution."

What is our primary use case?

We use them for VPNs and as firewalls, of course. We wanted to protect the network and have secure communication with our peers.

How has it helped my organization?

They secure the network and ensure our network is always available.

What is most valuable?

They are easy to maintain.

What needs improvement?

I would like to see them add more next-generation features so that you don't need a lot of appliances to do just one task. It should be a single solution.

For how long have I used the solution?

I have been using Cisco ASA Firewalls for nine years.

What do I think about the stability of the solution?

In terms of stability, it is a really good product and platform. Overall, it's great.

What do I think about the scalability of the solution?

It's not really cost-effective when it comes to scalability. It is a really expensive product if you go to the modular firewalls. You need to get new appliances to get new features.

How are customer service and support?

Tech support is good but it could be improved on some points.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have used Fortinet, Check Point, and Palo Alto firewalls. Most of those solutions have everything integrated into them so you don't need multiple appliances. You get a single solution for your network. It would be better to have a centralized firewall, from Cisco, that can do everything.

How was the initial setup?

The initial deployment was straightforward. The last implementation of an ASA took us about one to two weeks.

Our implementation strategy was to have good architecture and to have all the requirements for the project beforehand. Everything went really smoothly because of that.

We needed four or five people for deployment, including field techs and network engineers.

What other advice do I have?

For clean and easy protection of an enterprise, it is a really good product. It can be also deployed as a virtualized solution in data centers.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Cisco ASA Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: August 2022
Product Categories
Firewalls
Buyer's Guide
Download our free Cisco ASA Firewall Report and get advice and tips from experienced pros sharing their opinions.