Cisco IOS Security Reviews

One of the main features is that the hardware is extremely reliable.

I think they should bring back remote VPN for users. However, I understand the attempt is to have these functions inside the firewalls and not the routers or the IOS devices.

The stability of the solution is great. I feel very confident working with them because I have a customer that has a router running for almost 10 years and in other cases more than 10 years.

The technical support has been impressive. I know there are no other brands that have the same good service.

I have been working with Palo Alto Networks and Fortinet in the past but they do not have technical assistance centers around the globe as this solution does. However, Palo Alto solutions are more intuitive, the graphic user interface is better, and has higher performance. Cisco is catching up and closing the gap with new releases.

Palo Alto networks are more expensive than this solution and this is why you will see more products like this one in Mexico.

I have been working with the next-generation firewalls by Palo Alto and the license tends to be better. For example, Palo Alto Wildfire, the licensing is more dynamic than Cisco products.

I rate Cisco IOS Security an eight out of ten.

We primarily use the solution as a VPN concentrator. It's the main VPN concentrator for all remote connections.

The compatibility is high with many open protocols. We use it for Radiant. We use it for any kind of network access protocols as well. 

The solution is very user-friendly and easy to deal with. We find working with both the Command-Line and the Viewer very, very straightforward.

It's quite stable. We find it more stable than other options.

It would be ideal if the solution had more capacity. Right now, we are almost hitting the maximum capacity of the product. If they could provide more capacity for the same product, that would be great.

I've been using the solution for over ten years. At more than a decade, it's been a long time.

The solution is extremely stable. We find it much more stable than other options. It doesn't crash or freeze. There aren't issues with glitches. It is completely reliable.

Currently, we have over 7,000 users that utilize this solution.

We do plan to increase usage in the future.

Technical support is very, very good under Cisco. It's one of the other advantages of using their product. They are very helpful, responsive, and knowledgeable. We've very satisfied with the level of service they provide to us.

We previously used Juniper. Juniper has improved a lot over the last little while, however, we still prefer Cisco.

I was not part of the installation process. That was handled by another team entirely. That said, they didn't take a lot of time to get everything up and running. It was, if I recall correctly, less than one week to put it up and test it and make all the configuration adjustments. Deployment was fast and it's my understanding that the whole process from beginning to end was straightforward.

We only needed two people and they were able to handle both deployment and maintenance. They are engineers.

I don't know the exact licensing costs. It's not something I deal with directly, and therefore I don't have any access to the information in regards to pricing and payments.

We're just a customer and end-user. We don't have a business relationship with Cisco.

We're using the latest version of the solution in our organization right now.

We use both cloud and on-premises deployments, however, currently, we tend to use more on-premises deployments.

I would recommend the solution. Overall, I would rate it at an eight out of ten.

We are a reseller and Cisco IOS Security is one of the network security products that we offer to our clients. The primary use case is securing connectivity between sites. Examples of this are between a site and a data center, or a site and a cloud provider.

DMVPN as a technology, not necessarily for security, has allowed my customers to be more agile in their connectivity, without having to rely on a hub-and-spoke topology. Rather, they can leverage a full mesh topology, which is essentially SD-WAN.

IPsec allows us to overlay that, which means we can obfuscate the underlying infrastructure, whatever the transports are. Whether it is a secure private transport like MPLS or just public internet, we can commoditize the underlying transports and trust that everything is secured from prying eyes. 

What I have used the most and received the most benefit from is the IPsec technology. It overlays on DMVPN tunnels and being able to secure these object-based tunnels is good because they perform significantly better than traditional IPsec tunnels.

With respect to user-friendliness, it is a command-line interface and those with such experience will get along just fine, whereas others may struggle. My expectation is that it will remain a primarily command-line-based technology.

The biggest annoyance is probably the quality control of the code. They have to make sure that they are better at vetting bugs and software issues before they release code to the general public.

I have been working with this product for the past ten years.

It is not the most stable system that I have worked with.

I don't think that scalability is much of an issue.

Our clients are small enterprise-level organizations, typically between 1,000 and 5,000 knowledge workers.

The technical support is pretty good and I would rate them an eight out of ten. If anything, they should work on their response times for critical cases.

I would say that 80% of my experience is with Cisco products.

The initial setup is fairly complex, although it depends on the feature sets that you're looking for. Cisco IOM is probably the most complex part of it because it involves setting up all of the QoS policies, performance-routing policies, and performance-routing domains.

From a DMVPN over IPsec perspective, it is pretty straightforward.

Price is certainly something that the IOS technology has fallen behind the competition on.

My advice for anybody who is implementing this product is to ensure that they don't overlook the technical overhead that is required to get it set up and keep it running. From an SD-WAN perspective, there are more user-friendly options out there, so they are going to have their own shortcomings. However, if you're going down the route of a Cisco command-line-based solution then make sure that you're prepared to have the staff on hand to manage it or instead, have a trusted partner that you work with and has the expertise to manage it.

From a feature-set perspective, as long as Cisco continues down the path of combining features from its products onto the unified platform, it will have all the features you need.

It's a good product and it does exactly what it's intended to do, but there and stability issues and the price is expensive.

I would rate this solution a seven out of ten.

Some of our uses for this product are on-premise-based and then some are cloud-based. Mostly, we are cloud-based right now because we are getting away from physical architecture moving forward into the cloud as is Cisco. It allows going from considering CapEx (Capital Expenditure) to OpEx (Operating Expense, Operating Expenditure). That is one of the important things that it allows us to do. It is easier to have solutions cloud-based when it makes sense. All the updates and maintenance get taken care of on their side which is a benefit.  

On the cloud, we have both public and private services. It depends on what we are doing. If we have a client that is a hospital, they have got to be HIPAA (Health Insurance Portability and Accountability Act) compliant. We also recommend private cloud services for some huge retailers that have to be PCI (Payment Card Industry) compliant.  

We use it mostly just for prevention. Basically to prevent unauthorized use of network resources. They use it for routing capabilities, threat mitigation, worms, and viruses. A lot of times, it is used for the network application layer threat.  

The solution does not do anything for us directly as we use it with other clients. We are a large IT company. We hear from clients who tell us what they want. We just find solutions for what they tell us they need. Everyone has a different flavor of what they are looking for and what they are looking to fix.  

The Cisco IOS (Internetwork Operating System) firewalls are mostly set up for branch offices in small to medium business environments or for managed services. Those are the clients we usually use this solution for. It is usually only used for a specific thing to fill a specific need. It might be NAT (Network Address Translation), it might be a guideline or restrictions, it might be that they can have the option to make a solution work on cloud or on-premises. It could be deployed so they have the option to either use CapEx or OpEx. It helps to create options for those types of things.  

I would say that the most valuable thing is probably the Application Visibility and Control which is how it controls the application traffic on the network. I like the IPS (Intrusion Prevention System), the IOS content filtering, and the NAT network translation. I like the way it completely integrates branch offices in our perimeter security.  

A few things have room for improvement in your opinion. That would start with cost. Cisco products are more expensive than the competition, but the additional cost usually gets absorbed by the name recognition. Most people have Cisco or have familiarity with it, so they go with it. If they want the top quality product, they immediately feel comfortable with the Cisco name brand. That is where we come in as consultants. We bend over backward to make product comparisons and framing for solving the needs posed by an organization. I see something is a better fit for them that they could use. It would reduce their CapEx, their expenses, and it would fit them better all at the same time. The client may still want Cisco despite the recommendation that we make. But usually, that is what it is. Cisco fits, and if they want to spend the money, we make sure that it is within their budget. They feel more comfortable with Cisco, and they have had Cisco in the past, so we go with Cisco then.  

Cisco is great. A lot of the tech companies are doing really well. But Cisco is still in the forefront. They are on top of this category of products. I can not think of anything else they could do because they cover pretty much everything that you would need a firewall for. Then you get Cisco's support behind the products.  

I would think it would be a lot better for us and we could make more money if we try to recommend that clients put drop-in boxes at every location. But we do not choose to do that unless there is a purpose for it. In most cases, we would prefer clients to go the OpEx route. It takes a lot to offset the cost of Cisco so if they are going to do a cloud solution, their costs are metered per month by whatever solution they have. That is a lot better for projecting costs, and then there is the benefit of everything being upgraded in the cloud for them. They do not have to worry about anything. It just works.  

We have been using Cisco for as long as Cisco has been around. It is hard to answer the question of when, exactly, we started using this product because they have been upgrading or changing the product as it evolved over the years. It is basically the same foundation and they build upon that over time. I can just say that we have been either using this product or something very similar for a long time.  

Cisco IOS Security is stable, very stable.  

The capabilities for scalability with this product are huge. It is very scalable.  

A lot of our clients have a small main office with accounting and human resources that are headquarter-based. Most of them have other remote sites and branch offices. Whether it is a bank or a finance company, it is easy for employees in those particular roles to be able to pull applications down. It takes a lot of stuff off what would have to be handled by the network firewall. They do not have to worry about so many threats when they are bringing up applications to use and if there are compliance or regulating issues that they have to be aligned with. But that is the type of environment where this product can be used to scale effectively.  

Cisco's technical support is very good. There are a couple of competing products that I know do not have support that is as good. Palo Alto does not have particularly good technical support, for example, but most of the rest of them do. Even so, Cisco is head-and-shoulders above all of them.  

For tech support, independent of the cost of the product, I would definitely give Cisco a ten-out-of-ten.  

We just had a client go with Cisco Meraki and we put a couple of those in. Then we had a Cisco Nexus installation and they topped that by integrating it with perimeter firewalls for their remote locations or branches.  

We currently use really any brand of product in consideration for our consultations. There is not any particular brand we are married to, and we have used them all, pretty much. We do not use all the solutions ourselves. We get feedback from our clients and the companies we do work for. All the clients that we get give us pretty good feedback on the recommendations and the products that they end up using. Otherwise, they would be angry with us. What we recommend has to fit their particular niche and that is what we have to be good at identifying.  

For instance, if a client comes to me and describes how their organization is set up, we react to that. If they say they are a finance company and they have accounting and finance concerns, there are some pain points that they are going to have solved. One of those is application-specific. Then you have to layer that with your regulatory concerns. HIPAA compliance is something I encounter with finance companies, banks, and medical facilities. Those types of companies do very well with CloudGenix because CloudGenix is application-specific. If you put their firewalls in place, those would be a good fit for that type of client. For everything else — manufacturing and all the others and things like that — Cisco would be number one. They outweigh the competition in terms of different companies that they fit niches for better because of the range and flexibility of the solutions.  

If the client's needs are application-based, then we start looking at another way with another solution. But Cisco does great with being PCI and HIPAA compliant and all that, but if you only consider Cisco for every installation, that means you are pulling everything from one pool. You are not looking closely at the specifics.  

I think that the initial setup is very straightforward. Most of the firewalls are straightforward and not too complex. When you are setting up a network with something like Merakis, or if you are looking at working with CloudGenix, then that is where you start to get a separation of difficulty in installation and will notice that it becomes a little bit harder to set up.  

My advice to people and companies considering this solution is to just do the research. Do compatibility research to compare with the other solutions that are out there. Definitely make sure that the firewall you choose is designed for your network architecture, application-layer attacks, and virus and worm protection. If that coverage is what you are looking for and you have an analog phone system. You might not be ready to go to VoIP (Voice over Internet Protocol) yet because you do not want to lose the phones that you have got. Some people add to that base as they scale. We can use something called SIPs (Session Initiation Protocol), for connecting all those analog phones to the VoIP. That is a good indicator that a Cisco firewall will be a good solution for you because it protects the unified communication and guards the SIPs, endpoints, and call-control resources.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall as a ten, for sure, if you consider its advantages over the competition. If you add in pricing, I would have to lower that to a nine-out-of-ten. Price is the only place that I figure Cisco could do something. Or if they could offset the cost of their boxes using a cloud solution. We had a client do that. They had boxes, but they were trying to figure a better way to scale. I suggested to them that they just move the areas that they were scaling to the cloud. They did it with the new branches they have added, and now they are waiting to phase out their boxes. They will eventually move over to a complete cloud-based firewall solution.  

I use Cisco IOS Security. We install it for people. We have a very small network station. We don't use Cisco IOS Security very often, but we install it for clients. 

We use Cisco IOS Security mostly for routers to route off the firewall. It's a next-generation device. With firewalls, we can connect the solution for the mail cloud. 

We've deployed with Fortinet FortiGate. We don't use it much. We use Cisco IOS Security to manage for enterprise clients.

Our primary use case for this solution is in the insurance industry.

Cisco IOS Security has not improved my organization. We use it for our clients. It helps their workers to be more secure in operations.

We interpret the additional protection to be very important now. Cisco IOS Security is used with client mobile devices on the firewall.

We don't love everything about the product. For now, it's what we're using. It's okay. It is difficult to set up. The training is okay. The pricing is standard.

It will be great if they can make it more easy to use the features. The interface is not user-friendly, but a normal IT technician can handle it.

Most of the features only work with Cisco equipment. It's about connectivity. Most of their features are meant for Cisco. You cannot integrate them with any other vendor.

Cisco needs to be more flexible with the integration of other solutions.

It's not stable if you don't have Cisco gear in your network. If you don't have Cisco equipment within your network, you cannot access powerful pieces of the software.

The scalability of Cisco IOS Security is good. It's very fast. It's not universal because most of the features require you to have Cisco equipment in your network. 

If you ask technical support on how to solve some issues, it does help. We do fine with Cisco support. It comes with the equipment.

We provide our clients with six months of in-house support. We pay Cisco for it. The support is okay.

The initial setup is straightforward, but when it comes to complex settings like the firewall, it is not easy. Most of the features that come with it work only with Cisco devices.

You have to have experience before you try to use it. You need to make sure you have it your router by Cisco. Some features only work with Cisco equipment.

What we do is we set up everything. We have to go on-site. It doesn't take time to deploy it. The time required to work on the project can take up to two weeks.

We did the setup mostly with our team. We are consultants. We worked with a reseller. Cisco has an integrator software team too.

Our licensing costs for the solution are on an annual basis. It should be every five years.

On a scale from 1 to 10, I would rate Cisco IOS Security at 9/10.

Cisco IOS Security has many good features, but compared to other solutions, it has a more user-friendly interface with steps to apply and manage rules. Another good part of the solution is that it's more straightforward.

An area for improvement in Cisco IOS Security is the performance because it's not as stable sometimes. There's also some latency in the solution, which could be improved. Cisco IOS Security integrates with other solutions, but you'll encounter many errors after integration, so this is another area for improvement.

I'd like to see enhanced performance and a simplified setup in the next version of Cisco IOS Security.

I've been working with Cisco IOS Security for more than five years.

Cisco IOS Security isn't as stable.

Cisco IOS Security isn't as scalable, but it's okay. It's suitable for enterprise companies.

The technical support for Cisco IOS Security is very good. The support team responds every time.

Setting up Cisco IOS Security wasn't very easy because it's not a standalone solution. The setup requires merging rules and integration with other solutions, which could take some time.

The pricing for Cisco IOS Security is reasonable compared to other Cisco products.

I'm working with Cisco products such as firewalls, ISE, routers, data centers, FTD, and most of the Cisco technologies. I have experience with Cisco IOS Security as well.

My company is a partner and reseller of Cisco products.

My customers, particularly enterprise customers, use Cisco IOS Security.

My advice to others looking into implementing Cisco IOS Security is to do a POC first. It would help to be careful about performance, latency, and management issues with Cisco IOS Security.

I'd rate Cisco IOS Security as seven out of ten.

We are using Cisco IOS Security for endpoint security. For example, spyware, firewall, database and application protection.

I have been using the solution for approximately 10 years.

The solution is stable.

We have found the solution to be scalable.

We have approximately 20 customers using this solution.

The technical is excellent.

The installation is straightforward.

We have two engineers that do the implementation and maintenance of the solution.

The price of the solution should be cheaper, and the license is purchase annually.

I recommend this solution to others and advise them to use the latest version.

I rate Cisco IOS Security an eight out of ten.

The primary use of the solution is used for testing the core banking customer function.

One of the valuable features of the solution is its flexibility and it performs great.

The configuration should be easier in the solution.

I have used the solution for approximately five years. 

I have not had issues with the solution stability.

I have approximately 450 customers database at this moment using this solution.

There is technical support for the solution but it is not localized. It would be beneficial if there would be localized technical support in India.

The installation of the solution is difficult because it requires trained CCNA engineers. 

The solutions deployment required a three-person technical team.

It is necessary to pay for a license in order to use the solution. It is on a yearly basis and the price is high. 

I will continue using the solution because our customers demand it.

I would recommend the solution to other users. 

I rate Cisco IOS Security a nine out of ten.