Cisco IOS Security Reviews

We basically use it for security. It can be used as the internet as well as the data center security firewall.

The hardware is pretty stable. It's also a very good product performance-wise. 

Initially, it wasn't mature like a firewall and there were other leaders, but now they have included almost all the features of next-generation security. Basically, it's a good product to work with. 

I would love it if it has a link-by-link feature, integration with Unified Threat Management (UTM), and load balancers.

They haven't got any link-by-link feature right now, which can be a very attractive option. This link-by-link feature can also be made available for Cisco's UTM firewalls. The link-by-link feature is available in some of the other firewalls. 

Currently, integration with UTM is missing. Cisco IOS Security also doesn't have the load balancers and a few things that need to be done to get a good UTM firewall. Normally, other firewalls have UTM. As a next-generation firewall, it's good, but as a UTM, it has to do some work.

We have been working with this solution for around 15 years now.

Cisco IOS Security is very stable.

It's pretty scalable. The hardware is good, and it's scalable.

The main reason for going with Cisco is their support. They have very skilled people and a very good support structure as compared to many other companies. They invest heavily in support maintenance. 

We are pretty comfortable with Cisco technical support, but with the new acquisitions, they also need to ramp up their support. For the older Cisco IOS and other stuff, they have very mature teams, but with the new acquisitions, sometimes it takes time to do the transition up to that level. For example, when Cisco acquired Sourcefire for the firewall, it took some time for Sourcefire to act like Cisco's other products. So, support is good, but still, there is a learning curve involved with new acquisitions and their support.

The initial setup was complex when we compare it with some other vendors.

The setup is easy if you have good knowledge. As compared to the earlier types, it is very easy now, and the major stuff is graphical. It's pretty easy, and we don't need a lot of people, at least one to two people for backup are good enough to manage the firewalls.

Cisco IOS Security is for medium and large enterprises. When we talk about the price as well, it's more suitable for medium and large enterprises, but recently they included a few good SMB options. They have introduced a cheaper version of it in the last year with SMB option, which can be looked into for small enterprises, but it's more suited towards the large enterprises and medium enterprises.

We prefer selling Cisco firewalls. We also sell Fortinet. Because Cisco's presence in our country is very good as compared to Fortinet and Palo Alto, the local customers seem comfortable with Cisco.

When we talk about Cisco, definitely the hardware is more reliable and scalable as compared to others. The support is also pretty good. These are the two good things. Definitely, Cisco Firewall is all around pretty good as compared to Fortinet.

We work with Cisco, and we top-rate Cisco firewalls to be sold and deployed. This is because they have good trading and expertise available. Cisco IOS Security is pretty reliable, and it also has really good documentation.

It sometimes requires a slightly higher technical expertise to implement all the features as compared to other firewalls. Therefore, users definitely have to be trained first to get proper knowledge. Definitely, IOS security is well-documented, and it's pretty reliable. I'd advise just to make sure that they have adequate knowledge. 

The learning curve is slightly longer because it's a slightly complex product as compared to Fortinet, but feature-wise, it's very good.

I would rate Cisco IOS Security a seven out of ten. It is a good product with scope for features such as link-by-link, integration with UTM, and load balancers.

This has improved the way our organization operates very well.

The most valuable feature is the support that we get.

In the next release of this solution, we would like to see support for the 100BT and 7000 models.

We have experienced bugs in the solution.

This solution is stable.

I would rate the scalability of this solution at about eighty percent.

Technical support for this solution is very good.

The initial setup of this solution is straightforward.

We deployed this solution ourselves.

There is a return on investment with this solution. 

The licenses for this solution are expensive.

This is a good solution, and one that I recommend, but sometimes we have bugs.

I would rate this solution a nine out of ten.

Our primary use case for this solution is internet security at the edge.

Cisco IOS Security gives us a level of trust at the edge as far as being the first line of defense for anything that's trying to get into our network.

The feature I find most valuable is that the solution doesn't really change from year to year. The basics are there and I have so much experience with it that it's easy to use. I also like the security this solution offers.

External threats are changing every day, so there are new features coming in. We're more into the command line interface rather.

The stability of this solution is excellent. 

We are very satisfied with the scalability of this solution.

The technical support is excellent. We've contacted the tech team a few times and the turnaround time was always almost immediately.

We've always been using this solution and we haven't seen a need to change from it so we haven't looked at other vendors in quite a while because we are totally satisfied with what we have.

The initial setup was straightforward and we did the deployment ourselves. We could go on the internet for any reference that we needed.

We have to renew our license every three years.

My rating for this solution is a ten out of ten because it does everything I need and it is easy enough to use. My advice to others is to definitely have it on their list of vendors to take a look at. I really recommend this solution.

We use this solution to connect branch offices and keep the security on each one.

Cisco IOS allows us to keep the same security features as our principal offices.

We can access control lists and VPN tunneling.

It gives us better efficiency.

I think setup could be one area for improvement.

I would also like to see them add integration with cloud solutions like Umbrella, as well as some monitoring improvements. This would let us connect a new platform and cloud solution for a site.

Cisco's high stability is a well known feature.

It is scalable. We can go to another platform and keep the same functionality.

I think we have great support from Cisco for this. I haven't used it personally, but I have heard good things.

I think we used Firepower. We work specifically with Cisco.

I think the initial setup was simple. We have a lot of documentation and a guide that we can follow.

Thinking about the ease of managing these platforms and the technical support that we have, we can avoid extra costs and investments. We've saved time allowing our staff to work on other things that have saved money overall.

My advice is that this is a very secure option for platforms and gateways using the Cisco IOS security feature.

I would rate Cisco IOS as ten out of ten.

We use Cisco IOS for security prevention. It enables us to check the network.

I didn't think that they would put servers in the DMZ. It also protects us from hackers; we haven't had any issues with them.

I've found their network routing to be very good.

It is also stable, has good scalability and is easy to use. 

I wish it would be more like the next generation firewall technology. There should be more selection between the application and filtering.

I would appreciate updates to reporting, in terms of data entry.

We don't have any issues with stability. Cisco is always stable.

Scalability is easy.

We have a contract with the representative of DEO support, not just Cisco. So we have local support. If we have any issue, they respond to us directly by phone.

The initial setup was easy. There are step-by-step instructions, like many of their other products.

The solution is definitely valuable for us.

The licensing is on a subscription basis, and it is fairly costly. I would prefer a one-time payment.

My advice is to take this firewall. It is really good. I would rate Cisco IOS as eight out of ten.

The next-generation firewalls, like UTM, have paper-thin single boxes. They should follow the same projects, like the next-generation firewall. They have everything like 40GBs in a single box, along with filtering applications, like VPN and SSN. They also have reporting features.

Since we do system integration, we have a lot of clients we deploy. There is not really a single case to point to because we have multiple clients. It depends and can vary from customer to customer.

Defending the business processes.

If they could increase the performance a little better because the device sometimes gets slow. If they could increase the performance it would be great.

The solution's stability is quite good. We have about six hundred users.

The scalability is quite good. You can scale it when you need to. As you go, you can scale it. It's quite scalable. It's quite good.

I haven't used technical support yet.

We have been using this solution for six or seven years; we didn't use another solution before.

The initial setup was very straightforward. It only took a couple of hours, it doesn't take long.

In terms of advice, I would suggest others should use it. It is quite a good product, it is one of the market leaders. I believe it could be as good as other solutions. There are two things you require: one is support and the other one is credibility. Both are there with this product.

I would rate this solution eight out of ten.

The VPN is the most valuable feature. 

With Cisco IOS, especially the routers, don't have like long-term tendency features, or high availability features available for the IOS. Also, it could use a better user interface.

The solution is extremely stable. It's one of the best. It's a stable solution.

In terms of scalability, it definitely suits all enterprise needs. The product is all we need for today's enterprise, for the client. For me, in terms of scalability, Cisco has the full package.

Technical support is very good.

I have used FortiGate and Palo Alto.

In terms of initial setup, it depends on the one doing it, but I never had any difficulties or struggled to integrate. For me, Cisco is always easy to set up. It's straightforward. Deployment is pretty fast, but sometimes it takes time to implement and to put into production. Deploying, confirmation, and then setting up the devices is straightforward. The most important part is migrating to production. This is sometimes the most important. Again, that depends on the criticality of the environment. It can be done in hours or sometimes weeks. 

Under my supervision, for at least a hundred parts, one other person and I are needed for deployment. That's it. Two people.

I implemented the solution myself. I am an integrator.

The pricing is very expensive. Normally I do a yearly contract; I don't know the exact pricing, but it's around $75,000 USD per year. That's the standard licensing.

Cisco is one of the greatest. The Cisco stack is the best. If you don't know it, don't go for the solution because it gets very complex. If you are new to the security, don't go for Cisco. But if you are experienced and you know how to do it, it's one of the greatest solutions.

I would rate this solution 7 out of 10. The solution is always stable, but there are many security features that Cisco is behind on today. 

We use it for endpoint security, to control access to our edge level. Basically, Cisco IOS checks the identity of each endpoint (printers, etc.). There's a specific group allowing the printer to immediately connect to the network. Also, if there is a laptop, for example, then the IOS will tell you, okay this is a laptop, please add the user name and password to access the network. Once it gets authenticated with IOS, they will still do something like posturing, checking the compliance list. For example, if a laptop doesn't have an updated antivirus or updated patches - if it's non-compliant with any one of those things, the system will reject it and isolate it in a special network, so it cannot access our network. 

Previously, anyone in the organization would see any data point in the wall. They could just go and connect their machine with that data point and could access the network. But now, even if someone came and tried that, they will not be given access. Because Cisco IOS will ask for the identity. So, you will now need to give your identity. If you are not part of the organization, you will not be given access.

I think it's a complicated product. It is very complicated, especially in the design. If in some way you mess up the logic and design, you can really mess up and you will hate your life. The dashboard is actually very complicated. There's a lot of options. They don't need to do this. They need to make it more simple. Going to the direct point, showing what to do, where to configure, how to make the policy. They need to simplify the dashboard management more. Also, they need to improve the dashboard statistics. We need to see the statistics in a more organized way and clear. Reporting features, I think are also missing. It should be there.

Maybe they need to add in posturing. Cisco is able to check if a device is updated or not. Taking action to isolate it outside the network, and then requesting automatically for the updates to that system would be helpful. It's something in automation they can improve.

Initially, we faced some stability problems with the wifi systems. And sometimes it authenticates, sometimes it doesn't. But, overall, it's 90% stable. It's not causing many problems, because, no one is touching that. No one is touching that box.

Their support was very bad. We have a very bad experience on the support. They take too much time requesting logs, and they are not coming directly online to resolve the issues. They keep asking about a lot of things. And they know that we are not expert in the system. So, we are wasting our time. And it takes time to respond. Sometimes one single issue will stay on the stack for three weeks, just to resolve it. The last ticket for me reached six weeks, not three weeks even. They are not like that in all products. Just this product.

The initial setup was very complicated. For the initial setup, you need to configure the TAC servers and assigning the password, user name and the group for authenticating, etc. The deployment took more than three months.

We used a vendor. We are not doing anything ourselves except for the basic things. We are using the vendors to do this. Not everything is handled by vendors; only, again, for the complicated products. We try to approach the integrators to do it.

I did not evaluate other options. I was thinking maybe Aruba might be a good option, but I did not switch over to it actually because Cisco's a big company and known in the market.

Even now, we are not fully utilizing the features because it'll add complicated things. I would rate this solution 7 out of 10 because of both support and interface. After this experience, next time in any project we are going to go more secure.