Cisco IOS Security Reviews

I usually use it for GRE channels and VPNs. Is very stable and is a good solution. It has been stable.

I'm able to securely transfer data over the internet network. With the GRE I'm able to transfer data within one site to another sites in a public way, like the internet. The communication is encrypted and is private. It gives me added privacy.

The GRE kernels and IPSEC security are the most valuable features.

There's a technology called SD-WAN that we would like to see. We are unable to handle multiple connections or to automatically load balance. I would like to have a feature that enables us to automatically prepare for load balancing.

More than five years.

It is stable but is missing functionalities. For example, everyone is bound to one single router. 

This product is being used on a daily basis, 24/7. We are a bank, so it is always running. We have no downtime and our customers don't have any downtime. 

You can do a lot in terms of the scalability. In my department, I have 11 branches that are using it and everything works flawlessly for them. 

Cisco's technical support is the best. 

I have previously used FortiGate and I didn't switch solution, I switched companies. Cisco is stable once it is up and running. You can forget about it, it's going to work unless the hardware fails. As your centers deploy, make sure it's configured and up and running. You just have to put it there and forget it.

The complexity of the initial setup will depend on your level of expertise and your experience with the product. It was simple for me but I have seen others struggle with it.  

Usually, when I did deploy I do it on a lap setup. The time it takes depends mostly on how we are going to plan the deployment. It can be done within a day or a week.

Sometimes we will use an integrator for the deployment and sometimes we will do it ourselves. 

The return on investment has already been achieved and it is great.

The solution is a one-off fee once, it's just a matter of whether we are using IOS security you want to use the IT functionality, you need to have the security licenses.

It's a good product you just have to have someone that really knows how to configure it otherwise it's going to be a nightmare.

I would rate it a seven out of ten. 

We use it for routing and switching, VPNs, connectivity to some degree, and firewalls.

In certain spots it has improved our security program's maturity, for example around virtualization and network segmentation.

The most valuable feature is the scalability. The nice thing with the bigger vendors is that they're very good at scale.

I would like to see much more embedded security that works and that isn't a bolt-on.

It's pretty stable. The stability has been good.

I would rate the technical support at eight out of ten. We've had a lot of good feedback. 

Different products come and go but we've been using Cisco for 20 years. 

We use every consulting firm and probably most integrators, depending on the project. On any day it could be Deloitte, Accenture, etc.

I'm sure we've seen ROI. Routing is better than picking up a file, carrying it to you and handing it to you. But it's been in place for quite a long time.

Look at this solution and figure out what you're trying to accomplish. You should probably augment it with some other vendors as well. I'm not a big single-vendor type of person. I don't think anyone does it perfectly well. With Cisco, you bring them in for their core competencies which are routing, switching, and virtual networking. Then you augment it with some security vendors that have been doing security the entire time.

I would rate it at eight out of ten. It's not a ten because of the criticisms around security.

EEM (Embedded Event Manager) is a software component of Cisco IOS.

I found that EEM is a handy feature [but it is an underdog for the end user] if fine tuning of monitoring is required or if you would like to turn a Cisco device (switch or router) into a programmable device (without fancy words like ACI or Python, etc.). It is low level but efficient and money saving. It is available by default (but check the IOS feature support first). For curious minds, it could be used in combination with IP SLA and tracking features, a network engineer Swiss army knife.

• Increased monitoring level for KPIs normally not tracked by network management systems.
• Ability to correlate events and report back in a predefined format/customized message on the switch.
• Making a Cisco switch act as a network event sensor is enhancing visibility on the network.

• Tailored monitoring/notifications and some sort of added intelligence moved now to the edge of the network. (Actually, it could be done at any point of network: core, distribution, or access.)

As it is a tailored solution, it is not very scalable, but this is a trade off; you need a hammer or a scalpel. And EEM is a scalpel.

No licenses but what comes with the features of IOS.

Before choosing this product, we evaluated other options. I looked for a tailored solution.

The competition (like Juniper) do offer similar approaches (scripting capabilities, but I did not look into the details). The question is that in many cases, users are not extending their expertise to adopt these money/time-saving features that vendors provide with their OSs.

1. Cisco IOS Security feature provides key features such as AAA, VPN, IPsec, content filtering, IPS, etc in all IOS based Cisco devices. 2. I like it because they include powerful security features that come with all Cisco Router and Switch from low to higher end. 3. It helped me to convert my Cisco router into a zone-based policy firewall. 4. It helped me to implement port security at my switch end. 5. I have implemented AAA in all Cisco routers and switch easily. 6. I have configured VPN server in a Cisco router with ease compare to OPENVPN configuration in a Linux OS environment.

1. IOS security related IPS facility is not as strong as Cisco ASA and the signature file of IPS does not update automatically like Cisco ASA. 2. When I converted the Cisco router into a zone-based firewall, CPU utilization shot up and slowed down network performance.

Cisco IOS security feature is the most robust and simple security facility which nice and small to implement. It helped me protect my network from external and internal attack.

Cisco IOS is the best OS for Cisco routers and switches. There are a lot of plus points of using Cisco IOS. A brief introduction about them are as follows.AAA- Cisco IOS has a lot advantages while using AAA. It can use various encryption services which also includes EAP with Radius.Firewall- You can use Cisco IOS Advance IP Services for creating Zone based firewalls on Cisco Routers.TCP Intercept- It prevents DDOS attacks quite effectively.PKI- You can use RSA keys in PKI. Also lets you use Certificates in PKI.VPN- Almost any type of VPN can be configured using IOS security. Site to site or remote. 802.1X- This facility has helped a lot of organizations and ISPs to maintain authentication for their users.

It is very hard to find any limitations of this OS Still when you use this as Zone based firewall you can see its limitations. You need to restrict traffic with ACL, which is fine but you need to create too many ACLs. Hence management of ACLs is a tedious task. Works better with TACACS+ which is Cisco proprietary. WAN connectivity is difficult on a router which is running IOS Security.

The best OS from my point of view in Cisco IOS is Advanced IP Services. This OS has changed the definition of network security by using the router. The use of VPN concentrator is coming to an end because this OS can handle any kind of VPN using the router, so no need of VPN concentrators.

The most valuable features of Cisco IOS Security are the plenty of functionality it provides, many people are IT certified the usage, and the user interface is good.

Cisco IOS Security could improve its security features. There are competitors that have some additional security features, such as Fortinet FortiGate. Additionally, there should be better synchronization with Cisco IOS Security and other vendors, and improved AI features would be beneficial.

I have been using Cisco IOS Security for over 20 years.

Cisco IOS Security is stable.

The scalability of Cisco IOS Security is good.

The technical support from Cisco IOS Security is of an average level. They had some difficulties.

I rate the support from Cisco IOS Security a four out of five.

Cisco IOS Security price could be reduced, it is more expensive than many of the other solutions, such as Sophos and Fortinet FortiGate.

This solution has some advantages over competitors, but it has weaknesses too.

I rate Cisco IOS Security an eight out of ten.

We primarily use the product as a security solution within our company.

Overall, the devices are very good and reliable.

The product is easy to use.

It's quite a stable solution.

The installation process is easy.

Technical support has always been very good.

It's a good device yet it's not a market leader. There are better options for customers to choose from.

There could be a bit more functions on offer that could make it easier to use.

We have used the solution for four years. It's been a while. We have a bit of experience with it at this point. 

The stability is great and the performance is good. It's reliable. There are no bugs or glitches. it doesn't crash or freeze. 

We have about 2,000 users on the product currently.

Cisco technical support is the best in the world. They are very helpful and responsive and we are always satisfied with the amount of assistance we get.

Previous to this solution, we did not use anything else.

It's straightforward to set up. The product isn't too complex in terms of implementation. It takes about two days to deploy everything. 

You only need two people for installation. We have two technicians for the installation of the product and two engineers for managing the product.

We handle the implementation ourselves in-house. We don't need outside consultants or integrators. 

We pay a yearly subscription for signatures and stuff for the filtering, debugging inspection.

We did not evaluate anything before we started using Cisco. We didn't evaluate other options.

We always use two versions behind the latest version. We do not use the latest version typically.

I'd rate the solution at a six out of ten.

I wouldn't recommend the solution to other users or organizations at this time.

On-premises

The solution is used for security purposes. 

The Intrusion Firewall is a valuable feature. 

Cisco is an expensive firewall, so the pricing can be improved. 

 I have been using Cisco IOS Security for more than five years. 

The stability can be improved. I rate the stability an eight out of ten. 

It is a scalable solution. Presently, two hundred users are using the solution. 

The technical support team is good. 

Positive

The initial setup is not very difficult. 

The pricing is expensive. 

I will recommend it if your entire infrastructure is Cisco-based, because the compatibility is good.

I rate the overall solution an eight out of ten. 

Public Cloud