What is Cisco Secure Firewall?UNIXBusinessApplication
Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.
Network Manager at a computer software company with 501-1,000 employees
Feb 15, 2023
We have used different types of solutions. We had Cisco ASA for about 10 years, and then we switched to an on-site firewall to MX from Meraki, Cisco. For our cloud, we have Cisco Services Routers. The migration to the cloud has been a lot of work. Not all of our systems were compliant with being on the cloud so we had to work on some applications and delete some of them. For the old systems, we had to do extra work but for the newer systems, it was fine. The migration took around 18 months to migrate 99%. We had more than 2,000 on-prem firewall sites. Cisco helped with the migration to the cloud with the migration tool. Migrating MX was really easy and the tools helped us to migrate from the old ASA we had to the new MX. The cloud, firewalling, and CSR helped us from the data center on-premise approach to the cloud because at the time we didn't have a lot of experience with the cloud. It was easy to use the Cisco appliances in that space. I think that this solution has saved our IT staff time because of the ease of deployment. When I first started as a network engineer, it took a whole day to configure a firewall because of all the particularities you could potentially have at a site. I think that this solution saved our organization's time because security saves money because. At the end of the day, firewalls block threats. This solution helped with the consolidation of tools as we had all the observability tools in the solutions. Some 10 years ago we all had third-party solutions doing the observability. Now, we have the whole package and not only the firewall. We choose Cisco 10 or 20 years ago mostly because it was a market-leading solution. I also think it's because of MX's user-friendly solution that you can get on board easily. As far as CSA goes, I believe it's because you have a lot of features on the firewalls and it's the stability of course.
We use it for data center security for both the north-south and east-west. With Firepower, you get the next-generation functionality and the next-generation firewall features. Traditionally, when you have a layer three access list, it's really tricky to get the flexibility you need to allow staff…
The policies module in FMC specifically isn't the most user-friendly. Coming from Cisco ASA, Cisco ASA is a little bit easier to use. When you get into particularly complex deployments where you have a lot of different interfaces and all that kind of stuff, it's a little bit tricky. Some usability improvements there would be nice. For scalability, they could support a little bit more diverse deployments around clustering and high availability. Currently, it's very active standby, and being able to do a three firewall cluster or four or five firewall cluster would suit some of my deployments a little bit better. It would also help to keep the cost down for the customer because you're buying smaller devices and clustering them versus larger devices.
Watch video interviews with real
Cisco Secure Firewall users to learn how the Firewalls solution helped improve their organization.
The videos include info about the challenges and benefits of implementing Cisco Secure Firewall.
The most valuable features of Cisco Secure Firewall are its ease of configuration, scalability for firewalls and VPNs, robustness, reliability, and security. The VPN feature is widely used, especially in remote working situations due to COVID. The FMC provides excellent visibility for the administrator to see what the firewall is seeing, stopping, and letting through. The IPS feature is valuable for tackling current attacks, and the URL filtering helps protect networks. The reporting and analytics feature is a standout, providing insights into network activity and identifying threats. The ability to integrate with other Cisco products, such as ISE and SecureX, is also valuable.
Room for Improvement
Users have suggested areas of improvement for Cisco Secure Firewall, including better integration with cloud providers, improved customer support, more user-friendly policies module, scalability for diverse deployments, faster delivery time, better stability and software quality, more configurable feature parity with Cisco ASA, better API and automation tools, improved user experience, more integration with Microsoft Identity, and better inspection visibility. Additionally, some users have reported difficulties with the GUI and management of firewalls, bugs related to high availability, and outdated solutions like ASDM. There is also a desire for more seamless integration with other vendors' products, more manageable firewalls, and a clearer graphical representation for setting firewall network rules. Finally, users would like to see better performance, more bandwidth, and better interface speed.
The pricing and licensing of Cisco Secure Firewall are generally viewed as fair, but there are some complaints about the complexity of the licensing process and the high cost. The bundling of licensing options has been seen as an improvement, and the enterprise agreement can help with pricing. While some consider the pricing competitive, others feel it could be lower. The focus is on the value received for the price paid. Overall, the licensing is seen as straightforward and easy to understand, with fewer SKUs than some competitors. However, there are some concerns about the Smart Licensing system, which some find confusing.
Popular Use Cases
Cisco Secure Firewall is used for a variety of purposes, including VPN concentrator, traditional firewall uses, remote VPN, securing client networks, data center core segmentation, perimeter firewall, network access control, filtering, site-to-site VPN, edge security, OT network protection, SSL traffic encryption/decryption, and content filtering for compliance. It is used by organizations of different sizes and industries, including government, healthcare, manufacturing, retail, energy, and consulting. Cisco Secure Firewall is often integrated with other Cisco security products, and its automation features make it easier for cross-common security teams to manage and protect their networks.
Service and Support
Cisco Secure Firewall's customer service and technical support receives mixed reviews from users. Some users find their technical support to be excellent, reliable, responsive, and knowledgeable, with prompt and satisfactory responses. However, others find it challenging to get someone who knows what they're doing on the line, and the process of having to deal with licensing and open a TAT case based on serial numbers is difficult. Some users also report long waiting times and delays in resolving issues. Nevertheless, many users rate their support at ten out of ten, and they appreciate the efforts of Cisco's technical support team in providing urgent assistance and solving critical issues.
The initial setup of Cisco Secure Firewall is generally straightforward, with the average deployment time being short. There is a wizard available to assist with the setup, and online documentation is also helpful. However, some users have encountered difficulties with deployment on certain platforms. The complexity of the installation depends on the level of features being used, but experienced users find it easy. The deployment model varies depending on the customer's environment and needs, with on-premises and hybrid cloud models being common. The firewall migration tool is useful for migrating from previous firewall configurations. Maintenance is required for patching, but it is not a major issue.
Cisco Secure Firewall is a highly scalable solution with no limitations in terms of scalability. It is able to handle a range of throughput devices, from small branches to data centers and cloud environments. Cisco provides a way of mixing and clustering firewalls to enhance scalability as clients grow. The management platform allows for easy addition of multiple regions, locations, and types of firewalls. While some users have encountered issues with scalability, such as hitting limitations or finding it expensive to scale out, overall the solution has met scalability requirements for traffic and management. It is a popular choice for mid to large-sized businesses and can be deployed virtually. There are different sizes of firewalls for different scales, from small businesses to those with thousands of employees. The solution is easy to scale up and extend to other operations, and can handle at least 1,000 connections simultaneously. However, some users have noted that scalability depends on the model and license, and may require adjustments or new appliances to handle increased traffic.
The consensus among reviewers is that Cisco Secure Firewall is a highly stable solution. Many reviewers have not encountered any stability issues, and some have deployed multiple devices without any callbacks or problems. Some reviewers have even used the solution for several years without any failures or downtime. However, some reviewers note that there is room for improvement in terms of stability, and a few have experienced bugs or issues that required reloading or maintenance.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
The core features of Cisco Secure Firewall are multifaceted:
Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.
The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.
In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.
User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.
In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.