Cisco Secure Firewall Reviews

Name: Cisco Secure Firewall
Brand: Cisco
Rating: 4.1 (413 reviews)

Vendor: Cisco

4.1 out of 5

413 reviews
82% willing to recommend

13K followers

What is Cisco Secure Firewall?

Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

Get the Cisco Secure Firewall Buyer's Guide and find out what your peers are saying about Cisco Secure Firewall, Fortinet FortiGate, Netgate pfSense and more!

Cisco Secure Firewall is the #6 ranked solution in top Cisco Security Portfolio solutions and #7 ranked solution in best firewalls. PeerSpot users give Cisco Secure Firewall an average rating of 8.2 out of 10. Cisco Secure Firewall is most commonly compared to Fortinet FortiGate: Cisco Secure Firewall vs Fortinet FortiGate. Cisco Secure Firewall is popular among the midsize enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a educational organization, accounting for 42% of all views.

Buyer's Guide

Cisco Secure Firewall

May 2025

Get the report

Helped 852,649 peers since 2012

Featured Cisco Secure Firewall reviews

Maharajan S

VSO at a computer software company with 501-1,000 employees

Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.

Read full review

Dibyendu Roy

Senior Network Administrator at iib

For mid-sized organizations, I do not recommend it. For ISPs or data centers, I would recommend it due to its good performance and hardware capabilities. Their hardware can handle substantial amounts of data without causing latency. I recommend it for ISP or data center. For enterprise purposes, I do not recommend it. I rate the overall solution seven out of ten.

Read full review

Reviewer43898

Engineering Services Manager at a tech services company with 201-500 employees

It may sound a bit strange, but one of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now. Also, the new UI is always getting better from version to version. In the beginning, when it came to managing Cisco Secure Firewall, it wasn't always the easiest, but with 6.7 and 7.0, it's gotten easier and easier. It's a pretty easy system to manage. It's especially beneficial for people who are familiar with ASA logic because a lot of the Firepower logic is the same. For those people, they're just relearning where the buttons are, as opposed to having to figure out how to configure things. I've used the backup VTI tunnel and that's a feature that lets me create some redundancy for my route-based stuff and it works pretty well. I haven't had any issues with it Firepower 7.0 also has fantastic Dynamic Access Policies that allow me to replicate a lot of the configurations that were missing and that made it difficult to move off the old ASA platform for some customers. The addition of that capability has removed that limitation and has allowed me to move forward with implementing 7.0. Snort 3 is one of the biggest points on Firepower 7.0. I've been using Snort 3 for quite a while and, while I don't have a ton of customers on it, I do have some who are running on it and it's worked out pretty well. In their use cases, there wasn't a lot of risk, so that's why we started with it. Snort 3 has some huge advantages when it comes to performance and policy and how it's applying things and processing the flows. Dynamic Objects have also been really critical. They're very valuable. Version to version, they're adding a lot more features onto Dynamic Objects, and I'm a big fan. I've also used the Upgrade Wizard quite a bit to upgrade the firmware. And on the management side, there are the health modules. They added a "metric ton" of them to the FMC [Firepower Management Center]. In version 6.7 they released this new health monitor which makes it a lot easier to see data and get to information faster. It's quite nice looking, as opposed to CLI. The new health modules really do stand out as a great way to get to some of that health data quickly—things like interface information, statistics, drops—that were harder to get to before. I can now see them over time, as opposed to at just a point in time. I've used that a lot and it has been very helpful. In addition, there is the global search for policy and objects. I use that quite a bit in the search bar. It's a great way to get some information faster. Even if I have to pivot away from the screen I'm on, it's still great to be able to get to it very quickly there. In a lot of ways, they've addressed some of the biggest complaints, like the "housekeeping" stuff where you have to move around your management system or when it comes to making configuration changes. That has improved from version to version and 7.0 is different. They've added more and have made it easier to get from point A to point B and to consume a lot of that data quickly. That allows me to hop in and do some data validation much faster, without having to search and wait and search and wait. I can get to some of that data quicker to make changes and to fix things. It adds to the overall administrator experience. When operating this technology I'm able to get places faster, rather than it being a type of bottleneck. There is also the visibility the solution gives you when doing deep packet inspection. It blows up the packet, it matches application types, and it matches web apps. If you're doing SSL decryption it can pinpoint it even further than that. It's able to pull encrypted apps apart and tell me a lot about them. There's a lot of information that 7.0 is bringing to the forefront about flows of data, what it is, and what it's doing. The deep packet inspection and the application visibility portion and Snort are really essential to managing a modern firewall. Firepower does a bang-up job of it, by bringing that data to the forefront. It's a good box for visibility at the Layer 7 level. If you need Layer 7 visibility, Firepower is going to be able to do that for you. Between VLANs, it does a good job. It's able to look at that Layer 7 data and do some good filtering based on those types of rules.

Read full review

Cisco Secure Firewall video interviews

Watch video interviews with real Cisco Secure Firewall users to learn how the Firewalls solution helped improve their organization. The videos include info about the challenges and benefits of implementing Cisco Secure Firewall.

Aug 3, 2023

Robert LaCroix

Network Engineer at Red River

Read review

Aug 3, 2023

Bryan Broadhurst

Cybersecurity Designer at a financial services firm with 1,001-5,000 employees

Read review

Cisco Secure Firewall mindshare

Product category:

As of May 2025, the mindshare of Cisco Secure Firewall in the Firewalls category stands at 6.0%, up from 5.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Firewalls

PeerResearch reports based on Cisco Secure Firewall reviews

Type	Title	Date
Category	Firewalls	May 23, 2025	Download
Product	Reviews, tips, and advice from real users	May 23, 2025	Download
Comparison	Cisco Secure Firewall vs Netgate pfSense	May 23, 2025	Download
Comparison	Cisco Secure Firewall vs Fortinet FortiGate	May 23, 2025	Download
Comparison	Cisco Secure Firewall vs OPNsense	May 23, 2025	Download

Title	Rating	Mindshare	Recommending
Fortinet FortiGate	4.2	21.4%	90%	338 interviews Add to research
Netgate pfSense	4.3	13.3%	93%	218 interviews Add to research

Valuable Features

Cisco Secure Firewall is valued for its security features, VPN capabilities, advanced malware protection, and ease of use. It offers robust threat detection with Snort IPS and FirePOWER services. Users appreciate its integration with Cisco tools, GUI, CLI, application visibility, and seamless integration with other security solutions. It provides reliable performance, stability, quick threat management, and strong VPN features including AnyConnect. It is user-friendly, manageable, and valuable for both enterprise and smaller environments.

"I would rate this solution as ten out of ten."
"The technical support for Cisco Secure Firewall once you have the SmartNet is very good."
"Customer service and support are excellent. I would rate their support 10 out of 10."

Room for Improvement

Cisco Secure Firewall needs improvements in cost efficiency, user interface, and overall ease of use. Users often encounter complexities with the ASA command-line interface and ASDM; a more intuitive, user-friendly GUI is desired. Multiple users report difficulties with integration and a high learning curve. Licensing is cited as expensive and cumbersome. Enhancements in real-time logs, third-party rule integration, and optimizing performance for advanced features like SSL decryption, VPN, and malware protection are frequently mentioned.

"Cisco could improve their firewall by providing better support when issues arise, such as during an attack, to help resolve problems more efficiently."
"Trying to renew the partnership with them became challenging as they were requesting numerous things on our side, and since we are a very small business, it wasn't possible to get through that verification."
"The configuration might be slightly difficult compared to other players in the market like Fortinet or WatchGuard."

ROI

Customers experience substantial ROI from Cisco Secure Firewall due to reduced incidents and enhanced security. Many see fewer outages and quicker response times. ASA prevents costly attacks and extends the lifespan of investments. Users value the increased visibility and control, crucial for protecting data and business continuity. Effective integration leads to savings in operational costs and resources. Positive feedback highlights benefits in remote work capabilities, cost-efficiency, and overall stability.

Pricing

Cisco Secure Firewall pricing varies greatly, with initial setup costs ranging from $500 to over $10,000, depending on the model and configuration. Annual maintenance fees and license renewals can add significant costs, especially for advanced features like IPS and AMP. Pricing is often considered high compared to competitors, but enterprise buyers find value in Cisco's reliability and support. Negotiation for discounts, especially at Cisco's fiscal year-end, can reduce costs, and enterprise agreements offer better pricing models.

"Pricing depends on partnerships and certifications."
"Pricing is high."
"The solution’s pricing is competitive."

Popular Use Cases

Cisco Secure Firewall is primarily used for firewalling in data centers, enterprise networks, and edge protection scenarios. Organizations utilize it for managing external threats, securing perimeters, supporting VPNs, and ensuring data integrity. They deploy it for internet access, remote VPN connectivity, site-to-site VPNs, and internal network segmentation. Its role extends to providing intrusion prevention, URL filtering, malware detection, and safeguarding network boundaries from cyber threats. Businesses also integrate it within hybrid and on-premise environments.

Service and Support

Cisco Secure Firewall's customer service is widely regarded as excellent, with highly responsive and knowledgeable TAC engineers. Many users commend its prompt support, efficient troubleshooting, and knowledgeable assistance, often rating it 9 or 10 out of 10. However, some users experience varying support levels, citing delays or inconsistent expertise. Generally, those with premium contracts report quicker resolutions and express satisfaction with the support received.

Deployment

Cisco Secure Firewall's initial setup varies in complexity based on user experience and environment. Many find it straightforward with adequate documentation and wizards, especially experienced users. However, for newcomers or those transitioning from different platforms, it can be complex, requiring specific knowledge. Physical deployment typically completes quickly, whereas more intricate configurations may take days. Training and support are often recommended, especially for those unfamiliar with Cisco systems.

Scalability

Cisco Secure Firewall's scalability varies. Users highlight that scalability often hinges on careful workload assessment and hardware choices. While clustering and licensing offer scalability, costs and implementation complexities may constrain growth. Some users find it flexible and sufficient for their needs, and others cite challenges with expanding throughput and resource flexibility. Yet, many note reliable scalability for small to medium-sized deployments with satisfactory performance in managing traffic across diverse environments.

Stability

Cisco Secure Firewall demonstrates strong stability with most users highlighting its reliable performance. Some encountered minor issues with specific firmware versions but emphasized that frequent updates address those problems. Users praised its resilience, noting it can operate continuously without downtime. Many cited improvements over recent years, reflecting better stability and fewer bugs. Users appreciate its robust performance, indicating a preference for Cisco's consistent quality in the networking sector.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Cisco Secure Firewall Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Educational Organization

42%

Computer Software Company

13%

Manufacturing Company

University

Government

Financial Services Firm

Comms Service Provider

Healthcare Company

Retailer

Energy/Utilities Company

Construction Company

Media Company

Real Estate/Law Firm

Insurance Company

Hospitality Company

Non Profit

Wholesaler/Distributor

Outsourcing Company

Legal Firm

Transportation Company

Performing Arts

Recreational Facilities/Services Company

Consumer Goods Company

Compare Cisco Secure Firewall with alternative products

Learn more about Cisco Secure Firewall

The core features of Cisco Secure Firewall are multifaceted:

Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.

The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

Cisco Secure Firewall was previously known as Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall.

Cisco Secure Firewall customers

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.