Imran Rashid - PeerSpot reviewer
IT/Solutions Architect at a financial services firm with self employed
Real User
A reliable next-generation firewall solution with good support
Pros and Cons
  • "I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."
  • "We only have an issue with time sync with Cisco ASA and NTP. If the time is out of sync, it will be a disaster for the failover."

What is our primary use case?

In the new design, I put Cisco Firepower NGFW Firewall as a LAN segment and as the data center firewall. In the old design, I just used FortiGate Firewall for configurations, and we are going to replace it. The complete solution will be replaced with a two-tiered data center.

What is most valuable?

I like that Cisco Firepower NGFW Firewall is reliable. Support is also good. 

What needs improvement?

We only have an issue with time sync with Cisco ASA and NTP. If the time is out of sync, it will be a disaster for the failover.

For how long have I used the solution?

I have been using Cisco Firepower NGFW Firewall for about 11 years. 

Buyer's Guide
Cisco Secure Firewall
November 2022
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
653,584 professionals have used our research since 2012.

What do I think about the stability of the solution?

Cisco Firepower NGFW Firewall is a stable solution. 

What do I think about the scalability of the solution?

Scalability is good, but just like the issue with Palo Alto and Fortigate, there is also an issue with Cisco Firepower NGFW Firewall. I can configure it easily because of my Cisco background, but others in my team aren't comfortable with it.

How are customer service and support?

Technical support is good. They were both fast and reliable and quick in making decisions. We faced specific issues, and tech support was efficient and provided an immediate solution. Other firewall vendors are slow to respond, and I'm not satisfied. It's also easy to Google and find solutions to our problems. We can't do that for other firewalls.

On a scale from one to five, I would give technical support a five.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used FortiGate Firewall, but we are replacing it with Cisco Firepower NGFW Firewall because we had issues with HP solutions. We also switched because I am Cisco certified, and my background and expertise are in Cisco.

How was the initial setup?

The initial setup was straightforward. 

What was our ROI?

We have seen a return on our investment. 

What other advice do I have?

I will tell potential users that the data center firewall is a good solution. But most of the companies are using other firewalls like Palo Alto and FortiGate. Most of the design architects prefer the parameters of the firewalls like we prefer the data center firewall.

On a scale from one to ten, I would give Cisco Firepower NGFW Firewall a ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Network Systems Manager at a computer software company with 5,001-10,000 employees
MSP
VPN enables staff to work from home, and our response times to events has been reduced
Pros and Cons
  • "The VPN feature is the most valuable to us because it accomplishes the task well. We're able to do everything we need to do."
  • "I would like to see them update the GUI so that it doesn't look like it was made in 1995."

What is our primary use case?

We use it for our VPN requirements. We wanted to allow people to work from home and we used the ASA to create VPNs through AnyConnect at the endpoints.

How has it helped my organization?

It has 

  • allowed people to work from home when they otherwise couldn't
  • improved response times when there are fires that need to be put out when people are not onsite.

What is most valuable?

The VPN feature is the most valuable to us because it accomplishes the task well. We're able to do everything we need to do.

What needs improvement?

I would like to see them update the GUI so that it doesn't look like it was made in 1995.

For how long have I used the solution?

I've been using the Cisco ASA Firewall for between one and two years.

What do I think about the stability of the solution?

It's been very stable. I don't think we've ever had an issue with it failing entirely.

What do I think about the scalability of the solution?

It scales well. We've had no issues ramping things up.

We're going to expand our usage of it. We rolled it out to about 200 users and now we're going to expand that to about 1,000 users out of our 3,000-user base. It has been really good.

How are customer service and support?

The tech support is excellent. I've always gotten really good tech support from Cisco.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not have a previous solution.

What's my experience with pricing, setup cost, and licensing?

The pricing could always be cheaper.

What other advice do I have?

The solution always requires maintenance. I have about two people who are the "experts" and they help maintain it pretty well.

Cyber security resilience has been extremely important for our organization because of our customers' demands for security. The ASA has really helped to accomplish that with the VPN. My advice to leaders who are looking to build resilience is don't go cheap, and make sure you have backup solutions and high availability.

It's a good, robust firewall and VPN solution, with lots of knobs to turn. It is effective at what it does.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
November 2022
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
653,584 professionals have used our research since 2012.
Network Administrator at a manufacturing company with 10,001+ employees
Real User
Top 20
Accurate CLI, knowledgeable support team, valuable features
Pros and Cons
  • "To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface."
  • "It is hard to collaborate with our filtered environment."

What is our primary use case?

We utilize the solution for our IT security. 

What is most valuable?

To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface.

We frequently use the Bottleneck feature we purchased specialized from Cisco.

What needs improvement?

It is hard to collaborate with our filtered environment. 

If Cisco could combine the Bottleneck feature of ASA, their platform called Umbrella, and the other team they have that has similar malware protection into one, this would be perfect. 

For how long have I used the solution?

I have been using the solution for almost three years.

What do I think about the stability of the solution?

The solution is stable. However, It does have some bugs, but Cisco always fixes them really quickly. Sometimes we have to restart and it would be better if the bugs could be fixed without having to reload.

What do I think about the scalability of the solution?

The scalability is not perfect.

How are customer service and technical support?

The support has been great and responsive. Most of their engineers are very professional and knowledgeable.

How was the initial setup?

The setup is easy to do if you are familiar with these type of installs, if not then it could be difficult.

What's my experience with pricing, setup cost, and licensing?

We have a perpetual license for all of our firewalls. For some of the features, we purchase them on demand. The pricing is decent but it could always be cheaper, we would be happier.

Which other solutions did I evaluate?

We will probably change to a higher version in the near future or migrate to a next-generation firewall which would include IPI and some other new features. This makes sense because our current firewall ends the support in several years. 

Cisco FirePower, the next-generation firewall, is much better for stability.

What other advice do I have?

I have used many versions of the software over the years, versions 8.6 to 9.1 and 9.9 to 9.12.

Keep in mind before purchasing the solution, if you do need to scale the solution then ASA is probably not right for you.

I rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security engineer at a energy/utilities company with 10,001+ employees
Real User
Top 20
We have more control over things going in and out of our network
Pros and Cons
  • "We definitely feel more secure. We have more control over things going in and out of our network."
  • "Third-party integrations could be improved."

What is our primary use case?

We mainly use it for ICS security.

How has it helped my organization?

We definitely feel more secure. We have more control over things going in and out of our network.

Cybersecurity has been our top priority because of the last few attacks on our peers in the oil and gas industry.

What is most valuable?

The IPS solution helps us to not only navigate north-south traffic, but also east-west traffic.

What needs improvement?

Third-party integrations could be improved.

Not everything works out-of-the-box. Sometimes, you have to customize it to your needs. 

For how long have I used the solution?

I have been using it for two years.

What do I think about the stability of the solution?

It is stable for the most part.

There is maintenance needed for software, firmware, and updates. Three or four people keep up with the updates, etc. 

What do I think about the scalability of the solution?

It is pretty scalable. We can add as many devices as we want.

How are customer service and support?

The technical support is good. I would rate them as 10 out of 10.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously had a different platform. We wanted to converge multiple platforms into one.

I switched companies. So, I have more experience with Palo Alto.

What was our ROI?

We saw immediate benefits after deployment from having more control and visibility.

What's my experience with pricing, setup cost, and licensing?

Pretty much everything is included in the price for what we are using.

Which other solutions did I evaluate?

We looked at Check Point, Palo Alto, Fortinet, and a bunch of others. The management and support for the CIsco product is better.

What other advice do I have?

Listen to your customers and see what their needs are.

The whole stack provided by Cisco is a holistic solution for cybersecurity experts, like myself, and companies who are looking to secure their network.

You should partner up with a good team to view all products available, which cater and are customized to your needs.

We haven't found any gaps where it is lacking.

I would rate this product as eight or nine out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Cybersecurity Architect at a financial services firm with 5,001-10,000 employees
Real User
Provides our organization with a sense of security, reliability, and trustworthiness
Pros and Cons
  • "The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment."
  • "The solution is overcomplicated in some senses. Simplifying it would be an improvement."

What is our primary use case?

It has been great for blocking incoming bad actors. The new Firepower modules have been a welcome additive to that.

How has it helped my organization?

Cybersecurity resilience has helped us be able to react and respond in a quick fashion to anything that may be happening or any anomalies within the environment.

The solution has provided us a sense of security, reliability, and trustworthiness.

What is most valuable?

The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment.

Its resilience helps offer being able to react and self-heal.

What needs improvement?

The solution is overcomplicated in some senses. Simplifying it would be an improvement.

For how long have I used the solution?

I have used the ASA solutions for a better part of 10 years.

What do I think about the stability of the solution?

The stability is unparalleled.

All solutions require maintenance, and we do that routinely. Anywhere from three to four people from the network teams to application owners are involved in the maintenance. This is a firewall in production, so we need to do maintenances after hours, but it would be nice if we didn't need to do it after hours

What do I think about the scalability of the solution?

Scalability is unparalleled. It is easy to scale.

We don't have plans to increase our usage at this time.

How are customer service and support?

In previous years, Cisco's tech support has been great. Although, I have seen it declining. I would rate their support as seven out of 10.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We have used the Check Point firewalls as well as several different vendors.

What was our ROI?

It secures the network. The ROI is really incalculable at this point as keeping our data secure is keeping the company's assets secure.

Which other solutions did I evaluate?

We did evaluate other vendors.

What other advice do I have?

You need to be always looking ahead and proactively developing to build resilience.

I would rate the solution as eight out of 10. It is a world-class firewall.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Principal Network Security Manager at a tech vendor with 10,001+ employees
Real User
Provides stability and ease of firewall management
Pros and Cons
  • "Firepower has reduced our firewall operational costs by about 25 percent."
  • "One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."

What is our primary use case?

This product protects our computer systems. I use it as a traditional firewall service. I don't have any special use cases for it.

How has it helped my organization?

Firepower has reduced our firewall operational costs by about 25 percent.

What needs improvement?

Sometimes there is a lack of performance. One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance. It is much lower than we expected. They need to improve the performance a lot. With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS.

For how long have I used the solution?

I have been using Cisco Firepower NGFW Firewall for more than two years.

What do I think about the stability of the solution?

The most valuable property is the stability. It doesn't crash.

How are customer service and support?

When I have had issues with the software, I don't think they have given me the right answers. The support for the software isn't that good, but support for the hardware is very good.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

Although I work in Korea, I needed a means of deploying computer systems in other countries. Two or three years ago I was looking for a proper solution that would cover global sites. I chose Cisco products because Cisco has a very large presence all over the world.

How was the initial setup?

Once I got used to this product, it was easy to use other products, but it was not easy for me the first time.

What's my experience with pricing, setup cost, and licensing?

Firepower is a little bit expensive, although there are no additional costs beyond the standard ones.

Which other solutions did I evaluate?

We have several brands of firewalls in our organization. Compared to them, the ease of management of the Cisco firewalls is pretty good.

What other advice do I have?

When you calculate the capacity you need, you should add a buffer for performance.

There are 25 users of the solution on my team and they are all network security specialists.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Gyaneshwar Upadhyay - PeerSpot reviewer
Senior Network Engineer at BCD Travel
Real User
Top 10
User friendly and easy to use GUI, but stability and scalability need improvement
Pros and Cons
  • "If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
  • "We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."

What is our primary use case?

We are currently using this solution as a VPN and an internet firewall in some locations. In our data center, we are still using FortiGate as an internet firewall but we are evaluating other options.

What is most valuable?

If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly.

What needs improvement?

We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.

For how long have I used the solution?

I have been using Cisco Firepower NGFW Firewall for approximately three years.

What do I think about the stability of the solution?

The solution is not stable. There seems to be always some issues. This is not ideal when you are running a system in a data center environment.

What do I think about the scalability of the solution?

There is room for improvement in the scalability of this solution.

How are customer service and technical support?

I was satisfied with the support we received.

How was the initial setup?

When I did the installation three or four years ago it was challenging. 

What's my experience with pricing, setup cost, and licensing?

This solution is expensive and other solutions, such as FortiGate, are cheaper.

Which other solutions did I evaluate?

I have evaluated FortiGate firewalls and when comparing with this solution there is no clear better solution, they each have their pros and cons.

What other advice do I have?

I would recommend a Next-Generation firewall. FortiGate has a Next-Generation firewall but I have never used it. However, it would be similar to the Cisco Next-Generation FirePOWER, which has most of the capabilities, such as running all the BDP sessions and having security intelligence in one system. 

I would recommend everyone to use this solution.

I rate Cisco Firepower NGFW Firewall a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Stoyan Zhekov - PeerSpot reviewer
General Manager at MS Solutions Ltd.
Real User
Top 10
Secure, stable, user-friendly, and the partner support is good
Pros and Cons
  • "The most valuable feature is that it's secure."
  • "In the future, I would like to be able to use an IP phone over a VPN connection."

What is our primary use case?

We are using the ASA in our network to create a VPN between six places. We also use it for servers and data synchronization.

What is most valuable?

The most valuable feature is that it's secure.

It is really stable and I've never had an occasion that due to this firewall, I have had issues with the network, a breakdown, or otherwise.

This is a user-friendly product. Once you have a specialist who can configure it properly, you'll be pretty protected everything you want is in it.

What needs improvement?

In the future, I would like to be able to use an IP phone over a VPN connection.

For how long have I used the solution?

I have been working with Cisco ASA Firewall for at least seven years.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

We have not tried to scale our network. It was established a long time ago and nothing has changed since then.

How are customer service and technical support?

I have been auditing their partners in Bulgaria and I am in contact with them on a regular basis. I have not had any real issues with my equipment but overall, I think that the support is perfect.

Which solution did I use previously and why did I switch?

We were using the ASA 5505 and our network is faster now, so we are now in the process of upgrading our network to the 5506 model. The 5505 is a 100 megabit product, which is very low.

What about the implementation team?

We had a company that set everything up for us. They have Cisco engineers and I'm paying them annually for next-business-day support. They do all of the maintenance for us.

What's my experience with pricing, setup cost, and licensing?

They have a lot of different models but most of them are really expensive. This is the main thing because, for us, the price is important.

What other advice do I have?

Overall, I am pretty satisfied with this product and I recommend it.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2022
Product Categories
Firewalls
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.