Try our new research platform with insights from 80,000+ expert users
IT Consultant at ACP IT Solutions AG
Reseller
Is scalable, but firewall management needs improvement
Pros and Cons
  • "Cisco Secure Firewall is a scalable solution."
  • "The management of the firewalls could be improved because there are a lot of bugs."

What is our primary use case?

Our clients use Cisco Secure Firewall to protect them from data breaches. They also use it for site-to-site VPN connections and remote access.

What is most valuable?

The most valuable features are remote access, site-to-site VPN, and next-generation features.

What needs improvement?

The management of the firewalls could be improved because there are a lot of bugs.

For how long have I used the solution?

I've been selling this solution for three years.

Most of our clients have deployed the solution on-premises and are slowly migrating to hybrid and to SaaS models.

Buyer's Guide
Cisco Secure Firewall
June 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,957 professionals have used our research since 2012.

What do I think about the stability of the solution?

When you configure it, it's very stable.

What do I think about the scalability of the solution?

Cisco Secure Firewall is a scalable solution.

How are customer service and support?

Cisco's technical support is good.

Which solution did I use previously and why did I switch?

We used to sell Palo Alto firewalls and switched to Cisco because it was more cost-effective for clients.

As a Cisco reseller, I try to give our customers the best possible solutions for their problems.

How was the initial setup?

The initial setup is straightforward for smaller organizations, but it can be complex when companies are larger.

Migrating certain components of a client's previous firewall configurations to Cisco Secure Firewall with the migration tool is simple, easy, and quick. However, it would be really nice if we could migrate complete ASA configurations to FTD with the migration tool and not just the policies and objects.

Maintenance-wise, we troubleshoot and make changes if required.

What about the implementation team?

I deployed it myself with, and perhaps with one person from the client's end.

What other advice do I have?

On a scale from one to ten, I would rate Cisco Secure Firewall at seven.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
PeerSpot user
Network Lead at a tech company with 10,001+ employees
Real User
Simple deployment and is easy to manage but the GUI, functionality and flexibility should improve
Pros and Cons
  • "Cisco Secure Firewall improved our organization. We have it in every one of our French offices."
  • "One thing that Cisco could improve is the GUI. The graphic user interface should be more user-friendly."

What is our primary use case?

Our primary use case for Cisco Secure Firewall is segregation between different environments. We put Cisco Secure Firewall between each of those environments to create this segregation. 

How has it helped my organization?

Cisco Secure Firewall improved our organization. We have it in every one of our French offices. 

What is most valuable?

What I like about Cisco Secure Firewall is that you get to integrate it into one box. For example, you can have one big switch with a model inside of it. This makes it easy to manage. 

What needs improvement?

One thing that Cisco could improve is the GUI. The graphic user interface should be more user-friendly. If you compare it with some of its competitor's GUIs, Cisco falls short in terms of how rules are pushed. 

We have also run into issues with functionality and flexibility. Cisco does fall behind its competitors in this regard. It's our opinion that Cisco is not a leader in security devices. 

For how long have I used the solution?

I have been using Cisco Secure Firewall for two decades. 

How are customer service and support?

We are satisfied with the level of support we get from Cisco. Getting support is quite easy. When we have a problem, our engineer just opens up a case and we get a reply quickly. The support usually has deep knowledge of the solution. 

How would you rate customer service and support?

Positive

How was the initial setup?

I was involved in the initial deployment. It was quite simple, not complex at all. 

What was our ROI?

We have seen a return on investment in terms of price because we have a partnership with our provider. 

Which other solutions did I evaluate?

We chose Cisco Secure Firewall because we were already using Cisco switch routers and other products, so we wanted everything to be from one provider. However, we do use other products as an additional security measure.

What other advice do I have?

The solution does help us save time because it enables us to do a good job of filtering from the get-go. This ensures we have fewer potential threats to look through.

Cisco Secure Firewall has not helped us consolidate tools because part of our security strategy is having multiple firewalls from different providers. Our company policy is that it is better to have different technology, so we do have some overlap.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
June 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,957 professionals have used our research since 2012.
reviewer2099559 - PeerSpot reviewer
Founder CCIE
Reseller
Adds value and helps organizations avoid problems and mistakes
Pros and Cons
  • "What I found the most valuable about Cisco Secure Firewall is that if a client is educated about the solution, it can help him or her avoid many problems and mistakes."
  • "Cisco's inspection visibility could be better."

What is our primary use case?

Our primary use case for this solution is to use it as a firewall. This product secures the internet from internal and public users.

How has it helped my organization?

Cisco Secure Firewall helped add to my organization's value. It is a selling product for us here. They have great support and documentation, which makes the solution easy to sell to customers. The Cisco name has a lot of value and high brand awareness.

We are selected partners now but are looking to grow to become a primary partner for Egypt. 

Cisco Secure Firewall definitely saved us time. However, security is never 100% with any product, even Cisco. So, you will have to spend some time securing your IT regardless of which solution you use.

I would say that it helped my company cut time by 50%.

The solution cautions us against threats via email notifications and internally in the web interface of the product itself on the dashboard.

What is most valuable?

What I found the most valuable about Cisco Secure Firewall is that if a client is educated about the solution, it can help him or her avoid many problems and mistakes. 

What needs improvement?

I think Cisco would benefit from comparing its solutions to other products. There is a lot to learn from solutions like Palo Alto or FortiGate. These are top security products. For example, Palo Alto has better inspection visibility than Cisco. When we ask customers about Palo Alto, they say "I like Palo Alto. It helps me see problems on time. I can audit everything through it." Cisco could improve in this regard. Cisco's inspection visibility could be better. 

For how long have I used the solution?

I have been using this solution for a long time; since the PIX version in 2003. This adds up to almost 20 years now. I have had a plethora of experiences with this solution as both just an employee using it and also as the owner of a company. We also have a range of customers using the solution. 

Which solution did I use previously and why did I switch?

We did not use any other solutions. Our strategy from the beginning has been to grow with Cisco. However, our customers have the final say in which solutions they choose and sometimes that's not Cisco. That has much to do with their previous beliefs and brand loyalty and trust. The customer's opinion matters and if the customer is loyal to Palo Alto, we are going to have a hard time getting them to make the switch. 

How was the initial setup?

I am not involved in the deployment of the product. I have a sub that deploys Cisco Secure Firewall. I'm involved in guiding the deployment on the management side and making sure it's done in line with the customer's wishes. 

Which other solutions did I evaluate?

I did evaluate other options but ultimately went with Cisco because of the support they offer. You can reach their tech support engineers at any time. That's important. Their documentation is great as well. Their site is wonderful. 

What other advice do I have?

I rate the solution a seven out of ten.

Cisco Secure Firewall should be consolidated with routers, switches, or VOIP.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
System Administrator at a healthcare company with 501-1,000 employees
Real User
Robust, integrates well, and offers effective protection against internal risks
Pros and Cons
  • "Collaboration with other Cisco products such as ISE and others is the most valuable feature."
  • "While this applies to all vendors, pricing can be always lower. In my opinion, Cisco is the most expensive. The pricing can be reduced."

What is our primary use case?

The Cisco Secure Firewall is placed between the separate VLANs. It's a common and effective method of protecting VLANs against internal risks such as Checkpoints and external parameters.

How has it helped my organization?

It certainly saves time. You can detect anything if you have nothing. This is why, in the end, it saves time.

What is most valuable?

Collaboration with other Cisco products such as ISE and others is the most valuable feature.

What needs improvement?

it is difficult to say what it needs in terms of what needs to be improved. I don't work with it on a daily basis.

I haven't heard anything negative about it.

While this applies to all vendors, pricing can be always lower. In my opinion, Cisco is the most expensive. 

The pricing can be reduced.

For how long have I used the solution?

Our organization has been working with Cisco Secure Firewall for three to five years.

What do I think about the stability of the solution?

There are no complaints about performance or stability.

What do I think about the scalability of the solution?

There are no issues with the scalability. It works fine.

It is simple to upgrade.

We only need one person to maintain the product.

How are customer service and support?

My colleague has experience with technical support. I'm not sure if it was with Cisco's technical support directly or through Conscia in between.

Which solution did I use previously and why did I switch?

This was the first solution we were using.

We are primarily Cisco housed, and I believe that practically everything is Cisco. 

It might be part of the contract for a small fee. I don't think there's any particular reason.

I am familiar with CheckPoint, as well as Microsoft ISA.

How was the initial setup?

We have an implementation partner.

It's a hands-on job with a colleague of mine.

I don't know if it is particularly easy or not.

There was also some learning involved, such as knowing the traffic. This took some time. It took six months to deploy.

With the implementation partner, everything was written out. It was the best-case scenario for us.

We did not use the Cisco Firewall Migration tool.

What about the implementation team?

Conscia assisted us with implementation.

They are one of the best in the Netherlands.

What's my experience with pricing, setup cost, and licensing?

I am not aware of the pricing. 

It's an all-in-one contract.

What other advice do I have?

I would rate Cisco Secure Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Tushar Gaba - PeerSpot reviewer
Technical Solutions Architect at NIL Data Communications
Video Review
Real User
Provides perimeter security, allowing/blocking of traffic, IPS, and port scans
Pros and Cons
  • "The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied."
  • "The only improvement that we could make is maybe [regarding] the roadmap, to have better visibility as to what we are targeting ahead in the next few quarters."

What is our primary use case?

With [my company], NIL, it's cross-domain. It's just not ASA, but in particular we work with customers where we talk about the physical boxes or even the virtual appliances that we're deploying. The use cases can be multiple, but mostly what we have seen is perimeter security, looking at blocking [and] allowing of traffic before accessing the internet.

The majority of the challenges that we see across customers and partners is looking at the data, the integrity, security, [and] looking at various areas where they need to put in boxes or solutions which could secure their environments. It's not just about the data, but even looking at the endpoints, be it physical or virtual. That, in itself, makes the use case for putting in a box like ASA. 

And, of course, with the integrations nowadays that we have from a firewall, looking at multiple identity solutions or logging solutions you could integrate with, that in itself becomes a use case of expanding the genres of integrated security.

What is most valuable?

The best features would obviously be the ones that are most used: the perimeter security, allowing/blocking of traffic, NAT-ing, and routing, or making it easy as compared to a router. If you were to do the similar features on a router, it would be way more extensive and difficult as compared to a firewall. These are the majority of the features that anyone would begin with.

But of course, they expanded to other features like IPS or cyber security or looking at vulnerabilities or scanning, port scans. Those are the advanced things.

[In terms of overall performance] in the last decade or so, especially in the last three or four years, the scale of where the architecture has been—all the numbers, the stats, everything—has gone up exponentially. It's all because of the innovations that are always happening, and not just at the hardware level, but particularly at the software level. Of course, we can always look at the data sheets and talk about the numbers, but all I can say, in my experience, is that the numbers have really gone up, and the speed at which the numbers have gone up in the last couple of years or so, is really progressive. That's really good to see.

What needs improvement?

We're reaching [the point] where we want it to be. If you go 10 years back, we did miss the bus on bringing in the virtual versus the physical appliance, but now that we have had it, the ASAv, for a few years, I think we are doing the right things at the right place. 

The only improvement that we could make is maybe [regarding] the roadmap, to have better visibility as to what we are targeting ahead in the next few quarters. That is where we, as partners, can also leverage our repos with our customers and making them aware that there might be some major changes that we may have to introduce in their networks in the near future.

For how long have I used the solution?

I started back in the days with ASA when I was [with] Cisco. I was [with] Cisco for 12 years. I started as a TAC engineer, and one of the teams I was leading was the ASA team, firewall, and across VPN, AAA. it became like a cross-border team or cross-architecture, and it's been long enough. I've been working with ASAs for about 12 or more years now.

What do I think about the stability of the solution?

From the stability standpoint, it's way better. Is there a scope for improvement? Of course. There always is. But I can just speak from my experience. What it was and what it is today, it is way better.

What do I think about the scalability of the solution?

We look at scalability for any product of Cisco. I cannot be confined to the ASAs. We have physical, virtual, and cloud deployments. Everything is possible, so scalability is no issue.

How are customer service and support?

Support, when you look at any product from Cisco, has been top-notch. I was a TAC guy myself for 10 years and I can vouch for it like anyone would do from TAC.

Support has always been extensive. There is great detail in root cause analysis. Going back into my Cisco TAC experience, it's always the story that if you know the product well, you know the things that you need to collect for TAC or for any other junior SME to work with you collectively, to get down to the solutions sooner. Otherwise, they have to let you know what you need to collect. It's better to know the product, get the right knowledge transfer, work towards those goals, and then, collectively, we can work as a great team.

How was the initial setup?

I have mostly been involved in the pre-sales stage, and then eventually the post-sales as well. But we do the groundwork of making sure that we have set the stage for the customer to get the initial onboarding. And at times, I do it with other engineers or other colleagues who take it over from there. In my experience, it has been pretty straightforward.

It's not just the implementation, but [it's] also managing or maintaining [the ASA]. It would depend on how complex a configuration is, a one-box versus cluster versus clusters at different sites. Depending on the amount of configuration complexity and the amount of nodes that you have, you would need to look at staff from there. It's hard to put a number [on it and] just say you need a couple of guys. It could be different for different use cases and environments.

[In terms of maintenance] it's about a journey: the journey from having the right knowledge transfer, knowing how to configure a product, knowing how to deploy it, and then how to manage it. Now, of course, from the manageability standpoint, there are some basic checks that you have to do, like firmware upgrades, or backup restores, or looking at the sizing—how much your customer needs: a single node versus multiple nodes, physical versus virtual, cloud versus on-prem. But once you are done with that, it also depends on how much the engineers or SMEs know about configuring the product, because if they know about configuring the product, that's when they would know if something has been configured incorrectly. That also comes in [regarding] maintenance [of] or troubleshooting the product. Knowledge transfer is the key, and making sure that you're up to date and you have your basic checks done. Then, [the] manageability is like any other product, it's going to be easy.

What was our ROI?

The return on investment is not going to be restricted to just the box, because nowadays, if you look at the integrated security that Cisco has been heavily investing into, it's not just about ASA doing the firewalling functions. Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied.

What other advice do I have?

Being a partner, we work with customers who already have different vendor solutions as well. At times, there are a mix of small SMB sites, which could be, let's say, a grocery. There are smaller stores and there are bigger stores, and at times, they do local DIAs or local internet breakouts. [That's where] you do see some cloud-based or very small firewalls as well, but when you look at the headquarters or bigger enterprises, that is where we would probably position Cisco.

[My advice] would depend [on] if they are comfortable with a particular product, if they've been working with a particular vendor. If it's a Cisco shop, or if they've been working on Cisco, or the customers are quite comfortable with Cisco, I would say this is the way to go. Unless they have a mixed environment. It will still depend on the SME's expertise, how comfortable they are, and then looking at the use cases and which products would nullify or solve them. That is where we should position it.

My lessons are endless with ASA, but my lessons are mostly toward product knowledge. When you look at the deployment side of things, or for me, personally, when I was TAC, to know how things work internally within ASA—like an A to Z story, and there are 100 gaps between and you need to know those gaps—and then, eventually, you will get to the problem and solve it in minutes rather than hours.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
reviewer1639311 - PeerSpot reviewer
Solutions Consultant at a comms service provider with 10,001+ employees
Real User
A capable box for UTM
Pros and Cons
  • "It's quite a capable box for UTM."
  • "Sometimes my customers say that Cisco Firewalls are a bit more difficult compared to Fortigate or Palo Alto. There is complexity in the configuration and the GUI could be improved."

What is our primary use case?

We use it as a firewall or for UTM at the data center.

What is most valuable?

We like the standard firewall features. It's quite a capable box for UTM.

What needs improvement?

Sometimes my customers say that Cisco firewalls are a bit more difficult compared to Fortigate or Palo Alto. There is complexity in the configuration and the GUI could be improved.

For how long have I used the solution?

I have been using Cisco ASA Firewalls for as long as I have been working here, which is seven years.

What do I think about the stability of the solution?

Once installed, it's quite stable. We don't have many issues after it's deployed. Both the hardware and software are quite stable.

What do I think about the scalability of the solution?

As a firewall, it's in use all the time. Whether there will be increased usage depends on how security risks increase. But at the moment, there's no expectation for an increase in use.

How are customer service and support?

Cisco's technical support is usually quite satisfactory, and we get a reasonable response in a reasonable time to any inquiry we make.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is not that simple. I don't do the installation myself, but from what I hear it's more complicated than some of the other firewall products.

We usually do our installation in two or three hours. Our customers usually have between 10 and 50 users and they are generally IT admins.

We have three people who work in the field and manage deployments, and another five to 10 to manage the solution.

What was our ROI?

If you use the full functionality of Cisco ASA, it's worth the cost. But I don't think our company product is using the full capacity of the Cisco ASA.

What's my experience with pricing, setup cost, and licensing?

Licensing, recently, has been getting more complicated. In particular, the Smart Licensing that came out is quite complicated. I don't know what's going on. Our sales team asks us questions about Smart accounts, but I don't know what it is and Cisco is making it so complicated. They call it Smart, but it's complicated. I prefer the traditional license where you buy it once.

What other advice do I have?

When talking with our customers, I would not recommend our company's Cisco products for their security. It depends on their requirements, but if they want full security, I wouldn't say that Cisco ASA is the one choice.

My advice would be to do a PoC first.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
reviewer1895523 - PeerSpot reviewer
Network Systems Manager at a computer software company with 5,001-10,000 employees
Vendor
VPN enables staff to work from home, and our response times to events has been reduced
Pros and Cons
  • "The VPN feature is the most valuable to us because it accomplishes the task well. We're able to do everything we need to do."
  • "I would like to see them update the GUI so that it doesn't look like it was made in 1995."

What is our primary use case?

We use it for our VPN requirements. We wanted to allow people to work from home and we used the ASA to create VPNs through AnyConnect at the endpoints.

How has it helped my organization?

It has 

  • allowed people to work from home when they otherwise couldn't
  • improved response times when there are fires that need to be put out when people are not onsite.

What is most valuable?

The VPN feature is the most valuable to us because it accomplishes the task well. We're able to do everything we need to do.

What needs improvement?

I would like to see them update the GUI so that it doesn't look like it was made in 1995.

For how long have I used the solution?

I've been using the Cisco ASA Firewall for between one and two years.

What do I think about the stability of the solution?

It's been very stable. I don't think we've ever had an issue with it failing entirely.

What do I think about the scalability of the solution?

It scales well. We've had no issues ramping things up.

We're going to expand our usage of it. We rolled it out to about 200 users and now we're going to expand that to about 1,000 users out of our 3,000-user base. It has been really good.

How are customer service and support?

The tech support is excellent. I've always gotten really good tech support from Cisco.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not have a previous solution.

What's my experience with pricing, setup cost, and licensing?

The pricing could always be cheaper.

What other advice do I have?

The solution always requires maintenance. I have about two people who are the "experts" and they help maintain it pretty well.

Cyber security resilience has been extremely important for our organization because of our customers' demands for security. The ASA has really helped to accomplish that with the VPN. My advice to leaders who are looking to build resilience is don't go cheap, and make sure you have backup solutions and high availability.

It's a good, robust firewall and VPN solution, with lots of knobs to turn. It is effective at what it does.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Admin Network Engineer at Grupo xcaret
Real User
Offers more security and flexibility for VPNs
Pros and Cons
  • "It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications."
  • "I would like more features in conjunction with other solutions, like Fortinet."

What is our primary use case?

It is for our VPNs and filters out websites. 

How has it helped my organization?

It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications.

What is most valuable?

Its security is easy to use.

What needs improvement?

I would like more features in conjunction with other solutions, like Fortinet.

For how long have I used the solution?

I have been using it for five years.

What do I think about the stability of the solution?

It has very good stability.

What do I think about the scalability of the solution?

It has really good scalability.

How are customer service and support?

The customer service and technical support are good. I would rate them as nine out of 10.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We were previously using Fortinet. We switched to ASA and Firepower when our contract with Fortinet ended. Now, we are only using ASA.

How was the initial setup?

The deployment was simple.

What was our ROI?

The ROI is good. Using ASA, we have saved 10% to 20% on our costs.

What's my experience with pricing, setup cost, and licensing?

The pricing is fine. It is not too bad.

What other advice do I have?

We had it integrated with the Umbrella solution a few years ago.

I would rate this solution as nine out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.