Cisco Secure Firewall Reviews

We have a lot of use cases of FirePower. In one of the use cases, we have two offices, and we use FirePower on our two sites. One of them works through the site-to-site VPN, and we have a controller on this site.

I work with Cisco and other partners, but the Cisco team is the best team in our country. When I call them, they always help us. 

I started to configure the device with version 7.2. After that, I had a problem. It was not a physical problem. It was a software problem. They advised me to install 7.0. I uninstalled and reinstalled everything. It took time, but it started to work normally.

I am not a programmer, but on the business side, they should fix all such issues in the future. We are Cisco partners, and when we recommend Cisco FirePower to customers, they always think that FirePower is bad. For a single installation of FirePower, if I have to write about 18 tickets to Cisco, it's a big problem. There was an issue related to Azure. We had Active Directory in Azure. The clients had to connect to FirePower through Azure. We had a lot of group policies. After two group policies, we had to make groups in Azure, and they had to sign in and sign back. It was a triple-layer authentication, and there was a big problem, so we didn't use it.

We have been using this solution for about two years.

It's very stable now. Everything is fine for me.

I use just two devices. I've not tested anything else.

Their customer support is very good. We also work with other vendors, but Cisco's support is still the best. I'd rate them a 10 out of 10.

Positive

For me, it was very easy because I solved all problems, but I had to install it two times. 

We are a reseller, and for us, it's a 10 out of 10 because if we sell it, we will earn money, but customers have to agree with us.

We mainly use it in the data center. We are obliged to use a firewall. It's a necessity.

It has helped in securing our infrastructure from end to end so that we can detect and remediate threats. There is another office in my company that does threat detection, but it has been helpful.

It hasn't freed up any time. We still have to manage the firewall. It's something we have to do.

All the features except IPS are valuable. IPS is not a part of my job.

It's already pretty good. In terms of functionality, there isn't much to improve. There could be more bandwidth and better interface speed.

I've been using Cisco firewalls for 20 years.

Its stability is very good.

It's better to have a higher speed. I'd rate it an eight out of ten in terms of scalability.

We have multiple locations and multiple departments. We are a big company, and we have a lot of remote sites. We have about 6,000 of them.

They are very good. From time to time, Cisco employees come to us and provide information about the latest features and new products. I'd rate them a ten out of ten.

Positive

We have other firewalls, and it hasn't helped to consolidate other solutions. We have to use the Cisco firewall and other vendors because of internal law. We have to use two firewalls, one from vendor A and the other one from vendor B.

We went for Cisco because it's affordable. It's something you can trust. It's something you know. It's a valued product. 

I've been involved in configuring it and assessing and ensuring that the configuration is up to date and there are no bugs, etc.

Its initial setup is not at all complex. I've been working with Cisco firewalls for 20 years, so I know them very well. It's not complicated for me.

We have all deployment models. We have on-premises and cloud deployments. We have everything. I belong to a big organization.

We had a consultant for integrating the product. Our experience with the consultant was good.

The number of people required for deployment varies, but one person can deploy the solution. It's quite easy to implement. It doesn't require a lot of staff.

It requires normal maintenance.

It's affordable.

Try it. You will be happy. 

I'd rate Cisco Secure Firewall a ten out of ten.

We use it as a firewall or for UTM at the data center.

We like the standard firewall features. It's quite a capable box for UTM.

Sometimes my customers say that Cisco firewalls are a bit more difficult compared to Fortigate or Palo Alto. There is complexity in the configuration and the GUI could be improved.

I have been using Cisco ASA Firewalls for as long as I have been working here, which is seven years.

Once installed, it's quite stable. We don't have many issues after it's deployed. Both the hardware and software are quite stable.

As a firewall, it's in use all the time. Whether there will be increased usage depends on how security risks increase. But at the moment, there's no expectation for an increase in use.

Cisco's technical support is usually quite satisfactory, and we get a reasonable response in a reasonable time to any inquiry we make.

Positive

The initial setup is not that simple. I don't do the installation myself, but from what I hear it's more complicated than some of the other firewall products.

We usually do our installation in two or three hours. Our customers usually have between 10 and 50 users and they are generally IT admins.

We have three people who work in the field and manage deployments, and another five to 10 to manage the solution.

If you use the full functionality of Cisco ASA, it's worth the cost. But I don't think our company product is using the full capacity of the Cisco ASA.

Licensing, recently, has been getting more complicated. In particular, the Smart Licensing that came out is quite complicated. I don't know what's going on. Our sales team asks us questions about Smart accounts, but I don't know what it is and Cisco is making it so complicated. They call it Smart, but it's complicated. I prefer the traditional license where you buy it once.

When talking with our customers, I would not recommend our company's Cisco products for their security. It depends on their requirements, but if they want full security, I wouldn't say that Cisco ASA is the one choice.

My advice would be to do a PoC first.

Our use cases include inbound access, outbound access, as well as VPN solutions, both site-to-site and for an incoming client. We wanted something that would do all those things at one time, as opposed to having separate boxes.

Our deployment is on-premises. We're looking at going into cloud-based with some of it. Meraki is the cloud-based version of the ASAs.

If we have a power failure at one building, traffic can be routed to our other building. We also have backup data stores. I live in the Northeast, so in the event of ice storms that cause power outages, it really enables us to keep functioning as a company rather than going dark for the amount of time it takes to get the power back.

The GUI makes configuring it much simpler than the command line.

They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product.

I've been using Cisco ASA Firewalls for 15 years.

It's very stable. We've had no hardware issues at all and only very infrequent software configuration issues.

It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go.

The technical support is very good. Whenever we call up Cisco, we get a rapid response. They help us in troubleshooting issues we have and we implement the solutions and go on.

Positive

For me, there wasn't a previous solution here. I inherited the solution when I came in.

From a security standpoint, the return on investment is hard to quantify. You've stopped something that was going to cost you money, but how do you quantify that? How many times did it stop something from coming in that would have cost you a bunch of money? You don't know.

We've compared it to other solutions, like WatchGuard and other types of firewalls in that same realm. Cisco ASAs are fairly priced and very competitive with them.

Some of the solutions we looked at had different GUI interfaces that might be a little bit easier to get around in, but they might not have had as many features. Cisco had the feature edge.

Look at the features and consider what your migration path may be. Some other vendors offer firewalls with great bells and whistles, but when you look beneath the surface, they don't do exactly what they say. Do your due diligence and make sure you see everything.

In terms of resilience, in general, if we have any box failure, being able to fail over to another box or to fail over to another site helps measurably. Cyber security resilience is important for all organizations. The number of attacks going on just increases every day. There's a cost-benefit to building cyber security resilience. You have to get past that and build as much resiliency as you can. If you worry more about cost than you do about your product or your productivity, something else is going to fail.

Maintenance of the ASA is just the security updates that we watch for and updating the client software.

We started using this solution due to challenges with throughput. We needed devices with more quantity of throughput and bandwidth. We use this solution in different locations and different departments and we have around 2000 internal customers.

Cyber security resilience is really important for our organization. It is necessary for all the points for interconnections between LAN networks and WAN networks as we receive daily attacks.

The IP filter configuration for specific political and Static NAT has been most valuable.

The access layer of this solution could be improved in terms of the way the devices interconnect with our network. We need to be able to analyze the traffic between the different interconnections in these areas.

In a future release, we would like to have an IP analyzer to try to identify the specific comportment of the customers.

I have been using this solution for seven years. 

This is a very stable solution. 

This solution would need an adjustment to be scalable. 

Our engineers usually fix the issues we have, depending on the issue. When we reached out to the technical support team, they were attentive and helped us. 

We previously used Palo Alto, Fortinet, and Cisco Firepower. We switched because Cisco is more stable and offers easy deployment for the platform.

This solution requires regular maintenance and I have 10 engineers that manage it.

I would rate this solution a nine out of ten because it is a good product that is more stable than others on the market. 

Our primary use case includes basic firewalls, VPNs, NAT, and our connections to customers.

It's used in our data centers to protect the network and customer circuits.

Cisco ASA Firewall has improved our organization by allowing connectivity to the outside world and into different places.

Cybersecurity resilience is very important to our organization. There are always threats from the outside, and the firewall is the first line of defense in protecting the network.

Cisco ASA Firewall is a well-known product. They're always updating it, and you know what they're doing and that it works.

It would be good if Cisco made sure that the solution supports all routing protocols. Sometimes it doesn't.

I've been using it for probably 10 to 15 years.

For the most part, it's stable.

It's a very scalable solution.

The technical support is very good, and I would give them a nine out of ten.

Positive

The pricing and licensing are getting more complicated, and I'd like that to be simpler.

We evaluated some Palo Alto and Juniper solutions, but Cisco ASA Firewall is better in terms of ease of use. You could get certified in it.

To leaders who want to build more resilience within their organization, I would say that the ASA, along with its features, is a good product to have as one of the lines of defense.

The solution does require maintenance. We have four network engineers who
are responsible for upgrading code and firewall rules, and for new implementations.

On a scale from one to ten, I would rate Cisco ASA Firewall a nine. Also, it's a very good product, and it compares well to others.

We use it for our VPN requirements. We wanted to allow people to work from home and we used the ASA to create VPNs through AnyConnect at the endpoints.

It has 

• allowed people to work from home when they otherwise couldn't
• improved response times when there are fires that need to be put out when people are not onsite.

The VPN feature is the most valuable to us because it accomplishes the task well. We're able to do everything we need to do.

I would like to see them update the GUI so that it doesn't look like it was made in 1995.

I've been using the Cisco ASA Firewall for between one and two years.

It's been very stable. I don't think we've ever had an issue with it failing entirely.

It scales well. We've had no issues ramping things up.

We're going to expand our usage of it. We rolled it out to about 200 users and now we're going to expand that to about 1,000 users out of our 3,000-user base. It has been really good.

The tech support is excellent. I've always gotten really good tech support from Cisco.

Positive

We did not have a previous solution.

The pricing could always be cheaper.

The solution always requires maintenance. I have about two people who are the "experts" and they help maintain it pretty well.

Cyber security resilience has been extremely important for our organization because of our customers' demands for security. The ASA has really helped to accomplish that with the VPN. My advice to leaders who are looking to build resilience is don't go cheap, and make sure you have backup solutions and high availability.

It's a good, robust firewall and VPN solution, with lots of knobs to turn. It is effective at what it does.

It is for our VPNs and filters out websites. 

It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications.

Its security is easy to use.

I would like more features in conjunction with other solutions, like Fortinet.

I have been using it for five years.

It has very good stability.

It has really good scalability.

The customer service and technical support are good. I would rate them as nine out of 10.

Positive

We were previously using Fortinet. We switched to ASA and Firepower when our contract with Fortinet ended. Now, we are only using ASA.

The deployment was simple.

The ROI is good. Using ASA, we have saved 10% to 20% on our costs.

The pricing is fine. It is not too bad.

We had it integrated with the Umbrella solution a few years ago.

I would rate this solution as nine out of 10.