Try our new research platform with insights from 80,000+ expert users
Network & Systems Administrator Individual Contributor at T-Systems
Real User
Good user interface and easy to configure but needs better integration capabilities.
Pros and Cons
  • "The management aspect of the product is very straightforward."
  • "It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."

What is our primary use case?

We primarily use the solution for configuring the firewall.

What is most valuable?

It's an almost perfect solution.

The configuration is very easy.

The management aspect of the product is very straightforward.

The solution offers very good protection. 

The user interface itself is very nice and quite intuitive.

What needs improvement?

It would be ideal if the solution offered more integration capabilities with other vendors. For example, if you had a web security appliance, it would be great to be able to integrate everything in order to better report security events.

While I can't think of specific features I'd like improved, overall, they could do more to continue to refine the solution.

It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way.

For how long have I used the solution?

We first started using the solution in 2015. It's been five years at this point.

Buyer's Guide
Cisco Secure Firewall
June 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,168 professionals have used our research since 2012.

What do I think about the stability of the solution?

The solution is very stable. We've found it to be extremely reliable. There are not bugs or glitches. It doesn't crash or freeze.

What do I think about the scalability of the solution?

The solution can scale well. that's not a problem at all. If a company needs to expand it to fit their needs, they can do so.

How are customer service and support?

We've been in contact with technical support on multiple occasions and each time we've had a good experience. We're satisfied with their level of support. They are fairly good.

How was the initial setup?

I have nothing bad to say about the deployment. It went pretty well, and we can configure everything as we need to.

What's my experience with pricing, setup cost, and licensing?

I don't really handle the billing, so I'm unsure of the pricing. I work more on the technical side. 

What other advice do I have?

We're just customers. We don't have a business relationship with Cisco.

It's a very good solution. I'd recommend it to other users.

Overall, I'd rate it seven out of ten.

Although I can't speak to the pricing, I've found the solution works quite well for us. I'd rate it higher if it could integrate a bit better with other solutions.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Network Administrator at a transportation company with 201-500 employees
Real User
Plenty of documentation online, but the stability and scalability could improve
Pros and Cons
  • "I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily."
  • "Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated."

What is our primary use case?

I use Cisco ASA Firewall at my company for network security.

What needs improvement?

Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated.

For how long have I used the solution?

I have been using this solution for approximately two years.

What do I think about the stability of the solution?

The stability needs improvement.

What do I think about the scalability of the solution?

I have found the Cisco ASA Firewall scalability could improve.

How are customer service and technical support?

I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily.

They can improve by adding a public troubleshooting process.

Which solution did I use previously and why did I switch?

I have previously used Fortinet firewalls that I have found to be better.

What other advice do I have?

I would not recommend Cisco.

I rate Cisco ASA Firewall a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
June 2025
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,168 professionals have used our research since 2012.
it_user1577460 - PeerSpot reviewer
Network security engineer at a tech services company with 1,001-5,000 employees
Real User
Good IPS/IDS functionality, straightforward to set up, and simple to deploy
Pros and Cons
  • "The most valuable features of this solution are advanced malware protection, IPS, and IDS."
  • "Web filtering needs improvement because sometimes the URL is miscategorized."

What is our primary use case?

We use this solution for advanced IPS, IDS, advanced malware protection, and web filtering.

What is most valuable?

The most valuable features of this solution are advanced malware protection, IPS, and IDS.

What needs improvement?

web filtering needs to improve because cisco firepower sync with bright cloud website for the website category. sometimes your URL is falling in the wrong category because of the bright cloud. so if you want to change the category you will have to drop the mail to the bright cloud and they will take action and it's a very long procedure. 

For how long have I used the solution?

more than 2 years

What do I think about the stability of the solution?

This is a very reliable solution.

What do I think about the scalability of the solution?

I have extended my Cisco solution and did not have any trouble.

We have more than 400 users and we plan to increase usage.

How was the initial setup?

The initial setup is very simple to deploy in the Egyptian network. It takes two to three days to deploy but if you are implementing AMP then it will take an extra one or two days.

What's my experience with pricing, setup cost, and licensing?

I am happy with the product in general, including the pricing.

Which other solutions did I evaluate?

We evaluated a Sophos firewall but when I checked the reviews, I found that Sophos did not rate as well in terms of IPS, IDS, and malware protection.

What other advice do I have?

Cisco utilizes BrightCloud for URL filtering. Web filtering is the main problem with this product.

My advice to anybody who is considering this product is that if they want good security, compared to other offerings such as those by Check Point and Palo Alto, then they should implement Cisco Firepower.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1474608 - PeerSpot reviewer
Consultor at a government with 201-500 employees
Real User
Impressive ISP feature but more services should be integrated
Pros and Cons
  • "I like the IPS feature, it is the most valuable."
  • "I have used Fortinet, Palo Alto, and Check Point previously and I prefer the process of everything working together."

What is our primary use case?

I am using the solution as a firewall.

What is most valuable?

I like the IPS feature, it is the most valuable.

What needs improvement?

I do not like the assembly of this solution. For example, they should combine FirePOWER into one solution.

Which solution did I use previously and why did I switch?

I have used Fortinet, Palo Alto, and Check Point previously and I prefer the process of everything working together. We are in the process of moving on to Fortinet from this solution.

What other advice do I have?

I rate Cisco ASA Firewall a six out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Johan Derycke - PeerSpot reviewer
Network Security Engineer at a tech services company with 1,001-5,000 employees
Real User
Top 10
Affordable, scalable, and suitable for a big traffic load
Pros and Cons
  • "The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices."
  • "It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness."

What is our primary use case?

We are using it to manage our environment.

What is most valuable?

The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices.

What needs improvement?

It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness.

For how long have I used the solution?

I have been using this solution for five to ten years.

What do I think about the stability of the solution?

It is rather stable. It can have some peculiarities, but most of the time, it is quite stable.

What do I think about the scalability of the solution?

These are big devices. They have multiple models, but most of the models can be virtualized. You can create many virtual firewalls and add whatever you want.

How are customer service and technical support?

We faced some issues, but I don't deal with these issues. My colleague interacts with them, and it seems it is not that easy. Cisco is a large company, and sometimes, it is not easy to get quick and very efficient support.

What about the implementation team?

We have a firewall specialist who handles the installation.

What's my experience with pricing, setup cost, and licensing?

It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days. 

What other advice do I have?

It is a good solution for a big traffic load, but its management is not very easy. FortiGate is better in terms of management and user-friendliness.

I would rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1395702 - PeerSpot reviewer
Network Security Engineer at a tech services company with 51-200 employees
Real User
A proactive threat defense solution with a good Inline Mode configuration
Pros and Cons
  • "The Inline Mode configuration works really well, and ASA works very impressively."
  • "I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall."

What is our primary use case?

I use it for VPNs, remote-access VPNs, environment issues, and failover issues. I also use the
content mode, NAT, and PAT in this firewall. We always use ASA for VPN sites and firewall sites. We use the edge for internet access for data center servers or company customers' internet access.

How has it helped my organization?

We always use ASA for integration another companies  and branches easily. 

What is most valuable?

The Inline Mode configuration works really well, and ASA works very impressively.

What needs improvement?

I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic at all. It's important, and you'll need an additional firewall. 

All next-generation firewalls don't have much control over Layer 7, but there's a little bit of control for inspection. ASA never controlled Layer 7, and it's a bad point.

 I don't like to use ASDM, a graphical interface, and other solutions for ASA. I wouldn't say I like this, and it's not good(ASDM).

For how long have I used the solution?

I have over seven years of experience with Cisco ASA Firewall.

What do I think about the stability of the solution?

It's stable. ASA works very well, and it's impressive. I use only ASA and only the Inline Mode. 

What do I think about the scalability of the solution?

It's a scalable, high availability solution. It's an active/standby model for VPN. But if you don't use VPN in these devices, it works as an active/active high availability model.

How was the initial setup?

If you're a Cisco Administrator or Cisco certified, the initial setup isn't a problem. But if you don't know Cisco devices and how they work, it can get a little complicated.

What other advice do I have?

I would advise new users to look at next-generation firewalls like FTD or other models from Cisco. It's better than Cisco ASA. Cisco ASA Firewall isn't a next-generation firewall.

On a scale from one to ten, I would give Cisco ASA Firewall an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
ICT Department Manager at ACC
MSP
Reasonable priced, great customer service, and stable
Pros and Cons
  • "We have not had to deal with stability issues."
  • "My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."

What is our primary use case?

We are using the solution for airports.

How has it helped my organization?

The Cisco NGFW is an excellent fit for purpose for our network security.

For how long have I used the solution?

I have been using the solution for five years.

What do I think about the stability of the solution?

We have not had to deal with stability issues.

How are customer service and technical support?

The support of the solution is great, their staff is perfect.

How was the initial setup?

My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement.

What's my experience with pricing, setup cost, and licensing?

People have said that Palo Alto is a less expensive solution than Cisco, but in my experience, at least from today, Cisco is cheaper than Palo Alto. 

What other advice do I have?

I do not hear anything bad about the competition. I am difficult to change my ways and learn a new product. Unless somebody comes and makes a SWOT analysis and shows me the evidence of how the alternative is better, I am fine with Cisco.

I would recommend this solution to others. 

I rate Cisco Firepower NGFW Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Cyber Security Consultant at a tech services company with 51-200 employees
Reseller
A reliable but outdated firewall
Pros and Cons
  • "It is extremely stable I would say — at least after you deploy it."
  • "They need to do an overhaul of the management console."

What is our primary use case?

Most of our use cases revolve around the basic firewall features. Our client is also leveraging on Anyconnect, which is serving the client-based VPN. Sometimes they will establish a VPN connection from one firewall with another. It's the type-for-type VPN. In terms of Cisco, typically, these are just some of the legacy features, that's what we use. In terms of a next-gen firewall, I feel that our customers would prefer to use other brands like Palo Alto, Check Point, and FortiGate.

Our clients who use this solution are typically small businesses. I think there's a Gartner chart that says that Palo Alto is actually the foreleader, followed by Check Point, then FortiGate. Cisco is not anywhere near. From a cybersecurity standpoint, they are quite weak.

What needs improvement?

They need to do an overhaul of the management console because they are still using the client-based management tool, which is quite outdated in terms of functionality and usability. The interface hasn't changed since the last generation many years back.

For how long have I used the solution?

I have been using Cisco ASA Firewall for roughly four years.

What do I think about the stability of the solution?

It is extremely stable I would say — at least after you deploy it. Typically, there won't be any instability in terms of the hardware as well as the software. It can be running for many years without any issues. It's a totally different story when compared to other brands because, out-of-the-box, they offer far more features and are actually leveraged on more resources which leads to more instability.

What do I think about the scalability of the solution?

I would say in terms of scalability, they are still the greatest family of products. Scalability means you can actually add on some processing parts to actually increase the throughput when the requirement comes up. They have a range of products for that, but this solution, it's already going out of phase, because at JSC, you can only allow up to a certain amount of upgrades that can be added on.

How are customer service and technical support?

Support is not a requirement. In the whole industry, there are a lot of Cisco-trained personnel that we can actually seek advice from. There's not much leveraging on the Cisco support so far.

If our clients need support, we provide it. Support is not cheap. Sometimes a device will go out of warranty, but the customers are not willing to renew the support contract. Of course, there are a lot of cheaper alternatives. In Singapore, a lot of companies outsource support. Most of the time we go through third-party companies instead of Cisco directly.

How was the initial setup?

For a non-Cisco guy like me, there is quite a substantial amount of learning that needs to be done to actually understand how the products are. Some brands like FortiGate, require only an hour and 15 minutes to enable the product, to facilitate the basic requirements of connecting up the traffic and adding on the firewall router. For Cisco, there are levels of challenges because it's a hardened solution that sees a lot of restrictions right out of the box.

Without really understanding how it works, then there'll be a lot of confusion regarding the traffic, etc. You'll find yourself wondering if there are any security concerns if you alter it out-of-the-box. The management console is quite outdated; usually, a lot of configuration is through Commander. We really need to understand how to articulate the Cisco Commander to perform even the most basic feature.

What about the implementation team?

We handle the implementation for our customers. 

I am a sales engineer, we are mainly in charge of selling the product. In terms of support, we have a department that covers that aspect. Sometimes after implementation, we also provide maintenance support services towards the whole project and sell it as a whole bundle. As a distributor, we also sell our products, our equipment, and devices. So the support team covers that aspect.

What's my experience with pricing, setup cost, and licensing?

We sell Cisco ASA Firewall as a bundle — the price is very cheap. If a customer were to go for renewal direct from Cisco, then the price would be quite high.

What other advice do I have?

My main concern is the full revamp of the management console. We'd like to see a more user-friendly total revamp of how to manage the firewall rules. Also, there are a lot of additional features that need to be granular because with Cisco, at this point in time, all these features are still working in silos. A lot of integration needs to be done in general. 

Personally, I would discourage people from using Cisco. Overall, on a scale from one to ten, I would give this solution a rating of six.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Distributor
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.