Cisco Secure Firewall Reviews

In our organization, we are using it as an internal firewall.

It is already improved because all of the computer updates are available online. So, you can update, and I think that the ASA 5585 is already updated.

All of the licensing features can be upgrades.

The interface is user-friendly.

The cost is very high. Most organizations cannot afford it.

We have been using the latest version of this solution for the last five years.

It's a stable product.

It's a scalable solution. We have more than 2000 users in our organization.

Technical support is fine, we have no issues.

The initial setup was very easy. Cisco documentation is online, so it was no problem at all.

It took approximately 30 minutes to install.

If we compare it with FortiGate and the co-existing ASA, FortiGate is better in terms of price.

This is a product that I can recommend to others.

I would rate this solution a ten out of ten.

I'm the group information technology manager and we are customers of Cisco. 

The best feature for me is the VPN and I also like the firewall. 

In terms of improvement, we'd like to see a good graphical user interface. I'd also like to see the initial setup simplified. In comparison, if I were to implement the Fortigate firewall from scratch, it's a fairly simple set up. That is not the case with the ASA firewall, where you really need to have the skill and know what you're doing.

I've been using this solution for 18 years. 

The solution is stable, we haven't had any issues. If we need something, we go to a consultant. In terms of product stability, it works very well.

We haven't made any changes since implementing and we haven't tried scaling.  

We get our support from the resellers, not from Cisco. 

For those who have the technical know-how with Cisco products, I would recommend going with the ASA firewall, but if you're new to the field and running a smaller business, deployment will be complicated. 

I would rate this solution a nine out of 10. 

I am a pre-sales engineer, and I do comparisons based on my customer's requests.

The most valuable features of this solution are the integrations and IPS throughput.

The price and SD-WAN capabilities are the areas that need improvement.

In the next release, I would like to see more of the FortiGate features added. FortiGate is compatible with Cisco ACI, but I can't see Firepower with Security Fabric. For example, if I had Fortinet activated, could I integrate with it?

I have familiar with the Next Generation firewalls for two years, and six years with firewalls in general.

It's a stable product.

It's scalable indeed.

Our clients are SMB Enterprise.

It's just a fact, nothing is better than Cisco technical support.

Previously, I was working with Fortinet. I would most likely recommend Fortinet, because of the price and the security fabric integration with other products. It's scalable as well, and all of the FortiGate features are useful.

It's very easy to implement and it's very easy to administrate.

The initial setup was straightforward. With other vendors, it is easier, but it was straightforward.

This product is expensive.

I would rate this solution an eight out of ten.

The number one use for this product is security.

The management of the application can be improved with enhancements to the user interface.

I would like the ability to drill down into certain reports because currently, that cannot be done. In fact, this is one of the reasons that we want to move away from Cisco. Better reporting tools would be an improvement.

We have been using Cisco ASA for approximately seven years.

This product is pretty stable.

Our current model is reaching its end of life, so it's not very scalable at the moment. We don't plan to increase usage.

It is currently providing protection for about 30 users.

The technical support is with our solution provider. I would say that it's average, rather than very good.

The initial setup is complex. I would say that it took a maximum of a week to deploy.

We had a service provider who took care of the installation for us.

This is an expensive product. We pay about €2,000 ($2,400 USD) per year for licensing. 

Technical support is in addition to the standard licensing fees.

At this point, Cisco ASA is not a product that I recommend. My advice is that people should look at other solutions because there are other products available on the market that are just as good, if not even better.

I would rate this solution a seven out of ten.

We primarily use the solution for basic firewall configurations such as NAT, FORWARD PORT and Block TCP-UDP Port.

My company is very small just built last year, i now am using cisco asa 5510 for NAT and Port Forward and limit users access directly from internet only via Remote-VPN.

The ability to block threats is its most valuable aspect.

Most clients in Laos use the basic setup, which works quite well. It ensures that nothing can get onto the local network.

It's pretty reliable and allows for isolation capabilities within the network.

The ADSM is very good.

I like that I can use the command line. I use a lot of Cisco and often work with this. If you are comfortable with the command line, it's quite good.

The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use.

Cisco does not have a lot of web management. We have to use ASTM server management to make up for it.

I've been using the solution, give or take, for around five years at this point.

When we need assistance from technical support, we typically deal with the team in China. They've been very good. Whenever I have a problem, they can resolve it. They are knowledgeable and responsive. We're satisfied with the level of support we get.

We typically offer clients a few different solutions. For example, we may recommend Fortinet.

For a new user, the initial setup may be a bit difficult. For me, since I am comfortable with Cisco, it's pretty straightforward. A new connection has its own complexities. It may be a different thing on Java SDK. There may be some programs that may not be able to access it.

In Laos, clients don't have much wiggle room when it comes to cost. The economy right now isn't very good. Most just choose the basic solution in order to avoid pricey licensing fees.

subscription payment  

We're just customers. We use it in our office and suggest it to clients. However, we don't have a business relationship with Cisco.

We try to adhere to our client's needs, and therefore, if they specify hardware they want to use, like Fortinet, we tend to accommodate them.

That said, if they ask my opinion, I usually recommend Cisco ASA.

I know a lot about the product and I'm good at controlling everything. I have a lot of knowledge and understanding after working with it so closely. That's why I tend to favor it when my customers ask for advice.

Overall, I would rate the solution seven out of ten. If the user interface were a bit better, I'd rate it higher.

I use it to protect my DMZ from external attacks.

Last year, we received a lot of linear service attacks in our environment during the Black Friday season. Cisco Firepower blocked every attack.

The Adversity Malware Protection (AMP) feature is the most valuable. 

It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard.

Its interface is sometimes is a little bit slow, and it can be improved.

When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. 

In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment.

I have been using Cisco Firepower for two years.

We use it specifically for DMZ, so we don't need it to scale it up. Because we are using this solution for a specific environment, we don't plan to increase its usage.

We have a few teams who use this solution. We have the information security team for reading the logs and policies. We have administrators, and we also have contractors for the network operation center to analyze some logs and reports. 

We have used their technical support. They are amazing. Cisco's technical support is the best.

We have used Check Point and one more solution. The main difference is in the IPS signatures. Cisco Firepower has precise and most updated IPS signatures.

The initial setup is easy. The deployment took two months because we didn't have Firepower previously, and it took us some time to plan and implement.

We used our reseller and contractor to deploy Cisco Firepower. They were good.

I would recommend this solution. I would rate Cisco Firepower a nine out of ten. 

We are a solution provider and Cisco NGFW is one of the products that we implement for our clients. My clients use it for internet access within the enterprise.

I like the firewall features, Snort, and the Intrusion Prevention System (IPS). 

This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI). Cisco's FTD devices don't support the command-line interface and can only be configured using FMC.

We have been using this product for the past four years.

This is a stable product and we plan to continue implementing it for clients in the future.

Cisco NGFW is a scalable firewall. My client has more than 100 users.

We have support from Cisco's TAC, the Technical Assistance Center, and they support this product well. We haven't had any issues with them.

Prior to the Next Generation firewall, my clients were using Cisco ASA for more than 10 years.

The initial setup is easy, with the installation and configuration taking about two hours.

I did the deployment myself.

This product requires licenses for advanced features including Snort, IPS, and malware detection.

In summary, this is a good product and I recommend it.

I would rate this solution a ten out of ten.

Our primary use case is as a data center firewall for internet firewalls and also as a VPN concentrator. I'm the chief technology officer and we are partners of Cisco. 

In terms of features there hasn't been much improvement but it's a very stable solution and a very good firewall with almost all of the features required for next generation firewall purposes. Almost all the firewalls on the market have the same features available, but if you take into account the integrations and reporting of Cisco, it's a little better than the others. In particular, the briefing reporting is better. With Fortinet we would probably have to use FortiAnalyzer as a separate reporting module for Fortinet, but here the reporting is good.

There needs to be an improvement in the time it takes to deploy the configurations. It normally takes two to four minutes and they need to reduce this. The deployment for any configuration should be minimal. It's possibly improved on the very latest version. 

An additional feature I would like to have in Firepower would be for them to give us the data from the firewall - Cisco is probably working on that. 

I've been using this solution for close to five years. 

The scalability is very good. 

We generally provide support but if we're not able to resolve an issue, we escalate it to Cisco and they're great. They are one of the best support services I've used and it's one of the reasons Cisco is doing so well in the market. 

I also work with Fortinet and Palo Alto. Fortinet is also a really good product but Cisco is a leader in next generation firewalls and now that they are catching up to Fortinet, they have provided a lot of features and flexibility. I personally see Cisco as being good for large enterprise companies and Fortinet is better for families as well as small and medium size businesses. When it comes to Palo Alto, the high price point is one thing that is an issue, some companies are unable to afford it. Palo Alto is good but Cisco is catching up to them and I believe in a year or two, Cisco will probably match Palo Alto as well and be much better. 

The initial setup is not too complex, but as with Fortinet, they have some detailed steps required which adds to the flexibility also. With flexibility comes a bit of complexity, but it's not too bad. Deployment time takes a few minutes. I am responsible for implementation and maintenance for our clients. We were previously deploying only for medium or large enterprise companies but Cisco has come up with the 1000 and 1100 series firewalls for smaller companies which is pretty good. They're a cost-effective solution and competitive in the market. 

Cisco falls somewhere in the middle in terms of pricing, it's not very expensive and it's not very cheap. There is an additional accessory fee associated with Cisco but normally they have a separate subscription cost for different types of security to protect the firewall. There are separate bundles available inside the pricing and that's probably true for all of the firewalls. 

Cisco is a large, good and reliable firewall. They are working on advanced features and catching up with the leaders in the market. I believe that's a score for them. A yearly subscription is cheaper than Palo Alto and Fortinet offer. They provide good support and once it's loaded, it doesn't give a lot of problems, that's very important.

I would rate this solution an eight out of 10.