Cisco Secure Firewall Reviews

We use this solution to join our private network to the customer's network.

In our business, we don't have to be on the customer's network, so a lot of people will install cheap equipment. We're trying to push it to where we can standardize the equipment, although the cost of Cisco products would have to come down a little bit in order for us to be more competitive.

Firewalls are difficult, and this solution gives us outside access to connect with the customer's network and service them better. It makes us more efficient.

This solution is easy to use if you know how to set it up.

The most valuable features are on the routing side, with the control between the two networks and the rules that are in there.

The inclusion of an autofill feature would improve the ease of commands.

This solution would benefit from being more cost-effective.

This solution is very stable, and I haven't seen any issues with it.

Scalability doesn't really apply to us, as it is just a firewall client.

Technical support for this solution is really good. We had an issue with a firewall and it was a good turnaround that was quick.

Our implementation of this solution was driven by the customer.

The initial setup of this solution is pretty straightforward. We did have some rules that somebody had put on it that didn't match up, but we got it all worked out.

We implemented this solution in-house.

With respect to the routers and switches, or the core stacks that we get, they seem to be pretty comparable so I don't have any issues with the licensing.

Some of our customers would be more likely to standardize on Cisco equipment if the cost was lower because a lot of people install cheap equipment.

While we have a partnership with Cisco, there are other products that have been used within the company. After evaluating other products such as those by Barracuda, it just happened that this solution worked out better for us. I like the Cisco reputation.

With this solution, we have everything that we need. I don't know about other people's use cases, but ours is pretty straightforward.

My advice to anybody researching this type of solution is to stick with Cisco products, no matter which one it is. We've had pretty good luck with everything from Cisco.

I don't have any issues with this solution, so I would rate it a ten out of ten.

The feature I find most valuable is the Cisco VPN Interconnection.

The file features are useful as well. They're good at packet tracing. They are very straightforward. I would say that the Cisco ASA ASDM makes it very easy to manage the firewall.

I would say the pricing could be improved. It's quite expensive, especially for the economy.

I'd like to see them more integration so that I don't need other parties for protecting my network. If I could just have ASA firewalls for perimeter protection and LAN protection, then I'm good. I don't need so many devices.

I would like to see improvements for client protection.

My impression is it's a stable solution. I could sound biased, but if you have a device working for four years and it's still working and people are using it, then it's stable.

Scalability depends on which device you have.

It's quite scalable if you have either the ASA, even if you had the new ASA firewall services, even if you had the one with the capacity of about 500 MDP. It isn't scalable for three hundred people connecting to it. I would say it is good for medium branch offices.

I'm not sure if we have plans to extend the service.

Technical support is good. The only thing is that Cisco cannot support you unless you have a contract with them. You have to go through the reseller in Africa. I don't see why Cisco cannot communicate directly with the customer, especially when I can prove that I have the device. They should allow customers to talk to them directly instead of having to go through the reseller.

I previously used SonicWall. I'm not the one who decided to switch, I just know that previously we used SonicWall.

The initial setup was straightforward. Within in an hour you're done, including with your basic training. For implementation, you need one to two people. You should have one senior network administrator. Two people can maintain it if they have the skill.

I did the implementation by myself. If you decide to do it by yourself, you need basic knowledge. If you don't have that you would need a contractor.

This solution might be expensive, but it is economical in the long run.

The functionality is fine.

When they prove to me they cannot be hacked then I can give them a ten.

I would rate this solution as eight out of ten. 

One of the important aspect when deploying Ciso ASA firewall, it’s oblige you at the beginning to define your security level, which will make it easier when making your security policy ( traffic allow From Source to Destination)

A security level will define how trusted is an interface in relation to another interface on the Cisco ASA.

The Higher is the security level, is the more trusted is the interface.

The highest security level is , “ Security Level 100” .

Nowadays other Firewall manufacturer try to adopt the same deployment principle as the Cisco ASA with security level, however the Cisco ASA do have other interesting features which I think are very useful:

- Firepower services

- Security context

- Firepower management

Normally in terms of design, the user prefers to use Cisco ASAv as a border router or a border firewall, because you have two different kinds of firewalls. You have a firewall when the data communication enters the network, and then you have a firewall, for when you've been inside the network. So, for the inside network firewall, Check Point is better because it can make a better notation of your network infrastructure. But, for the incoming data, or border firewall, ASAv is better. In terms of improving the interface, if you compared to the Check Point file, then I think that ASAv should be better. They should improve the interface so that it's similar to the Check Point firewall.

The Cisco ASAv is really stable, especially if you compare it to Check Point. Not long ago Check Point did release one virtual firewall, and the virtual firewall of Check Point is not stable.

The hardware version of the firewall is more stable than the virtual one. In terms of the data center, many companies have a virtual data center in a group environment. Many companies want to have a virtual firewall, but the one from Check Point, in comparison to Cisco, is not stable at the moment. 

The solution is really scalable.

I haven't dealt with technical support. We just check online, and if we have to contact Cisco about major issues, it's an internal department dealing with that. I don't know how technical support is, because our technical support team is located in Sofia, and I am in the Netherlands, so I don't have any view on that.

The setup is always different. If you have a small company, the setup is quite easy, but if you have a bigger company the setups are quite complex. Cisco is pretty good in routing. So in bigger situations, configuring the ASAv file is pretty straightforward.

The deployment also depends on the customer's site. So, the time changes because most of the time we have to do a migration. For example, some customers have an old firewall, and you have to migrate things to a new one. And sometimes, it's just copy/paste, but in some situations, we cannot migrate all firewall configurations to a new one.

In terms of how many people you need for deployment and maintenance, again, it's dependent on the company strategy around the help desk. You should have a maintenance engineer who should be part of a team. The deployment will be done in a team. You can have one person to do the deployment but usually, you always have a backup, so it would be two. And then, for the maintenance, it can be one person or two. The maintenance can be done on the site desk, operating after office hours, so it depends.

It's difficult to give specific advice on the solution because it always depends on the design solution and the strategy. So what I would recommend is to use different firewalls and to use Cisco ASAv as a border firewall.

I would rate this solution as 7.5 out of 10. I wish the Cisco interface was not so granular. Check Point was easier to create specific rules than on ASAv, so that's why I say this. If you want to make things easier for an engineer, you always have to work on the interface. But the product, in and of itself, there's nothing wrong with it.

I worked for a Telecom provider, and we gave this solution to our customers.

The most important feature is its categorization because on the site and social media you are unified in the way they are there.

I see room for improvement when it comes to integrating all the devices into a central management system. Cisco doesn't provide this, but there are some good products in the market that can provide it.

Apart from the cost, I think Cisco is quite well-positioned in the market. Also, in terms of site capabilities, other companies are still in the lead. 

The price, integration, and licensing models are quite odd.

We didn't have any problem with its stability.

Scalability depends on the requirements of the license. The licensing scheme is complicated and not straightforward. I think there were around 200 users, sometimes more.

We used to use Fortinet, but we switched because of the lack of integration.

The initial setup was of a medium complexity. This was especially true when it came to integration of the data servers.

We used a consultant. They were very helpful. The documentation was quite easy to find for configuring the devices. We thought the boxes would be more parceled or more completely behind, but it was not a problem. The data was there.

I would recommend this solution. I would rate this solution as eight out of ten.

We are using both Cisco ASAv and FTD (Firepower Threat Defense). FTD has a better interface, but we have both of them running.

We are using Cisco ASAv for the FirePower service. We use a custom interface for our firewall.

Cisco ASAv is part of our central solution. You can use the ASA family or go on the portal for normal ASAv. We use FirePower at the edge of the network. 

If you are working with cloud services, it's better to use the ASAv family or other Cisco solutions.

We are using the Cisco AnyConnect for our end-user VPN with the ASA. 

If a user wants to connect to our network, they access it via the Cisco intranet and connect to the firewall at the edge.

I don't have any experience with the price, but ASA is a comprehensive solution.

In the next update of the Cisco ASAv, I would like to see them release a patch for ASAv, i.e. to put the FirePower solution into the cross-platform integration.

Normally, in ASA, we have good stability.

The scalability of ASAv we can easily manage. We can have good scalability in different times but we don't have HA in ASAv. Some features are removed in ASAv. 

If it's a normal ASA, i.e. a physical device, you have many more ways to scalability.

For technical support, I have little experience with Cisco, unless they patch some issues. I raised a ticket and got the response immediately. They are very supportive.

For me, ASA is easy. The deployment of ASAv is done in 20 minutes.

We used both an integrator and reseller for the deployment. For the initialization, it was me for our company. If we have an issue, we can raise a ticket or call for a Cisco patch. 

For the Cisco ASAv installation, I did it myself.

The pricing for Cisco ASAv depends on your license. With AnyConnect, it depends on your license. It depends on the number of concurrent users you want to connect.

Our license is for one year only, renewable at variable pricing.

On a scale from one to ten, I would rate this product at nine. Cisco ASAv is good in many advanced networking features.

I'm working with Cisco. They have competition with many vendors.

I primarily use it for my small company to protect 5-10 users.

The web interface was easy for me. The configuration is logical, so it's easy to use and easy to understand how to protect, how to open a port, how to manage and how to route a device. That's why I prefer Cisco. It's robust and I never have issues with the hardware. That's why I choose Cisco and not another vendor.

The service could use a little more web filtering. If I compare it to Cyberoam, Cyberoam has more the web filtering, so if you want to block a website, it's easier in other solutions than in Cisco. I think in Cisco it's more complicated to do that, in my opinion. 

It could also use a better web interface because sometimes it's complicated. The interface sometimes is not easy to understand, so maybe a better interface and better documentation.

My impression of the stability of the solution is that it's very good.

I don't have a sense of the scalability. I never extend the processes or usage.

My experience with customer service is very good in general. When I have a good person on the phone, or on the email, it's in general very fast and the reply is good. It's a good solution in general.

I previously used Juniper before Cisco, but only for one year. I switched because my company only used Cisco.

The initial setup was not complex, it's just difficult to find out how to do it. The FAQ is not clear. In terms of deployment, it depends on the client, but deployment takes about an average of six hours.

In general, I implement the solution myself.

I would advise that If you want something robust, a good hardware solution, I think it's competitive and you have a good warranty, you have to choose Cisco. 

I would rate the solution 8 out of 10.

We have around 250 users and security is extremely important for us. 

The features I found most valuable in this solution are the overall security features. 

The overall application security features can be improved. 
It could also use a reporting dashboard. 

I found that Cisco ASAv is a really stable solution. 

I haven't tested scalability yet, but I believe it is a very scalable solution. We currently have 250 employees working on it without any issues.

The few times I've had to call in technical support, the service was excellent. I've had no issues.

Our company has used various other solutions in the past. We've decided to also install Cisco ASAv to add extra features to our system.

The initial setup was straightforward and it took me about two days to do the installation. The fine tuning took about a week. I am the IT Infrastructure Manager of our company, but I don't believe that individuals without IT knowledge would struggle to do the installation themselves.

We didn't use any consultant for the deployment - we installed and implemented Cisco ASAv ourselves and we didn't experience any problems.

We pay an annual fee.

We have used many other solutions in the past and we constantly look out for other options. So we didn't switch to Cisco ASAv, we simply started using it together with another solution. We now use two products in the same time.

I rate this solution an eight out of ten and I would definitely recommend it to other users. If the developers would add a reporting dashboard, and perhaps lower the pricing, I will rate it higher. But overall I am really satisfied with Cisco ASAv.

We need a good and generic firewall which is why I bought Cisco ASAv. I also needed a secure VPN. The real reason I bought it though, was for the firewall. 

The firewall power that comes with Cisco ASAv is the most valuable asset. They are very easy to manage and configure. 

There definitely is room for improvement. We found it difficult to publish an antenna plug with the ASDM. Cisco should make the interface for the firewall more simple. 

This product is very stable. Before installing Cisco ASAv, I had two or three viruses in my network. Since installing ASA, I have not had any problems with viruses. There is a huge difference with and without ASA.

I am satisfied with the customer service because the assistance I got from the Cisco engineer was very good.

I used a different solution before. I used Meraki and it was a little simpler to use. However, currently, I only have Cisco routers.

The initial setup for Cisco ASAv was fairly simple. It wasn't very complicated, it would be okay for an intermediate professional. It can be made easier. I believe almost anybody could set up an ASA in a few hours. It took about two to three weeks for the platform to work properly.

The installation wasn't complicated at all and I got help from a Cisco engineer. 

I bought a license for three years and it was really affordable. 

I did consider other options as I have experience with Meraki and other devices. Meraki is simpler to use, but I decided on Cisco ASAv. 

I am really satisfied with the product and I rate this an 8.5 out of ten. The reason why I wouldn't rate it a ten, is because I find it a little more complicated to set up a firewall for publishing than when using Meraki. I therefore believe there is room for improvement.