Cisco Secure Firewall Reviews

Primarily, we are just using it as a firewall, mostly to protect our internal SQL network (our primary network). At the moment, we are not using Cisco Firepower for our services. We just use it as a firewall.

We have multiple secure internal networks linked with our plants. We are from a oil company, so we have multiple plant areas which need to have restricted network access. Therefore, we are using it for restricting access to the plant area, where they cannot directly connect onto the Internet.

It does not have a web access interface. We have to use Cisco ASDM and dial up network for console access, mostly. This needs a bit of improvement.

Most of the time, when I try to run Java, it is not compatible with ASA's current operating systems.

It should have multiple features available in single product, e.g., URL filtering and a replication firewall.

It is very stable. We have routers entirely from Cisco, which are still working after ten years of deployment. I would rate the stability as a nine out of ten.

We have two people maintaining it. It does not require intensive work. We have an expert in switching technology, and another person who is knowledgeable in routing and network security.

The scalability is good.

The technical support of Cisco is very good. Nowadays, you can get anything over the Internet. They provide help over the Internet. There is a very full forum, which is manually supported.

The initial setup was completely straightforward. 

However, we have to rely on Cisco ASDM to access the firewall interface. This needs improvement. Because we have a web-based interface, and it is a lot more user-friendly.

Deployment takes two or three days. We are continuously deploying the solution to our plants over time.

We do the deployment in-house.

ROI is part of the infrastructure costs. The product has saved us a lot of time, and once we deployed the solution, it worked.

The cost is a big factor for us. This is why we are using it only in our restricted area. They are very much higher than their competitors in the market.

I would rate the cost as a six or seven out of ten.

Nine or ten years ago, there were few options at the time.

Currently, we are using Barracuda for our more general Internet access. We use Cisco for our more protected environment.

I would recommend the product, but cost is a big factor. Some companies cannot afford expensive products, like Cisco and Palo Alto.

We use remote desktop services from our data center. We can clean the client and the remote desktop server and from there we can establish a VPN channel. 

We can create a profile and we can give them access depending on the access level they need to be on. All the way from level one to level 16. I just create the user and from the dropdown, I select what access level they need to be on and that's it. I don't need to go individually to each and every account and do the configuration.

I like the user interface because the navigation is very easy and straightforward. On the left side pane, you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward.

If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own. 

I would definitely love to have a much nicer web interface compared to the systems interface that it has now. I also would like to download utilities without having to login into the system. Nobody would want to download a client unless they're going to use it with a physical firewall. I don't understand the logic. If I was a hacker, I could get someone to download it for me and then I can use the client. There's no logic behind it.

I would rate their stability a nine out of ten. It's pretty stable. I never come across a situation where the firewall hangs and then I need to reboot it.

Cisco is expensive and when you want to grow, it means you're going to need to spend some money but you can justify it.

We have closer to 50 users on the firewall at the moment and do have plans to increase usage.

We were previously using Sophos firewall but it had a lot of issues. 

The initial setup is a little difficult compared to other firewalls but once you get it right, especially the assistant control list, it's fine. It's a little difficult compared to other firewalls. 

The deployment took us about three days because we did some testing and we also did certain attacks and checked some hackers which is why it took some time. We wanted to make sure that it was at least 99.99% protected.

We implemented through a UK company called Rackspace. 

Licensing is expensive compared to other solutions. Especially in other regions because people are very careful when it comes to spending on IT infrastructure. My suggestion is, first test it, once you see how good it is you will definitely want to renew it. 

I would advise someone considering this solution to just go for it. It's expensive but it's a robust solution. The only thing is that you have to convince your finance guy to go for it.

I would rate it a nine out of ten. 

Our primary use case is to support a security environment. It has performed well.

I am a security business of consultant. I deploy this solution for our customers. 

I like the easy administration.

It could use more of a system interface.

The security features in the URL category need more improvement. 

More than five years.

It performs very well. 

Scalability is good. 

Cisco has the best technical support. 

I worked with Check Point, but Cisco Firepower is better. It was an easy transfer to this solution. We chose Cisco because of its trustworthy reputation. They're a big, recognized brand.  

The most important criteria that we consider when evaluating a solution are performance, administration, and price.

The initial setup was easy and simple. 

I would rate this solution an eight out of ten. An eight because it's a good security solution. It's more mature than its competitors. 

Our primary use case is for handling office traffic VPN tunnels and filtering the traffic. All the traffic comes into the house and gets filtered in and out the Firepower interface. It's performed well.

Because of the deeper inspection it provides we have better security and sections that allow users broader access.

With this solution, you can have an inspection of each package and see what the threat level it's at. It has made the work more dynamic. We don't have to block as much like we had to in the old days.

They should develop a web interface that is actually useful. Currently, we still have an issue where you have to go in and do manual configuring by the command line if you want certain functions in it. This means that we need to find people at a higher technical level to be able to do changes in those things. It would be much easier if you had a more friendly user interface basis where you don't have to go in and do the command line off.

They should be a little bit faster sometimes in updating their threat protection. Cisco should redo their website so it's actually usable in a faster way.

Stability is fantastic. 

We are a rather small firm so we don't have much growth leads but there is a wide range of firewalls that I can expand onto. We can also set up cluster solutions. It's rather indefinite in its expandable possibilities.

I've only had to use their technical support once. Otherwise, I haven't had to use them.

We were using SonicWall before.

The initial setup is very complex but once it's done, it's fantastic. 

I would rate it a nine out of ten. Not a ten because of the horrible initial setup and because you can't handle all operations from one interface. You have to go back into the command line to even be able to type program language, even though you have a graphic user interface for it but it doesn't work properly.

It helps the firewall in our network and the VPN (Virtual Private Network). It creates a secure tunnel for our network.

The IPS (In-plane switching) is the most valuable feature. This enables visibility to our networks and to outside attacks. It is a solution to maintain the visibility.

At times the product is sluggish and slow.  Sometimes when deploying a new configuration or role, it is painstakingly slow. It should be a little faster than it is. 

It is a very stable solution. 

It is a scalable product. We have a lot of demand.  But, it supports any additional network that we add. It expands easily. 

Normally the Cisco tech support team are good. But, we have had some problems with tech support with this product. Some of the tech support team are really not familiar with how the IPS works. And, there is some disconnect between the tech support. Maybe they're not trained well. They're helpful, but not knowledgeable.

We use it on several layers of our network like in the border, internet edge, DMZ, some extranet parts of our network, and in the data center.

It's a reliable solution and a stable firewall. It helps us to manage the security policies in different areas of our network. 

We use ASA as a simple, scalable firewall. Its main advantages are the stability. We use it as an active standby and as a failover solution. We depend on this solution, we've used it for several years.

• Interaction with the equipment
• Different interface with the product 
• A more simple procedure in delivering policies to the equipment  
• Simplified upgrade procedure
  
• Tracking flows
• Monitoring and logs should be easier.

It's quite stable. In the past though, colleagues have had issues during the upgrade process. The failover didn't work and production was down. 

It's not so scalable.

I haven't had any major problems so I haven't had to open a ticket with technical support. 

The initial setup was not so complex. Most of it was straightforward. We just needed to discuss different scenarios that we had to consider regarding the deployment scenario, what could go wrong and what could happen in the future. 

We used Telekom Romania for the deployment. We did most of the job internally but they helped us to clarify some aspects regarding the architecture design.

We also considered Check Point. We chose Cisco because of its capabilities. We didn't need something so complex for this solution, just a straightforward firewall. It met our requirements. 

I would rate it a nine out of ten. 

Our primary use case is for security. We are a bank in India and the data is very important for us. We use ASA for our security and protection.

Data protection is a big benefit we see from this solution. It protects our customers, our customer's accounts, and money, as we are one of the biggest banks in Egypt and the Middle East.

Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good.

Some of the features, like the stability, need to be improved. 

The scalability is good. 

Their support is good and helpful but sometimes it takes them a while to respond. We have been stuck in critical situations so we opened a critical ticket but it took them a while to respond. 

The initial setup is easy. If we have an issue we contact their support. 

We implemented ourselves. 

I would rate it a seven out of ten. I would recommend this solution to a colleague. No product will give you 100% of what you're looking for but this solution is close. 

Our primary use case of this solution is for firewalling. 

We have been using Cisco for a long time, and we use Firepower to replace other systems. It hasn't really been an improvement, but there are many features we want to use in the future. We haven't seen much improvement because we only installed it a short while ago. 

It has many features but not all of them work. The features aren't stable enough for us to use them. The most valuable features are the firewalling and the deep inspection. 

The stability and the product features have to really be worked on.

The stability is getting better but we had some firmware issues. 

The scalability is good. We have scaled it but at a normal gross so it's not very high. We have designed it for our use case and we have the option to scale but we don't use it at the moment.

We chose Cisco because it had the full package that we were looking for. 

The initial setup was of normal complexity. It's not straightforward, and because we started so early, the migration tools were not so good at the beginning.

We implemented through our partner and had a good experience with them. 

Customers should take note that the migrations steps are not easy. The tools cannot solve all configurations and handle all configurations directly so you will have to do some coding by yourself. The solution is not complete at the moment but it will get better.