Cisco Secure Firewall Reviews

Security, Routing and NAT.

Gives flexibility and several deployment options.

Some default inspection rules need better tuning. Focus development on CLI version.

11 years.

Rarely.

Yes, before Clustering was introduced.

Nine out of 10.

Yes. We changed for no special reason, just to mix things up.

Yes, but you need to read and understand how the device functions before deployment.

Like with all vendors, know what options you require and request the proper license accordingly. Prices are on the same level as competitors.

Not really, as all firewalls do most of what enterprises look for. What matters most is the after sales support.

Read, read, read and understand your requirements beforehand.

The front page of device manager is the most valuable feature because it makes it easy to know the system status.

It’s hard to say because our equipment was EoS.

I have used Cisco ASA for three years.

We suffered an attack and the firewall was down repeatedly.

We have to buy more licenses to get more VPN connections.

I rate support 7/10.

We didn’t have a previous solution. I actually searched after another solution.

Setup was complex because we had not taken a course previously.

Sincerely, I prefer other products with no limit on licensing of VPNs, for example.

You have to find more confidentiality, integrity and availability.

• Firewall
• VPN
• FirePOWER mobile

They should make the ASA accessible via the web instead of ASDM. Also, a big improvement is needed on the transparent mode.

I've used it for over six months.

There were some issues.

There have been some issues with Java.

There were some issues.

Customer Service:

8/10.

Technical Support:

8/10.

It was straightforward.

Make sure to plan your network carefully.

-Powerful firewall provides multiple contexts. -Highly stable firewall for campus traffic with no shutdown and zero maintenance compared to the Juniper SRX family which performs like a software firewall after 3 months of operation and did not allow the administrator to login. -Easy to use both GUI and command line. Also it may be more easily used through a management application like Cisco ASDM

-Latency and delay due to configuration and monitoring of multiple VLANS and traffic -Increases the delay as the firewall and IPS polices increase -We faced usually a problem with NATING

Cisco delivers a powerful firewall -- it’s not just a firewall but also a modular device that can deliver IPS hosting and wireless LAN controller as well. It also provides site to site VPN and remote access VPN services.

We primarily provide implementation and maintenance services to our clients.

The software itself is very simple.

The solution is easy to operate. It's not overly complex.

The command line is the same as it is on the Cisco iOS router.

The technical support is very helpful and responsive.

The solution needs to have better logging features.

Cisco needs to migrate its ASA Firewall to a management console or to a web console.

I've been working with the solution for six years at this point.

The solution is largely stable. Once we adopted Cisco services, we found that everything was pretty reliable. There aren't bugs or glitches. It doesn't crash or freeze. It's quite good.

The scalability is a problem as the solution has a low throughput.

We've been in touch with technical support and I've always found them easy to reach. They're responsive and helpful. I find their service much better than, for example, Fortinet or Palo Alto. Overall, we're satisfied with Cisco with respect to their technical support.

We have some experience working with Palo Alto and Fortinet solutions as well.

While I don't have the exact pricing of the solution, it's my understanding that Cisco is rather costly. It's not the cheapest option on the market. It's expensive. It's more costly, for example than Palo Alto.

We have a gold partnership status with Cisco, however, we are also partners with companies such as Fortinet and Palo Alto.

For a next-generation firewall, I would likely recommend Palo Alto. However, if a company had the budget, I would recommend Fortinet. That said, for a VPN gateway, I would recommend Cisco ASA.

In general, I would rate Cisco's ASA Firewall at seven out of ten.

I enjoy the interface of Cisco products, especially the CLI version. I think the IPS feature in the product is best compared to products of other vendors. All the IPS features can be accessed from a separate interface, e.g., Cisco IDM.

We are an educational institute, and we are required to block many websites that are not suitable for students and teachers. Most of the sites, like YouTube uses an https version, thus blocking with IP address was becoming problematic. Moreover, certificate domains for Gmail and YouTube are the same. But the IPS feature in this product helps us to overcome this limitation.

Pricing of this product needs improvement.

I have used this solution for two years.

I did not encounter any issues with stability.

I did not encounter any issues with scalability.

I would give technical support a rating of a nine out of 10.

I worked with Cyberoam and Fortinet UTM at my previous job. When I joined my present company, they were already using the Cisco ASA solution. But my present company may switch to other vendors, especially Fortinet, because of the license renewal price.

As I enjoy working on CLI, I would say that the initial setup was not complex.

License and appliance costs are more expensive as compared to other vendors on the market.

If your company is small or mid-range, it is better to go with other vendors, because of the pricing.

Firewall, VPN and Single Sign On.

Remote Access and SSO Authentication.

One year.

No.

Not yet.

Good.

Watchguard Firewall. Switched due to license cost.

A bit complex compared to Watchguard Firewall.

Pricing is competitive but licensing cost is on the higher side for non-profit organizations.

If so, which ones? Yes, Checkpoint, Juniper, Cyberoam.

Cisco is good. Look at your requirements and create a matrix to figure out the best option.

It's a standard rule based firewall for us. The AnyConnect VPN has solved a lot of remote access problems. High availability is good. It will fall back to the other ASA without any disruptions.

It has secured our DMZ.

I would like to see the following made easier:

• Objects
• Removing objects
• Correlating access rules and AnyConnect ACLs

Sometimes we suffer from older versions, such as objects, object groups, and aliases (name).

We have been using the solution for nine years.

We did not encounter any stability issues.

We did not encounter any scalability issues.

The technical support is good.

We used Cisco PIX.

I can't really remember the setup. It was too long ago.

We bought the solution, so there were no real recurring costs at that time.

We didn't evaluate any alternative products.