Cisco Secure Firewall Reviews

• Modular scalability
• High availability
• VPN services

It provided more secure access to the resources of my organization and created a more stable environment for the business activities between us and our partners.

Security through integrated cloud and software based services.

I've used it for two years.

There were a few problems with the interaction between the ASDM client and ASA device.

No issues encountered.

No issues encountered.

Customer Service:

10/10.

Technical Support:

9/10.

I previously used a Fortinet solution. I switched to Cisco because Fortinet lacked
stability and robust troubleshooting features.

It was complex because I had to put the ASA directly into the production environment.

I implemented the solution in-house.

I also evaluated Juniper and CheckPoint solutions.

You should try it without restraints, and it is worth every penny.

I am a pre-sales engineer, and I do comparisons based on my customer's requests.

The most valuable features of this solution are the integrations and IPS throughput.

The price and SD-WAN capabilities are the areas that need improvement.

In the next release, I would like to see more of the FortiGate features added. FortiGate is compatible with Cisco ACI, but I can't see Firepower with Security Fabric. For example, if I had Fortinet activated, could I integrate with it?

I have familiar with the Next Generation firewalls for two years, and six years with firewalls in general.

It's a stable product.

It's scalable indeed.

Our clients are SMB Enterprise.

It's just a fact, nothing is better than Cisco technical support.

Previously, I was working with Fortinet. I would most likely recommend Fortinet, because of the price and the security fabric integration with other products. It's scalable as well, and all of the FortiGate features are useful.

It's very easy to implement and it's very easy to administrate.

The initial setup was straightforward. With other vendors, it is easier, but it was straightforward.

This product is expensive.

I would rate this solution an eight out of ten.

We use it to protect the perimeter of the network.

It is reliable, and does the job that it is supposed to be doing.

• IPS
• Antivirus
• IP filtering

it is not very user-friendly for the administration.

The Cisco solution that we have now is very stable. That is why we are interested in continuing with the Cisco solution and upgrading to the next generation.

It can be used by multiple users.

We use the technical support of Cisco through a partner, so I do not have direct access to the Cisco IT technical support.

We just shortlisted Cisco and Fortinet.

We needed a Cisco technician to do the initial setup. We had to outsource the implementation.

We need to upgrade our security requirements due to the new security requirement applicable in Europe (from GDPR) and the cyber security guidelines for our vessel (we are a US shipping company). 

Most important criteria when selecting a vendor: familiarity, reliability, and price.

• Datacenter and edge firewalls
• Used in central and remote sites.
• Used in datacenter production sites.

• Deployed between users and servers transparently.
• Easy to deploy in a working environment between servers and users.
• Improved security and visibility.

• Failover
• Transparent firewall
• Multi-context
• Logging is great. It will show when it reaches its capacity before it is too late, unless you have bursts of traffic.

HTTPs inspection and higher throughput/spec would be good. Now, it has been replace by Firepower, which is a lot faster. 

More than five years.

The solution's reliability, performance, and security are most valuable.

The price and compatibility with other vendors' products can be improved.

I have used this solution for three years.

I have not encountered any issue with stability.

I have not encountered any issues with scalability.

I would give technical support a rating of 9/10.

I used Juniper Networks and I switched due to the lack of technical and sales support in Romania.

The initial setup was complex because of its outdoor position. We had to solve this problem with outdoor protection.

Negotiate the quote.

Before choosing, I evaluated Juniper Networks SRX.

Be careful with temperature control in the rack area, since Cisco ASA 5585-X with SSP-10 heats up a lot.

• NAT
• IPSec
• ACL

It solved an IPSec issue we had with a customer. We have moved from Linux IPSec to Cisco.

• Routing
• It needs GRE supports
• Application visibility
• Context

I have used Cisco ASA products since 2010.

No, it's very easy to deploy.

With versions 8.4.4 and version 8.4.6, they had a lot of bugs. Also, after I moved to 8.4.5, route lookup changed to NAT divert and that kicked me.

No issues encountered.

Customer Service:

No service.

Technical Support:

No service.

Yes we previously used Linux and we moved because Cisco is great.

It was straightforward as Cisco Asia integrated it into OSPF, another router on the stack, and for NAT IPSec.

I implemented it by myself.

It's good.

No other options were evaluated.

It's a great product.

There are a lot of companies who create firewalls but there is not a single one which can compete with ASA. It can have access control from layer 3 to layer 7. The ASA 5510 is more than enough for small to medium business. It has dedicated GUI interface which is known as ASDM, a beautiful tool to manage ASA. You can use ASA to route traffic. AAA service supports plenty of Authentication server types. You can configure advanced NAT in this device. It uses Modular Policy Framework (MPF) to inspect traffic. You can inspect traffic at different layers separately. You can use this as a transparent firewall & fail over is instant. The virtualization works beautifully for this device. VPN is another added advantage.All the types of VPNs are managed through ASA.

The 5505 does not support multiple mode. While running this device on multiple mode you cannot use dynamic routing protocols or multicast routing. Also the IPSEC and SSL VPNs are not supported while running in multiple mode. sometimes analysis might take too long while performing DPI in real-time traffic. The product is expensive. A 5580 series costs more than $50000.

Its very difficult to write something about this product as it has so many options. I have studied 1000 pages about this product and most of the organizations use this firewall as it is the best in the world. I have never seen such a powerful device which can handle 2 million connections at 20Gbps speed. It can also inspect 4 million packets per second.

Secured our network from outside and inside intruders.

• Network attack detection
• DoS and DDoS attack prevention
• Signature-based detection
• User-defined signatures with regular expressions
• Integrated URL and content filtering
• Custom URL categories filtering
• Integarted antrivirus
• Protocols scanning

License capacity needs to be extended and the vendor needs to work on the pricing.

Three to five years.

No stability issues.

No scalability issues.

10 out of 10.

No, Cisco was part of our solution from the start.

Straightforward.

Value for your money, but bit a costly.

Good product, give it a chance.