Cisco Secure Firewall Reviews

-Powerful firewall provides multiple contexts. -Highly stable firewall for campus traffic with no shutdown and zero maintenance compared to the Juniper SRX family which performs like a software firewall after 3 months of operation and did not allow the administrator to login. -Easy to use both GUI and command line. Also it may be more easily used through a management application like Cisco ASDM

-Latency and delay due to configuration and monitoring of multiple VLANS and traffic -Increases the delay as the firewall and IPS polices increase -We faced usually a problem with NATING

Cisco delivers a powerful firewall -- it’s not just a firewall but also a modular device that can deliver IPS hosting and wireless LAN controller as well. It also provides site to site VPN and remote access VPN services.

There are a lot of companies who create firewalls but there is not a single one which can compete with ASA. It can have access control from layer 3 to layer 7. The ASA 5510 is more than enough for small to medium business. It has dedicated GUI interface which is known as ASDM, a beautiful tool to manage ASA. You can use ASA to route traffic. AAA service supports plenty of Authentication server types. You can configure advanced NAT in this device. It uses Modular Policy Framework (MPF) to inspect traffic. You can inspect traffic at different layers separately. You can use this as a transparent firewall & fail over is instant. The virtualization works beautifully for this device. VPN is another added advantage.All the types of VPNs are managed through ASA.

The 5505 does not support multiple mode. While running this device on multiple mode you cannot use dynamic routing protocols or multicast routing. Also the IPSEC and SSL VPNs are not supported while running in multiple mode. sometimes analysis might take too long while performing DPI in real-time traffic. The product is expensive. A 5580 series costs more than $50000.

Its very difficult to write something about this product as it has so many options. I have studied 1000 pages about this product and most of the organizations use this firewall as it is the best in the world. I have never seen such a powerful device which can handle 2 million connections at 20Gbps speed. It can also inspect 4 million packets per second.

We use this solution for company security and to define access and connection between different devices.

This solution made our organization more secure and gave us better control.

The access list is the most valuable feature of this solution. 

This solution could be more granular and user-friendly.

I have been using this solution for 12 years. 

This is a stable solution. 

This is a scalable solution. 

The technical support for this solution is good. I would rate it a seven out of ten.

Neutral

We use this solution together with Palo Alto, depending on the use case. 

The initial setup is straightforward and the deployment only takes a few hours. Our deployment strategy was to keep it simple. A large deployment of this solution can require up to 10 resources. 

The solution does require maintenance and we use an external service provider for this maintenance. 

I would rate this solution an eight out of ten. 

On-premises

We are a service provider and we work on a variety of different projects for many customers. We do not use this product ourselves. Rather, we deploy it for different customers.

The primary use case is to protect the organization from unauthorized use.

The most valuable feature is the access control list (ACL).

Report generation is an area that should be improved.

I have been working with this product for two years.

This firewall is quite stable and we use it on a daily basis.

The scalability is good.

I have not worked with equipment from OEMs other than Cisco. It's the only vendor I use.

The initial setup is straightforward. The length of time for deployment depends on whether it is the entire setup or just the basic installation.

I deployed this product myself.

This is a product that I can recommend for an internal firewall. It's good enough.

I would rate this solution a seven out of ten.

On-premises