Rene Geiss - PeerSpot reviewer
Network Engineer at a computer software company with 51-200 employees
Real User
Integrates easily and has VPN capabilities, but the ASDM interface is a bit buggy and the CLI isn't always intuitive
Pros and Cons
  • "I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched."
  • "One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."

What is our primary use case?

We are mainly using it as a VPN gateway and edge firewall.

How has it helped my organization?

It helped us with the transition to working from home and hybrid working. Because of its VPN capabilities, it enabled us to keep working while everyone had to stay home because of COVID.

It integrates well with other systems within our environment. 

What is most valuable?

I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched it.

What needs improvement?

One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility. 

The CLI is not always clear. It's not always intuitive.

Some of the things, such as site-to-site VPN, are complicated to set up. The settings you have are all hidden away in crypto maps, and you can't have a setting per tunnel. When you want to change one particular tunnel, you automatically change them all. That's a drawback.

Buyer's Guide
Cisco Secure Firewall
March 2024
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.

For how long have I used the solution?

We've been using the Cisco ASA firewall for about two years.

What do I think about the stability of the solution?

It's reliable.

How are customer service and support?

I haven't had much contact with their tech support. We have a partner called Fundamentals for support. They're good. I'd recommend them.

Which solution did I use previously and why did I switch?

We have a Palo Alto core firewall, and we handle threat detection and intrusion prevention on that device. We don't use Cisco ASA for detecting or remediating threats.

Compared to other systems that I have used in the past, Cisco ASA is reliable, and it's not a very big hassle to set up. It's very good, and it just does its job. 

How was the initial setup?

It's not a very big hassle to set up. It's a bit complex when you go into different topics that aren't the basic capabilities, such as when you go above VPN and basic ACL configuration, but all in all, it does the job.

What other advice do I have?

I'd rate it a seven out of ten because of the ASDM, non-intuitive CLI, and complication of setting some of the things.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Catalin Enea - PeerSpot reviewer
System Engineer at a computer software company with 5,001-10,000 employees
Real User
Reliable and helps to increase security and protect the company's data
Pros and Cons
  • "There are some hiccups here and there, but compared to the technical support from other vendors, I have had the best experience with Cisco's technical support. I would rate them at nine out of ten."
  • "Firepower's user experience should be a little bit better."

What is our primary use case?

We use Cisco ASA and Firepower.

ASA is used for AnyConnect connections, that is, for users to connect to the office. It is very reliable and works fine.

We use Firepower in some sites as firewalls to control inbound/outbound access. We use it as a software protection layer. However, because most users are now working from home, few users need it in the office. As a result, in some places, we have switched to SD-WAN.

What is most valuable?

The network products help save time if they are well configured at the beginning. They help increase security and protect the company's data.

What needs improvement?

Firepower's user experience should be a little bit better.

For how long have I used the solution?

I've been using Cisco Firepower for six months.

How are customer service and support?

There are some hiccups here and there, but compared to the technical support from other vendors, I have had the best experience with Cisco's technical support. I would rate them at nine out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was somewhat easy because we had previous experience with implementation. We copied that strategy or tried to align it to that implementation, but there were some challenges.

We have a hybrid cloud deployment. We have our own data centers and a lot of branches. In the data centers, most Cisco technologies start with ACI. With firewalls for big branches, we find that it's easier to break out to the internet globally rather than to use data centers.

What's my experience with pricing, setup cost, and licensing?

Cisco's prices are more or less comparable to those of other products.

What other advice do I have?

Compared to other vendors' firewalls, Cisco's firewalls are a bit behind. Overall, however, I would rate Cisco Firewall at eight on a scale from one to ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Secure Firewall
March 2024
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Network Engineer at Ulta Beauty
Real User
Controls the traffic between our inside and outside networks
Pros and Cons
  • "It is pretty stable. I haven't seen many issues during the past four years."
  • "Recently, we have been having an issue with the ASA firewall. We haven't found the root cause yet and are still working on it. We failed over the firewall from active to passive and suddenly that resolved the issue. We are now working to find the root cause."

What is our primary use case?

We use it to control the traffic between our inside and outside networks. 

We use the same firewall for the vendor by creating an IPv6 HyperSec VPN between the company and the vendor. 

It is a security solution. We needed to protect our traffic from the outside to inside. That is why we are using this firewall.

How has it helped my organization?

Cisco ASA is pretty good. We use it for Layer 3 and as our main firewall, protecting the entire organization. All our Internet traffic goes through it.

What is most valuable?

Their CLI is pretty good. 

What needs improvement?

In order to do an upgrade, we need to upload the software to the firewall, then upgrade the secondary and do a failover. Uploading this software into the firewall is old technology. For example, if you look at the Cisco Meraki firewall, you can schedule the software upgrade. Whereas, here we can't.

Recently, we have been having an issue with the ASA firewall. We haven't found the root cause yet and are still working on it. We failed over the firewall from active to passive and suddenly that resolved the issue. We are now working to find the root cause.

For how long have I used the solution?

I have been using the Cisco ASA firewall for the last four years.

What do I think about the stability of the solution?

It is pretty stable. I haven't seen many issues during the past four years.

What do I think about the scalability of the solution?

It has the scalability to replace the firewall with a higher model number.

The scalability meets our needs and future needs.

How are customer service and support?

The technical support is really good. If we open up a case, they are pretty good. As soon as we open up a case, they assign a case manager. Also, they have an engineer on call. I would rate them as nine out of 10.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

They had this firewall when I joined the company.

We also have Palo Alto that we use as a firewall for Layer 2.

What other advice do I have?

I haven't really used the GUI features that much.

We have not integrated with any other Cisco solutions yet, but we have been thinking about integrating with Cisco Umbrella.

I would rate the solution as eight out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Solutions Consultant at a comms service provider with 10,001+ employees
Consultant
Stable with a straightforward setup and good overall features
Pros and Cons
  • "The implementation is pretty straightforward."
  • "In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."

What is our primary use case?

The solution is primarily used for protecting the environment, or the cloud environments for our customers.

What is most valuable?

All the specific features you find within the NextGen firewall are quite useful. The touch intel feature is specifically useful to us. We deliberately choose this kind of product due to its set of features. 

The implementation is pretty straightforward.

What needs improvement?

The security market is a fast-changing market. The solution needs to always check if the latest threats are covered under the solution. 

It would always be helpful if the pricing was improved upon a bit.

In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard.

For how long have I used the solution?

We've been using the solution for about five or more years at this point.

What do I think about the stability of the solution?

The solution is stable. It's very reliable. It doesn't crash or freeze and doesn't seem to be plagued by bugs or glitches.

What do I think about the scalability of the solution?

The solution can scale quite well. A company that needs to expand it can do so easily.

In our case, we have clients with anywhere between 1,000 and 10,000 users.

How are customer service and technical support?

We have our own in-house team that can assist our clients should they need technical support. They're quite knowledgeable and can handle any issues.

Which solution did I use previously and why did I switch?

I also have experience with Fortinet and Check Point.

How was the initial setup?

The implementation isn't complex. It's straightforward. However, it also depends on the specifications of the customer. Normally we check that out first and then we can make a judgment of how to best implement the solution.

Typically, the deployment takes about two days to complete.

In terms of maintenance, we have about five people, who are engineers, who can handle the job.

What about the implementation team?

We deliver the solution to our customers.

What's my experience with pricing, setup cost, and licensing?

You do need to pay for the software license. In general, it's a moderately expensive solution. It's not the cheapest on the market.

What other advice do I have?

We're a partner. We aren't an end-user. We are a managed security provider, and therefore we use this solution for our customers.

We always provide the latest version of the solution to our clients.

Typically, we use both cloud and on-premises deployment models.

I'd recommend the solution to others. It's quite good.

On a scale from one to ten, I would rate it at an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
PeerSpot user
Security Architect
Real User
Gives us valuable insights about encrypted traffic on the web, with statistics up to Layer 7
Pros and Cons
  • "The IPS, as well as the malware features, are the two things that we use the most and they're very valuable."
  • "For the new line of FTDs, the performance could be improved. We sometimes have issues with the 41 series, depending what we activate. If we activate too many intrusion policies, it affects the CPU."

What is our primary use case?

Our primary use cases for FTD are IPS, intrusion detection, and to get visibility into the network and the traffic that is going on in some sites. We always have them in-line, meaning that they're between two networking connections, and we analyze the traffic for the purposes of internal detection.

In production, from the FTD line, we mostly have 2110s and 2130s because we have a lot of small sites, and we are starting to put in some 4110s. We only have FirePOWER here, but we don't use them most of the time as next-gen firewalls but more as an IPS.

Everything is on-premises. We don't use public clouds for security reasons.

How has it helped my organization?

When you put FTD between your internet and network units, you can get valuable insights about your encrypted traffic on the web, DNS traffic, and the like. It gives us statistics up to Layer 7.

Although I can't go into the details, the way the solution has helped our organization is more on the root-cause side when there is an incident, because we get very detailed information.

FTD's ability to provide visibility into threats is very good, if the traffic is clear. Like most companies, we have the issue that there is more and more encrypted traffic. That's why we use Stealthwatch instead, because we can get more information about encrypted traffic. But FTD is pretty good. It gives us a lot of details.

We put them in in-line and in blocking mode and they have stopped some weird things automatically. They help save time every day. We have 150,000 people all over the world, and there are times when computers get infected. It helps save time because those infections don't propagate over the network.

The fact that we can centrally manage clients for our IPS, and that we can reuse what we type for one IPS or one firewall, makes it easy to expand that to multiple sites and multiple devices. Overall, it has been a great improvement.

What is most valuable?

The IPS, as well as the malware features, are the two things that we use the most and they're very valuable.

Cisco Talos is also very good. I had the chance to meet them at Cisco Live and during the Talos Threat Research Summit. I don't know if they are the leader in the threat intelligence field but they are very competent. They are also very good at explaining complicated things easily. We use all of their blacklist, threat intelligence, and malware stuff on our FTDs. We also use the website from Talos where you can get web reputation and IP reputation.

What needs improvement?

For the new line of FTDs, the performance could be improved. We sometimes have issues with the 41 series, depending on what we activate. If we activate too many intrusion policies, it affects the CPU. We have great hopes for the next version. We have integrated Snort 3.0, the new Snort, because it includes multi-threading. I hope we will get better performance with that.

What do I think about the stability of the solution?

The stability depends on the version. The latest versions are pretty good. Most of the time, we wait for one or two minor version updates before using the new major version because the major versions go through a lot of changes and are still a bit unstable. For example, if you take 6.3, it started to be pretty stable with 6.3.03 or 6.3.04.

What do I think about the scalability of the solution?

Scalability depends on the site. At some sites we have ten people while at others we have a data center with a full 10 Gig for all the group. We have had one issue. When there are a lot of small packets — for example, when our IPS is in front of a log server or the SNMP servers — sometimes we have issues, but only when we get a peak of small packets.

How are customer service and technical support?

We've got a little history with tech support. We have very good knowledge within our team about the product now. We have a lab here in Montreal where we test and assess all the new versions and the devices. Sometimes we try to bypass level-one tech support because they are not of help. Now, we've have someone dedicated to work with us on complex issues. We use them a lot for RMAs to return defective products.

Which solution did I use previously and why did I switch?

In our company, we have used another firewall which we developed based on FreeBSD.

I, personally, used to work with Juniper, Check Point, and Fortinet. I used Fortinet a lot in the past. If you use the device only for pure firewall, up to Layer 4, not as an application or next-gen firewall, Fortinet is a good and cheaper option. But when it comes to a UTM or next-gen, Cisco is better, in my opinion. FortiGate can do everything, but I'm not sure they do any one thing well. At least with Cisco, when you use the IPS feature, it's very good.

How was the initial setup?

Setting up an FTD is a bit more complex with the new FTD line. They integrated the FXOS, but the OS is still not fully integrated. If you want to be able to fully manage the device, you still need to use two IP addresses: One for FXOS and one for the software. It's complicating things for the 4110 to have to, on the one hand manage the chassis and the hardware on one, and on the other hand to manage the logical device and the software from another one.

But overall, if you take them separately, it's pretty easy to set up and to manage.

The time it takes to deploy one really depends. I had to deploy one in Singapore and access the console remotely. But most of the time, once I get my hands on it, it can be very quick because we have central management with FMC. Setting up the basic configuration is quick. After that, you have to push the configuration that you use for your group IPS and that's it. My experience is a bit different because I lose time trying to get my hands on it since I'm on the other side of the world. But when I get access to it, it's pretty easy to deploy. We have about 62 of them in production, so we have a standard for how we implement them and how we manage them.

We have Professional Services and consultants who work with us on projects, but not for the deployment. We have our own data centers and our own engineers who are trained to do it. We give them the instructions so we don't need Cisco help for deployment. We have help from Cisco only for complex projects. In our case, it requires two people for deployment, one who will do the configuration of the device, and one who is physically in the data center to set up the cables into the device. But that type of setup is particular to our situation because we have data centers all around the world.

For maintenance, we have a team of a dozen people, which is based in India. They work in shifts, but they don't only work on the FTDs. They work on all the security devices. FTD is only a part of their responsibilities. Potentially we can be protecting 140,000 people, meaning all the employees who work on the internal network. But mostly, we work for international internal people, which would be roughly 12,000 people. But there are only three people on my team who are operators.

What was our ROI?

ROI is a difficult question. We have never done the calculations, but I would say we see ROI because of some security concerns we stopped.

What's my experience with pricing, setup cost, and licensing?

Cisco changed its price model with the new FTD line, where the appliances are a bit cheaper but the licensing is a bit more expensive. But that's not only Cisco, a lot of suppliers are doing that. I don't remember a lot of the licensing for Fortinet and Check Point, but Cisco's pricing is high, at times, for what they provide.

What other advice do I have?

FTD is pretty good. You can stop new threats very quickly because you can get the threat intelligence deployed to all your IPSs in less than two hours. Cisco works closely with Talos and anything that Talos finds is provided in the threat intelligence of the FTDs if you have the license. It's pretty good to have the Cisco and Talos teams working closely. I know Palo Alto has an similar arrangement, but not a lot of suppliers get that chance.

Our organization's security implementation is pretty mature because we try to avoid the false positives and we try to do remediation. We try to put threat intelligence over a link to our IPS next-gen firewalls.

Overall, we have too many tools for security in our organization — around a dozen. It's very complicated to integrate all of them. What we have done is to try to use the Elastic Assist Pack over all of them, as a main point of centralization of log information. The number of tools also affects training of teams. There are issues because one tool can't communicate with the another one. It can be very hard, in terms of technical issues and training time, to have everybody using all these processes.

We also use Cisco Stealthwatch, although not directly with the FTD, but we hope to make them work together. There is not enough integration between the two products.

Overall, FTD is one part of our security strategy. I wouldn't rely only on it because we've got more and more issues coming from the endpoints. It lets you decipher everything but sometimes it is very complicated. We try to use a mix and not rely only on the FTDs. But for sure it's great when you've got a large network, to give you some visibility into your traffic.

I rate it at eight out of ten because it's pretty good technology and pretty good at stopping threats, but it still needs some improvement in the management of the new FTD line and in performance.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Anshul Kaushik - PeerSpot reviewer
Anshul KaushikTechnical Solutions Architect - Security Channels at a computer software company with 10,001+ employees
Real User

FTD 6.4.0.4 is the recommended release now and is more stable in terms of features and functions. The new HW models Firepower 1K are 2-3 times better in performance as compared to the legacy ASA 5500-x series at the same price. The addition of new 41xx models are more efficient at the same price as compared to previous 41xx models.
The current release of FTD is 6.5 , got released last month.

Ibrahim Elmetwaly - PeerSpot reviewer
Presales Manager at IT Valley
Reseller
Provides unified management, application control, intrusion prevention, URL filtering, and malware defense policies
Pros and Cons
  • "For companies prioritizing security, the optimal choice is one that offers a range of feeds to cater to diverse needs. This is particularly crucial for organizations implementing DDoS mitigation. The preferred solutions typically align with the top server vendors, with Cisco, Forti, and Barracuda consistently ranking among the top three vendors we collaborate with."
  • "It's not unexpected, but it's a common scenario where customers request dual layers of security. For instance, when dealing with regulatory compliance, especially in financial sectors regulated by entities like the Central Bank, having two distinct units is often mandated. If a client predominantly uses a solution like Palo Alto, they may need to incorporate another vendor such as Cisco or Forti. Importantly, there's a significant disparity in interfaces and management platforms between these vendors, necessitating careful consideration when integrating them into the overall security architecture"

What is most valuable?

For companies prioritizing security, the optimal choice is one that offers a range of feeds to cater to diverse needs. This is particularly crucial for organizations implementing DDoS mitigation. The preferred solutions typically align with the top server vendors, with Cisco, Forti, and Barracuda consistently ranking among the top three vendors we collaborate with.

What needs improvement?

It's not unexpected, but it's a common scenario where customers request dual layers of security. For instance, when dealing with regulatory compliance, especially in financial sectors regulated by entities like the Central Bank, having two distinct units is often mandated. If a client predominantly uses a solution like Palo Alto, they may need to incorporate another vendor such as Cisco or Forti. Importantly, there's a significant disparity in interfaces and management platforms between these vendors, necessitating careful consideration when integrating them into the overall security architecture.

For how long have I used the solution?

I have been using Cisco Secure Firewall for the past ten years. 

What do I think about the stability of the solution?


Regarding stability, I would rate it as moderate. In my assessment, based on feedback from analytics scenarios, I would assign it a rating of approximately eight out of ten.

What do I think about the scalability of the solution?

The solution is extremely scalable and based on my experience, I would rate it 7 out of 10.

How are customer service and support?

Cisco is a well-established company, and it offers accessible support, both locally and through online resources. The abundance of information makes it easy to find the necessary details and assistance.

How would you rate customer service and support?

Positive

How was the initial setup?

The implementation timeline for our firewall is contingent on the readiness of the policy. If the policy is prepared, the deployment can occur within a day. However, if the policy is not finalized, a brief meeting is convened to gather the necessary data for rule establishment. Once the information is ready, the implementation on VMware proceeds. Notably, there is a requisite waiting period, such as fine-tuning for optimal rule configuration, as each customer has unique requirements. It's crucial to tailor the rules to fit the specific needs of each customer, as there is no one-size-fits-all best practice in this context.

What's my experience with pricing, setup cost, and licensing?

It is extremely expensive compared to its competitors and I would rate it 2 out of 10. 

What other advice do I have?

I would recommend this solution and rate it 8 out of 10.


Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
PeerSpot user
IT Service Technician at Scaltel AG
Reseller
Can easily segment the network but does not have direct access via web browsers
Pros and Cons
  • "The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic."
  • "Cisco Secure Firewall should be easier to handle. It uses ASDM, which is not easy to understand. It would be better if there was direct access via HTTPS."

What is our primary use case?

We use Cisco Secure Firewall in our own company for site-to-site VPN to access our customers and provide remote support.

We sell the solution to our customers as well. They use the ASA or FMC for dedicated networking, for example, the process network. That is, they dedicate the process network or ASA to the user network.

As a Cisco Secure reseller, I add value with my professional background, for example, in Cisco TAC, to my customers. We choose to sell Cisco Secure Firewall because of our partner status with Cisco.

What is most valuable?

The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic.

It also secures the internal network to allow specific client traffic or machine traffic.

Cisco Secure Firewall helped reduce our clients' meantime to repair by 40%. This is because they can easily segment the network. It's easy to troubleshoot because of micro-segmentation.

What needs improvement?

Cisco Secure Firewall should be easier to handle. It uses ASDM, which is not easy to understand. It would be better if there was direct access via HTTPS.

For how long have I used the solution?

I have used this solution for around five years, but my company has been using it for 30 years.

How are customer service and support?

Cisco's technical support for security is good. The support staff are professional and know what to do. I would give them an eight out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

The deployment of the firewall is more difficult if you want to use all of the features. However, if you're using it only as a VPN, then it's a little bit easier to deploy.

What other advice do I have?

Compared to Cisco Secure Firewall, other firewall solutions are easier to handle because they do not use ASDM. They have direct access via web browsers.

If you're considering Cisco Secure Firewall, take a look at what you want to use the firewall for and what kind of handling you prefer. If you prefer easy handling via browsers, then you may need to use another solution because ASDM is no longer the state of the art.

Overall, I would rate Cisco Secure Firewall at seven on a scale from one to ten.

The I add as a reseller is the professional background.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
IT Consultant at ACP IT Solutions AG
Reseller
Is scalable, but firewall management needs improvement
Pros and Cons
  • "Cisco Secure Firewall is a scalable solution."
  • "The management of the firewalls could be improved because there are a lot of bugs."

What is our primary use case?

Our clients use Cisco Secure Firewall to protect them from data breaches. They also use it for site-to-site VPN connections and remote access.

What is most valuable?

The most valuable features are remote access, site-to-site VPN, and next-generation features.

What needs improvement?

The management of the firewalls could be improved because there are a lot of bugs.

For how long have I used the solution?

I've been selling this solution for three years.

Most of our clients have deployed the solution on-premises and are slowly migrating to hybrid and to SaaS models.

What do I think about the stability of the solution?

When you configure it, it's very stable.

What do I think about the scalability of the solution?

Cisco Secure Firewall is a scalable solution.

How are customer service and support?

Cisco's technical support is good.

Which solution did I use previously and why did I switch?

We used to sell Palo Alto firewalls and switched to Cisco because it was more cost-effective for clients.

As a Cisco reseller, I try to give our customers the best possible solutions for their problems.

How was the initial setup?

The initial setup is straightforward for smaller organizations, but it can be complex when companies are larger.

Migrating certain components of a client's previous firewall configurations to Cisco Secure Firewall with the migration tool is simple, easy, and quick. However, it would be really nice if we could migrate complete ASA configurations to FTD with the migration tool and not just the policies and objects.

Maintenance-wise, we troubleshoot and make changes if required.

What about the implementation team?

I deployed it myself with, and perhaps with one person from the client's end.

What other advice do I have?

On a scale from one to ten, I would rate Cisco Secure Firewall at seven.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Cisco Secure Firewall Report and get advice and tips from experienced pros sharing their opinions.