We started with the old ASA 5510 and migrated to Firepower, first using ASA as the basic operating system. Lately, we've been using FTD because it simplifies operations a lot. We are a very small networking team, and being able to push one policy to many firewalls eases our workload.
We are a global company, and we don't always have IT staff in all corners of the world. Therefore, having one place to do everything is very nice.
Cisco Secure Firewall has made it easier so that more than one person can handle things. We are able to have a bigger team that can handle simple tasks and have a smaller team focus on the deep-dive needs.
We have the same basic policies everywhere now, which makes it more flexible for us to manage.
I like the central management and IPS features. Having everything in one place is very valuable.
Cisco Secure Firewall is very good at detecting threats. We see a lot getting blocked by the IPS in our DMZ, that is, our internet-facing web service.
It helped free up IT staff time. Before, we would have to manually configure every single firewall. Every time we configure something on a firewall, it takes five to ten minutes, and we have more than 50 firewalls around the globe. We do changes every week, and the automated policy and upgrades saved us a lot of time.
In terms of the organization, we have been able to save time by getting things out faster. However, the only downside is that the policy push takes quite a while. Thus, a quick fix still takes at least 15 minutes, and troubleshooting can take time as well.
Some of our problems are related to software updates in remote sites where the internet connection is not stable. Sometimes, the image push just gets disrupted and fails.
The most annoying thing is having to replace the hardware so often. It's very difficult for us to do.
The integration between different tools could be improved. For example, with SecureX, I am yet to find out how to forward security events to different tools such as Microsoft Sentinel, which is what we use for log detection.
We've been using Cisco Secure Firewalls for a very long time.
We had to get in touch with technical support a few times, and our experience was good. I would give them a rating of nine out of ten.
The initial deployment is easy, and I have not had any issues.
The solution is deployed on-premises. We have an on-premises FMC that connects everything.
The cost of the firewalls versus the ROI is okay.
We are quite Cisco-centric because of the performance we get for the price range. We have a lot of smaller sites, and we are not a very big organization. The price fits us perfectly.
Overall, I would rate Cisco Secure Firewall at nine on a scale from one to ten.