"The features I've found most valuable are the packet captures and packet traces because they help me debug connections. I like the logs because they help me see what's going on."
"The most valuable feature is stability."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The deep packet inspection is useful, but the most useful feature is application awareness. You can filter on the app rather than on a static TCP port."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"The most valuable feature is the access control list (ACL)."
"A good intrusion prevention system and filtering."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"The feature that I have found the most valuable is the control over the network permissions and the network."
"I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference."
"Azure's cost-effectiveness is its major advantage."
"In terms of the reporting, it's beautiful. It integrates with Azure monitoring and with Azure policies. That piece is a big help. You can set governing policies and you can use the application firewall, as well as the Azure Firewall, to enforce those policies."
"I can easily configure it."
"The solution can autoscale."
"Azure Firewall's feature that I have found most valuable is its scalability."
"Microsoft's technical support is very good. They're quite knowledgable and responsive."
"The ASDM (Adaptive Security Device Manager) which is the graphical user interface, works out, and Cisco keeps it current."
"VPN and firewall are good features."
"I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily."
"The user interface is easy to navigate."
"With the pandemic, people began working from home. That was a pretty big move, having all our users working from a home. More capacity needed to be added to our remote VPN. ASA did this very well."
"It's pretty reliable and allows for isolation capabilities within the network."
"The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied."
"Cisco offers a great educational series to train users on their devices."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"Report generation is an area that should be improved."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"An area of improvement for this solution is the console visualization."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"The ability to better integrate with other tools would be an improvement."
"It is a cloud service, but the lending speed for each region is not always the same. For example, in China, the speed is slow. They need to think about how to make sure that the service pace or speed is always the same in all regions. It would be a great improvement if they can provide the same pace worldwide."
"It would be nice to be able to create groupings for servers and offer groups of IP addresses."
"The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available."
"It needs a lot of improvement, especially on intruder detection. They are working hard on that."
"Azure should be able to work better as a balancer also, instead of just being a firewall. It should have a wider mandate."
"It would be much easier if the on-premises, firewall rules, had some kind of export-import possibility in place, which is not the case right now."
"An Azure firewall is not a real firewall."
"The development area and QA area could be improved. With those improvements, we can improve projects and take even less time to implement them."
"On firewall features, Fortinet is better. Cisco needs to become more competitive and add more features or meet Fortinet's offering."
"It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness."
"I would like it if there was a centralized way to manage policies, then sticking with the network functions on the actual devices. That is probably the thing that frustrates me the most. I want a way that you can manage multiple policies at several different locations, all at one site. You then don't have to worry about the connectivity piece, in case you are troubleshooting because connectivity is down."
"One thing that we really would have loved to have was policy-based routing. We had a lot of connections, and sometimes, we would have liked to change the routing depending on the policies, but it was lacking this capability. We also wanted application filtering and DNS filtering."
"They need a user-friendly interface that we could easily configure."
"I would like to see the inclusion of a protocol that can be used to protect databases."
"Recently, we have been having an issue with the ASA firewall. We haven't found the root cause yet and are still working on it. We failed over the firewall from active to passive and suddenly that resolved the issue. We are now working to find the root cause."
"There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Azure Firewall is ranked 19th in Firewalls with 17 reviews while Cisco ASA Firewall is ranked 4th in Firewalls with 90 reviews. Azure Firewall is rated 7.0, while Cisco ASA Firewall is rated 8.4. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Cisco ASA Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Fortinet FortiGate-VM, Palo Alto Networks VM-Series, Check Point NGFW and Sophos XG, whereas Cisco ASA Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX, pfSense and OPNsense. See our Azure Firewall vs. Cisco ASA Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
