Cisco IOS Security Reviews

We use the solution to secure data centres for clients.

The solution has the best features for routers embedded with firewall capabilities. It helps us protect the network.

The solution’s setup process could be better. It is complex regarding troubleshooting, and only highly skilled engineers can resolve it.

We have been using the solution for 15 years.

The solution is stable.

It is a scalable solution. We have more than 100 clients using the solution.

The solution's technical support is excellent. The team includes certified engineers.

The solution's initial setup process is easy if you are highly skilled in handling the troubleshooting part. The deployment takes around two to three weeks, depending on the requirements.

We can purchase the solution's licenses as per specific business requirements.

The solution provides a robust system. I advise others to understand the technology to use the system with ease.

I rate it a ten out of ten.

Our company uses the solution as intrusion protection for customers. It fully integrates with the BMA and ISE. We manage all traffic in data centers to protect them from internal users and outside traffic.

The solution effectively integrates with Umbrella which has an intelligent background and is very helpful in tech analysis or discovery. 

The solution is not user friendly and it is hard to manage the GUI interface. This is an ongoing CISCO problem. 

The solution needs Active/Active firewalls to have good load balance with high availability. The firewalls should work simultaneously, not just as failovers. 

I have been using the solution for ten years. 

The solution is very stable if configured properly. I rate stability a nine out of ten. 

The solution is very highly scalable and other products really don't compete with its scalability. The solution can easily be used for small companies or big enterprises with thousands of users. I rate scalability an eight out of ten. 

Technical support does not have a broad knowledge base, so I rate them a six out of ten. 

Neutral

The setup is better than before but still not easy or clear like Palo Alto. If you want to configure the solution, then you need to study how to do it. 

The setup is difficult so I rate it a six out of ten. 

We implement the solution for customers on our own unless we have an issue or bug. It takes one expert staff person for deployment. Depending on the customer's policies and the network's complexity, deployment might take from three to seven days. 

Our process includes verifying the license and setting up the firewall, hardware, FMC, and the failover when there is more than one firewall. We then define or set up the configurable interfaces and the IP addresses. Finally, we define the VLAN of the customer and policies for each VLAN. 

The solution does not require ongoing maintenance if it is configured properly. 

Our ROI is that the solution saves time because it reduces attacks and helps with ongoing protection. The subscription model is also very helpful for ROI. 

I rate ROI at 1800%. 

The pricing is average and includes all features with support. I rate pricing a six out of ten. 

Palo Alto has a better GUI interface for handling all features and is easier to configure. 

I recommend the solution and rate it an eight out of ten. 

We're using it for internet traffic security. It's for protection. 

We don't have a problem with the user interface and it is pretty user-friendly.

We don't mind the cost.

The security is very good. 

Cisco is very good, very powerful. 

It's a reliable, stable product in general. It's better than the competition. 

The product is easy to set up. 

It is a stable product.

We find the product to be scalable. 

How to improve the solution depends on the usage. 

Sometimes I find it difficult to manage. Some configurations are difficult for new engineers, for example. 

It could be more flexible. 

I've been using the solution for the last ten years. 

This is a very stable, reliable product. There are no bugs or glitches. It doesn't crash or freeze. 

It's a scalable product. 

We have 500 to 600 people using the solution.

Before, it was very easy to get in touch with support. However, it's become more difficult. It can take a long time to get an answer. We also have to deal with time differences, which can make it harder to get an answer. 

It is very easy for me to implement the solution. It's very good, it's very easy. There are command planning and equations. Cisco is very simple. We don't have issue with Cisco.

The deployment depends on the product you use and the network design. 

You can do it in small batches. It can take some time to refresh. It might take one or two days. 

The cost may be around $5,000 to $10,000 a year. If you want support you have to pay at least this price. 

We are a Cisco customer and end-user. 

We've been using the mid-range version since 2012.

I'd rate the solution around eight out of ten. 

Cisco is great. It's likely number one in the world. I'd recommend the solution as it is a very powerful product. However, it's best to have Cisco experts on staff or available to you to make things easier. 

We use Cisco IOS Security for integration purposes. We have Cisco features and Cisco devices in our organization. We use it as an integration system for Cisco devices.

Cisco products are very secure and integrate easily with other devices.

The graphical user interface or the GUI could be better. Beginners can use some devices with the GUI, but some security devices are configured using CLI. It would also be better if it had its own Intrusion Protection Service and Intrusion Detection Service on the server.

I have been using Cisco IOS Security for more than three years.

Cisco IOS Security has been stable so far.

The device is not scalable because the device was manufactured with a specific product specification. To scale, you have to plan and add more devices. We have about 12,000 users.

They are supportive and have the technical skills to support us. If I have challenges with a Cisco product, they help me based on their subscription fee.

On a scale from one to five, I would give Cisco technical support a five.

Positive

The initial setup is straightforward for IT users. It takes about one hour to implement this solution because we have to upgrade the framework on some of the devices. 

On a scale from one to five, I would give the initial setup a five. 

Cisco IOS Security is not very expensive, and pricing depends on where you live. It's affordable for both individuals and institutions.

On a scale from one to five, I would give Cisco's pricing a four.

We chose Cisco because the company has an excellent market rating, users are familiar with Cisco, and they can deploy Cisco products. Using Cisco also improves the security mechanism of all devices from end to end.

On a scale from one to ten, I would give Cisco IOS Security an eight.

The main purpose of Cisco IOS Security is for our data center. It connects each node and user to the network.

The most valuable feature of Cisco IOS Security is posturing.

Cisco IOS Security could improve by having more compatibility with other Cisco solutions.

I have been using Cisco IOS Security for approximately three years.

Cisco IOS Security is a stable solution.

The scalability of Cisco IOS Security is good. I can increase and decrease elements when needed.

We have approximately 45,000 people that can use the solution. Additionally, We have approximately 1,000 IT managers, technicians, and other users who directly use this solution.

The support from Cisco IOS Security was very helpful.

I rate the support from Cisco IOS Security a four out of ten.

I previously used another similar solution.

I can do all the implementation of the solutions through the Cisco DNA Center. I can manage the Cisco IOS Security configuration. The whole process can be complex. Additionally, when we cannot connect to the internet we need to do manual configuration.

The full setup can take a couple of hours. However, initially, it took to use a couple of weeks.

We did the implementation of Cisco IOS Security in-house.

We have two service engineers that are involved in the deployment and maintenance of the solution. They have the appropriate training needed to support the solution.

I rate Cisco IOS Security an eight out of ten.

We can use iOS security for a variety of security features. We can use it to run DPM. We run encrypted data and can use it for zone-based firewalls, to a zone-based firewall.

I use VPN solutions such as site-to-site or user-site VPN, and some do not require a firewall.

It is less expensive than alternative firewalls.

While Cisco IOS Security is stable and scalable, I would like to see it improved to be even better.

I have been working with Cisco IOS Security for three months.

I use version 12.4 and I use 15 and above for the router.

Cisco IOS Security is very stable.

Cisco IOS Security is a scalable solution.

We have approximately 50 users.

We have not contacted technical support.

I don't have any critical issues, and I haven't had any open technical tickets with support. Everything is fine, but I work in security with multi-media solutions. We haven't had any problems.

The installation is straightforward. It's easy, we didn't have any problems with the installation of Cisco IOS Security.

I have three or four technical teams to help me work on publishing.

Cisco IOS Security requires a license.

With Cisco, we have a variety of licenses. They have smart licenses that can be provided for one year, two years, three years, five years, and seven years. Alternatively, they have perpetual licenses available. I am working with a perpetual license, but not a smart license.

Before we can use any security feature on the Cisco router, we must first purchase an iOS security license.

Yes, I would recommend this solution. It is more stable and less expensive than other firewalls. In some cases, it saves money for the project or the companies that work with it.

I would rate Cisco IOS Security an eight out of ten.

We are a reseller and Cisco IOS Security is one of the network security products that we offer to our clients. The primary use case is securing connectivity between sites. Examples of this are between a site and a data center, or a site and a cloud provider.

DMVPN as a technology, not necessarily for security, has allowed my customers to be more agile in their connectivity, without having to rely on a hub-and-spoke topology. Rather, they can leverage a full mesh topology, which is essentially SD-WAN.

IPsec allows us to overlay that, which means we can obfuscate the underlying infrastructure, whatever the transports are. Whether it is a secure private transport like MPLS or just public internet, we can commoditize the underlying transports and trust that everything is secured from prying eyes. 

What I have used the most and received the most benefit from is the IPsec technology. It overlays on DMVPN tunnels and being able to secure these object-based tunnels is good because they perform significantly better than traditional IPsec tunnels.

With respect to user-friendliness, it is a command-line interface and those with such experience will get along just fine, whereas others may struggle. My expectation is that it will remain a primarily command-line-based technology.

The biggest annoyance is probably the quality control of the code. They have to make sure that they are better at vetting bugs and software issues before they release code to the general public.

I have been working with this product for the past ten years.

It is not the most stable system that I have worked with.

I don't think that scalability is much of an issue.

Our clients are small enterprise-level organizations, typically between 1,000 and 5,000 knowledge workers.

The technical support is pretty good and I would rate them an eight out of ten. If anything, they should work on their response times for critical cases.

I would say that 80% of my experience is with Cisco products.

The initial setup is fairly complex, although it depends on the feature sets that you're looking for. Cisco IOM is probably the most complex part of it because it involves setting up all of the QoS policies, performance-routing policies, and performance-routing domains.

From a DMVPN over IPsec perspective, it is pretty straightforward.

Price is certainly something that the IOS technology has fallen behind the competition on.

My advice for anybody who is implementing this product is to ensure that they don't overlook the technical overhead that is required to get it set up and keep it running. From an SD-WAN perspective, there are more user-friendly options out there, so they are going to have their own shortcomings. However, if you're going down the route of a Cisco command-line-based solution then make sure that you're prepared to have the staff on hand to manage it or instead, have a trusted partner that you work with and has the expertise to manage it.

From a feature-set perspective, as long as Cisco continues down the path of combining features from its products onto the unified platform, it will have all the features you need.

It's a good product and it does exactly what it's intended to do, but there and stability issues and the price is expensive.

I would rate this solution a seven out of ten.

Our primary use is just as a firewall. That is pretty much it.  

We are able to filter a lot of traffic. The is especially effective when a lot of the traffic is in layer 7 — the internet aspect of security for application services.  

I think the multi-layered approach is valuable. Just the fact that it covers everything on the LSA (Local Security Authority) right up to layer 7, in-depth packet analysis, and all that. It covers everything we need it to without looking to secondary solutions.  

I think the user interface for IOS Security needs to be improved.  

I think the signature updates and all the other critical definitions need to be updated more frequently.  

We have only been using IOS (Internetwork Operating System) Security since about 2016. So we have worked with it for about four years.  

The stability of the product is okay. There were not really any bugs or glitches that I can remember.  

The scalability aspect of it is that it is one of those products where you have to incorporate additional hardware. It is a vertical scale, so you add on the boxes you need and bond them together. Of course, it costs more to scale that way than something that would be a software upgrade. You have got to pay to scale and to get more features.  

Our clients are generally small to medium-sized businesses. Cisco IOS is a pretty good fit for that range of clients.  

I have used the Cisco technical support and they were okay. Rating them out of ten, I would give them an eight or nine-out-of-ten. They have a pretty good system with decent response time and accuracy. They are good overall and in comparison to other services. They offer 24/7 service, which is a benefit.  

I was actually using Cisco products more in the past and use them as a consultant. Right now, Sophos is the only one I have been using. It just came about through one of those situations where we were able to partner up with Sophos. That is really the reason for the change.  

Setup and installation are pretty much straightforward. Comparing the installation to Fortinet or Sophos they are all the same.  

The pricing for IOS Security is okay. It is competitive. It costs more when you have got the need to pay for more features. You have to buy more boxes and tie them together to upgrade to the next level.  

I have used Fortinet in the past too as well as Sophos and other Cisco products. They are all similar and if you know how to use them they are virtually all the same.  

The advice that I would give to others looking into implementing this product is that I think they need to do their benchmarking. They should do due diligence beforehand in terms of their traffic.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall as about an eight-out-of-ten. I do not know how they could realistically improve on that much. You never keep up with the hackers, they are always a step ahead of us when it comes to security.