Cisco Secure Firewall Reviews

To safeguard our clients' system data and related aspects, we rely on Next-Generation Firewalls as a system integrator. In particular, we use Cisco Secure Firewall for enhanced security measures.

We have provided our services to the National Information Center in Riyadh, which is a government database. They installed Cisco Secure Firewall systems and have given us positive feedback, which is why most of the areas prefer to use Cisco. To date, we have not received any negative feedback from our clients regarding any issues, such as hacking. Everything has been secure, and I hope it stays that way in the future.

Our company operates in Saudi Arabia, primarily working with government sectors. If any hardware malfunctions, the defective device is removed, and we receive a replacement from the reseller. We have not encountered any issues related to delays in receiving replacements for malfunctioning devices which has been beneficial.

In today's world, cyberattacks have become a common occurrence. However, so far, we have not faced any issues with our systems. I hope the situation remains the same in the future. If Cisco introduces even more advanced security measures, it would be beneficial.

One of the major issues we face in the Middle East is the long delivery time for Cisco products. Currently, they are taking almost 10 months to deliver, which is much longer compared to before when we received the products within 70 to 80 days or even two to three months. For instance, we recently placed an order that has a delivery date in the middle of 2024. This delay is unacceptable as customers cannot wait that long, and they may opt for other alternatives, such as Huawei, Juniper, or HPE. Therefore, Cisco needs to improve its delivery time and ensure that they deliver products within a reasonable timeframe, as it did before.

I have been working with Cisco Secure Firewall for more than 10 years.

We have not encountered any stability issues. The only issue we faced was with another company that did not have proper cooling systems in their data center.

The scalability of the Cisco Secure Firewall is excellent.

A few years ago, we faced an issue with some of our devices in Saudi Arabia, and we reached out to Cisco for assistance. They responded promptly and repaired our devices within the given time frame. While the delivery time for their solutions in the Middle East may be longer, Cisco still delivers their solutions on time, whether it's for repair or new orders. Even if the delivery time is up to a year, Cisco ensures that our products are provided on time.

I rate the support from Cisco Secure Firewall a ten out of ten.

As a system integrator, our primary focus is not on selling products, but rather on providing comprehensive solutions to our customers, starting from scratch and ensuring everything runs smoothly. In this regard, we rely heavily on Cisco devices, including switches, routers, code devices, NK, Nexus, 7000, and 9000. We also use other Cisco products, such as IP phones and access points. In Saudi Arabia, Cisco is the most popular brand in the market, but its popularity is declining due to prolonged delivery times. Customers cannot afford to wait a year, and this is the primary reason for the decline in demand.

The prices of Cisco Secure Firewall are competitive, especially for us as Cisco partners. We purchase the products directly from Cisco as a gold partner, which allows us to obtain better pricing than we would get from normal distributors or the local market.

Our current company, SNC ICT, is already a Cisco Gold Partner. We are actively involved in investing, purchasing, and selling Cisco products to our customers, as well as performing installations, configurations, and providing other related services.

In the Middle East, most people with a budget opt for Cisco. However, I do not have any information about the preferences in Europe, South Asia, or Asia.

Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint.

Our clients have been able to consolidate infrastructure products such as Talus for hardware encryption and Dell EMC for D2D de-duplication and backup.

FMC could be improved because management with FMC is quite difficult compared to using Firepower web-based management.

We've been selling Cisco Firepower for a year.

Our clients feel that Cisco has proven stability in enterprise networking, routers, and ASA firewall security.

We are very confident with Cisco's technical support and would give them a ten out of ten.

Positive

Previously, we sold Check Point and Palo Alto.

We choose to sell Cisco because it has been approved by NATO. Our clients use a strictly offline infrastructure, and there were significant issues with Check Point. In addition, we have good support from the local Cisco office, and they also suggested that the end user goes with Cisco.

As a Cisco Secure Firewall reseller, the value we bring is very good support. You will not get the same level of support from some other vendors. For instance,  Palo Alto and Check Point don't have direct support like Cisco. They have third-party support. Thus, you may get a response only when you escalate the issue to the third tier of the service level. With Cisco, everything is resolved within a day.

The initial setup is straightforward because most network engineers have worked with Cisco. Cisco invested in universities, and as a result, 40% of the network experience of students is with Cisco.

Our clients are mostly financial institutions and have strict policies that do not allow personal data on external clouds outside the country. As a result, they mostly use an on-premises or hybrid cloud deployment model.

We are currently having our customers switch from the 2000 to the 3000 series.

The price is not too high, but the subscription is a little bit high. We compared the activation of Cisco and Fortinet, and when we activated the whole portfolio of the UTM of Fortinet, the speed was reduced. We tested the same situation with the Cisco 2140 series, and there was no reduction in speed.

When you're evaluating the solution, take a look at the customer reviews.

We have had no issues with Cisco Secure Firewall, and I would rate it at nine on a scale from one to ten.

As a manufacturing company, we have to use many different concepts of firewalls. That's one reason we had to use a trusted firewall for security and trust reasons.

We use a top-down architectural level mostly. For this reason, Cisco Secure Firewall is the top product for us.

I would say that this solution has saved our organization's time because we are certified engineers and experts. It helps us to connect quite well with our customers on a professional level.

The features I have found most valuable are the ASA firewalls. I like to have features like most integrated systems in ACI.

I think that the solution can be improved with the integration of application-centric infrastructure. It could be used to have better solutions in one box.

I have been using this solution for around seven or eight years.

I've used different concepts of solutions before Cisco. Cisco is much better than Juniper, Brocade, or Foundry, as it is much easier to use and get directions from. It is also easier to integrate Cisco if you compare it with other customer concepts, such as Juniper, Brocade, or Aruba.

I am not involved in all Cisco firewall deployments. We also have an architectural team. We deploy based on a top-down level architecture and implementation structure.

When it comes to pricing, quality is important to us. When looking at products, we prefer quality over speed. Cisco is on that quality side mostly.

We are currently using the Cisco Firepower firewall, which is dependent on the situations in the data center and regional data center concepts. 

The way that this solution helps secure our infrastructure end-to-end is by enabling us to easily integrate all end-to-ends for monitoring.

Whether this solution saves us time depends on the situation. We use highly secure networks on the national security level and that's why it helps to use different products as Cisco is one of the best.

Overall, I would rate this solution a nine, on a scale from one to ten, with one being the worst and ten being the best.

We use them for firewall purposes. We use the small ones with the partners for the services they need, such as VPN and security.

Their performance is most valuable.

The stability could be better because we have a lot of issues with the stability of Cisco Firepower.

I've been using Cisco firewalls for 20 years.

We have a lot of issues with the stability of Cisco Firepower.

It depends on the model. We are hitting some issues with scalability. It's getting very expensive to scale out.

They sometimes take too long and don't fix the issue quickly, but eventually, it is fixed. I'd rate their support a nine out of ten.

Positive

We have been using different Cisco firewalls for a long time. We are currently using Cisco Firepower and Cisco ASA. Cisco Firepower is better than Cisco ASA, but stability is an issue.

It's now easier than before. You can have virtual appliances.

We mostly have it on-prem, but some customers want on-prem virtual.

We considered using a different solution such as Check Point or Huawei. We chose to stay with Cisco because we're experienced with Cisco and because of the support.

The old versions or models saved us time, but the newer ones take our time. Overall, I'd rate Cisco Secure Firewall an eight out of ten.

The primary use case is as one-layer protection of our OT network. The way we're set up is that we have our OT network behind the commercial network, and we do dual firewalls. We've Cisco firewalls on the commercial network side and a different vendor and a different management group on the OT network side.

It's a good solution. It's in some ways a reactive solution where we have it sitting in a whitelist mode rather than a blacklist mode. So, we are blocking everything and permitting specific things, and it seems to work fairly well for us.

It hasn't necessarily freed up the time, but it has helped in securing the infrastructure and the OT network behind it. The intent of this particular solution is not time-saving. It's not a cost solution. It's meant to isolate and control access to and from a specific set of infrastructure.

It allows us to get access. We're seeing more and more that business systems like SAP are looking to get access to OT systems, and this is how our systems get that.

It's protecting the organization against the impact of cyber threats and cybersecurity. We run manufacturing plants that have hazardous material, and we don't want that manufacturing process to be impacted by break-in exposure, cyber threats, or any other similar thing.

We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls.

We've been using Cisco firewalls for 10 years or more.

It has been a very stable solution. If you keep it up to date and do sensible management on it, it's a very stable solution.

So far, in this use case, it has met our scalability requirements in terms of traffic and management.

We have an excellent account team, and they go to bat for us inside of Cisco. We also have access to TAC and things like Smart Net, and all that seems to go very well. It's a good team. I'd rate them a nine out of ten.

Positive

We weren't using anything similar in this particular use case. We chose Cisco because they originally came on the recommendation of our networking partner. They came in with a strong recommendation from a strong partner.

I wasn't involved in its deployment. That was before I started working in this space.

In this specific use case, the biggest return on investment is that we do not have incidents, and this ultimately, in some of our factories, ends up being a health and human-safety use case.

We've gone to all smart licensing, so that works well. 

Understand what you're trying to protect and what you're trying to protect it from, and then also understand how the solution is managed.

I'd rate Cisco Secure Firewall a nine out of ten.

We have consulting engineers at the backend. We have our own SOC. We leverage Cisco solutions, and we add our services on top of them.

We also sell FTDs and Cisco firewalls ranging from the old models to the new models. We have Firepower from series 1000 to 4000.

A client of ours has a campus network. They're running all of their offices, branches, and multiple sites. They are managing all of their traffic through one point, and that point is secured.

It integrates with various Cisco security portfolios and products, and there is an easy and seamless integration for building a complete security framework for our customers.

It's a great intelligent platform where we can pull all the security insights.

The technology is evolving, and it's no more a stateful firewall, which is only for blocking certain ports. A lot of features, such as anti-malware protection and URL filtering, have been integrated into the firewall and extended to the network. 

We see a lot of vendors in the market with a lot of niche products. I understand that it's difficult to cover everything, but making it more open for integration with other vendors would be a value add for Cisco. Usually, the case I see with my customers is that they always have a multi-vendor setup for security. They have many products. When they have multiple products, each product does something very specific standalone, but there is always a challenge in how to correlate all these solutions or make them as one framework for securing the network.

Their support is perfect. When I used to be an engineer, Cisco's tech support was such a great help. Everything is well-defined in terms of services and SLAs as compared to other vendors. Cisco is doing a great job across all portfolios. This is what makes Cisco stand out as a vendor as compared to the rest. I'd rate their support a nine out of ten.

Positive

We had another product previously. All the vendors are doing a great job in security, but Cisco has such a big portfolio, and as a reseller, it's easy for us to be a one-stop shop for the customer covering wired and wireless networks, endpoint security, and so on. That's the main advantage of Cisco nowadays.

These firewalls are deployed on-premises. We offer all the latest versions. We always advise customers to be updated with the latest technology. That's the aim of our business, but I have not been a part of the deployment.

My role is mainly technical, but on the business side, there would be an ROI in terms of seeing the clients happy.

Our clients are happy. They always get an update about the roadmap and the features that Cisco is releasing down the road. Cisco is always ahead of others not only in terms of security but also in terms of portfolio.

Everything comes with a price. Security is something on which you cannot compromise because the loss could be massive. I see CTOs and CSOs spending a lot on that. Cisco is not really cheap, but there is great technology behind it.

The main value we add as Cisco resellers is our consulting services. We have consulting engineers on the backend and we have our own SOC. We leverage Cisco, and on top of that, we add our services, which makes it a great collaboration between every successful system integrator, reseller, and vendor.

I'd advise asking for a demo and getting involved or engaged with the product to see its value. Don't just read about it.

Overall, I'd rate Cisco Secure Firewall a nine out of ten.

We use Cisco Secure Firewall in our own company for site-to-site VPN to access our customers and provide remote support.

We sell the solution to our customers as well. They use the ASA or FMC for dedicated networking, for example, the process network. That is, they dedicate the process network or ASA to the user network.

As a Cisco Secure reseller, I add value with my professional background, for example, in Cisco TAC, to my customers. We choose to sell Cisco Secure Firewall because of our partner status with Cisco.

The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic.

It also secures the internal network to allow specific client traffic or machine traffic.

Cisco Secure Firewall helped reduce our clients' meantime to repair by 40%. This is because they can easily segment the network. It's easy to troubleshoot because of micro-segmentation.

Cisco Secure Firewall should be easier to handle. It uses ASDM, which is not easy to understand. It would be better if there was direct access via HTTPS.

I have used this solution for around five years, but my company has been using it for 30 years.

Cisco's technical support for security is good. The support staff are professional and know what to do. I would give them an eight out of ten.

Positive

The deployment of the firewall is more difficult if you want to use all of the features. However, if you're using it only as a VPN, then it's a little bit easier to deploy.

Compared to Cisco Secure Firewall, other firewall solutions are easier to handle because they do not use ASDM. They have direct access via web browsers.

If you're considering Cisco Secure Firewall, take a look at what you want to use the firewall for and what kind of handling you prefer. If you prefer easy handling via browsers, then you may need to use another solution because ASDM is no longer the state of the art.

Overall, I would rate Cisco Secure Firewall at seven on a scale from one to ten.

The I add as a reseller is the professional background.

Our customers for the most part use this solution in data centers. 

The feature my customers find the most valuable is the exportability. They also appreciate that the IPS features are easily migrated from Cisco SA to FTDs. 

We have seen some bugs come up with Cisco Secure Firewall in terms of high availability. The solution should be improved to avoid these bugs. 

We have been using Cisco Secure Firewall for almost a decade. 

Cisco's support is much better than other vendors' support. In my opinion, this is a big advantage for Cisco. The support Cisco offers is upper-level. 

Positive

We previously sold Fortinet devices. However, many of our clients switched over to Cisco because of the price as they are quite cheap. 

We are in the middle of a migration plan to Cisco right now in our company. I am not directly involved. We are working with a Cisco partner but I have been communicating our needs to them. However, I believe the migration process will be smooth for our company. It is crucial to have a solid migration plan in place because we are a core data center, so we have to be careful. 

We are deploying with the help of a partner. 

We do see a lot of ROI from Cisco Secure Firewall. We are in the process of migrating a lot of end-of-support devices with some new ones and the return on investment is there.

Price is a big selling point for Cisco Secure Firewall. They are quite affordable and many clients chose them precisely for this reason. 

This solution helped my clients save money and time. My clients save 50% on time thanks to automation and processing brought on by this solution. 

I have only good things to say about Cisco Talos. It has been quite helpful to our customers.

Our primary use case for Cisco Secure Firewall is protection in our OT network. We have our OT network behind the commercial network and we do dual firewalls. The Cisco Secure Firewall is on the commercial network side and a different vendor and management group are on the OT network side.

Cisco Secure Firewall has not necessarily improved our organization as much as it has protected it against the impact of cyber threats. Our organization runs manufacturing plants that have hazardous material and we don't want that manufacturing process to be impacted by break-in exposure and cyber threats.

Cisco Secure Firewall is a good solution. In some ways, it is a reactive solution and we have it sitting in a whitelist mode rather than a blacklist mode. It seems to work fairly well for us.

It would be better if we could manage all of our firewalls as a set rather than individually. I would like to see a single pane of glass type of option. We also use another vendor's firewalls and they have a centralized management infrastructure that we have implemented. This infrastructure is a bit easier to manage.

We have used Cisco Secure Firewall for probably 10 years.

Cisco Secure Firewall has been a very stable solution for us. In general, if you keep it up to date and do sensible management on it, it will be a very stable solution.

Cisco Secure Firewall has met our scalability requirements as far as traffic and management goes.

We have an excellent account team and they go to bat for us inside of Cisco. We have access to TAC and Smart Net and that all seems to be working out very well. Cisco has a good team in place.

We did not previously use a different solution for this particular use case. 

I was not involved in the initial deployment of the solution. 

In this specific use case, the biggest return on investment is that we do not have incidents. This ultimately – in some of our factories – ends up being a health and human-safety use case.

We have all smart licensing and that works well. 

We ultimately chose Cisco Secure Firewall because it came with a strong recommendation from one of our strong partners.

My advice to those evaluating the solution right now is this: understand what you're trying to protect and what you're trying to protect it from. Also, understand how the solution is managed.

Cisco Secure Firewall has not necessarily freed up our staff's time as much as it has secured the infrastructure and the OT network behind it. Cisco Secure Firewall was not built as a time-saver. It is not a cost solution. It is a solution meant to isolate and control access to and from a specific set of infrastructure.

Cisco Secure Firewall has not helped us consolidate tools and applications. It allows us to get access. What we're seeing more and more of is business systems like SAP looking to get access to OT systems and this is how our systems get that way.

Cisco Secure Firewall requires the sort of maintenance that any software product would: updates, asset management, etc. Worldwide, we probably have 30 to 40 people managing the solution on the OT side on the various sites and then probably 10 to 15 people on our account team with our outside partner.

This is an SSL that can decrypt and encrypt SSL traffic. 

The ability to encrypt and decrypt is great.

The dashboards are excellent.

We really like the reporting aspect of the product. 

It is stable. 

We found the initial setup to be easy.

Maybe the dashboard could be a bit better. There are some reports where we don't get it. We need a deep dive into a particular URL, however, it provides the URL and the IP address, and there is no more information that can show more details. Basically, the report models can be improved.

With their console, we have to build a separate VM. In some of the products, the management console comes along with the box itself. It'll be one solution to take the backup and keep it. Even if you want to build a DR, it'll be easy. However, the challenge we had is if that VM is down, my team may not able to access the Firepower remotely. Therefore, the management console itself should be built within the Firepower box itself, rather than expecting it to be built in a separate VM.

I've been using the solution for more than four years. 

We have not, as of now (touch wood) faced any issues. It's stable, and we don't face any performance issues as well. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.

At this moment, we have not thought through scaling. The model which we use is less than 60%. What I heard from them is you can cascade it to another box, and scaling can be done.

We have between 400 to 450 concurrent users on a daily basis accessing this box. Overall, we have 2,000 devices that could be easily communicated via Firepower.

Technical support is good. We've found it to be quite good in general. 

Positive

The initial setup is great. It's very easy and quite straightforward. If you understand the process, it is very easy. I'd rate it a 4.5 out of five in terms of ease of implementation. 

I don't manage licensing. I can't speak to the actual cost of the product. 

We're a customer and end-user.

I'd recommend the solution to organizations that have around 1,500 people that need to access the solution. 

I would rate the solution a nine out of ten.