Cisco Secure Firewall Reviews

Most of our use cases revolve around the basic firewall features. Our client is also leveraging on Anyconnect, which is serving the client-based VPN. Sometimes they will establish a VPN connection from one firewall with another. It's the type-for-type VPN. In terms of Cisco, typically, these are just some of the legacy features, that's what we use. In terms of a next-gen firewall, I feel that our customers would prefer to use other brands like Palo Alto, Check Point, and FortiGate.

Our clients who use this solution are typically small businesses. I think there's a Gartner chart that says that Palo Alto is actually the foreleader, followed by Check Point, then FortiGate. Cisco is not anywhere near. From a cybersecurity standpoint, they are quite weak.

They need to do an overhaul of the management console because they are still using the client-based management tool, which is quite outdated in terms of functionality and usability. The interface hasn't changed since the last generation many years back.

I have been using Cisco ASA Firewall for roughly four years.

It is extremely stable I would say — at least after you deploy it. Typically, there won't be any instability in terms of the hardware as well as the software. It can be running for many years without any issues. It's a totally different story when compared to other brands because, out-of-the-box, they offer far more features and are actually leveraged on more resources which leads to more instability.

I would say in terms of scalability, they are still the greatest family of products. Scalability means you can actually add on some processing parts to actually increase the throughput when the requirement comes up. They have a range of products for that, but this solution, it's already going out of phase, because at JSC, you can only allow up to a certain amount of upgrades that can be added on.

Support is not a requirement. In the whole industry, there are a lot of Cisco-trained personnel that we can actually seek advice from. There's not much leveraging on the Cisco support so far.

If our clients need support, we provide it. Support is not cheap. Sometimes a device will go out of warranty, but the customers are not willing to renew the support contract. Of course, there are a lot of cheaper alternatives. In Singapore, a lot of companies outsource support. Most of the time we go through third-party companies instead of Cisco directly.

For a non-Cisco guy like me, there is quite a substantial amount of learning that needs to be done to actually understand how the products are. Some brands like FortiGate, require only an hour and 15 minutes to enable the product, to facilitate the basic requirements of connecting up the traffic and adding on the firewall router. For Cisco, there are levels of challenges because it's a hardened solution that sees a lot of restrictions right out of the box.

Without really understanding how it works, then there'll be a lot of confusion regarding the traffic, etc. You'll find yourself wondering if there are any security concerns if you alter it out-of-the-box. The management console is quite outdated; usually, a lot of configuration is through Commander. We really need to understand how to articulate the Cisco Commander to perform even the most basic feature.

We handle the implementation for our customers. 

I am a sales engineer, we are mainly in charge of selling the product. In terms of support, we have a department that covers that aspect. Sometimes after implementation, we also provide maintenance support services towards the whole project and sell it as a whole bundle. As a distributor, we also sell our products, our equipment, and devices. So the support team covers that aspect.

We sell Cisco ASA Firewall as a bundle — the price is very cheap. If a customer were to go for renewal direct from Cisco, then the price would be quite high.

My main concern is the full revamp of the management console. We'd like to see a more user-friendly total revamp of how to manage the firewall rules. Also, there are a lot of additional features that need to be granular because with Cisco, at this point in time, all these features are still working in silos. A lot of integration needs to be done in general. 

Personally, I would discourage people from using Cisco. Overall, on a scale from one to ten, I would give this solution a rating of six.

I often work with financial sector companies such as banks as well as retail organizations.

The solution offers very easy configurations.

The administration of the solution is very good.

The product integrates well with other products.

The initial setup can be a bit complex for those unfamiliar with the solution.

There are better solutions in terms of border security. Palo Alto, for example, seems to be a bit more advanced. 

The cost of the solution is very high. Fortinet, as an example, has good pricing, whereas Cisco has very high costs in comparison.

We've used the solution recently. We've used it at least over the last 12 months or so.

The stability of the solution is pretty good. I don't recall having issues with this aspect of the solution.

This particular product does not have high availability and therefore scalability is limited.

You need a pretty sizable solution for a center.

We have about 300 clients using this solution, and therefore the amount of people on the solution is very high, however, I don't have the exact number of users across all clients. For solutions providers, we have IT solutions for maybe around 5,000 users.

I have experience working with technical support from Cisco. It's very easy to contact them and talk with them. There were times we worked using email, for example, for communication. We also worked with Cisco engineers in Mexico directly. We're very satisfied with the level of service so far.

We also work with Fortinet and Palo Alto, for example. As a reseller, we work with many solutions.

I did not directly implement the solution. I don't have the right type of expertise. You need to know a bit about what you are doing, otherwise, the initial setup is a bit complex.

You may need, for example, a separate management device for this kind of solution. It's quite difficult to handle if you don't have in-depth knowledge.

The cost of the solution is quite high. It's very expensive compared to other options. For example, Fortinet is much more reasonably priced.

I am working for a Cisco seller in Mexico, and we have a relationship with Cisco. We are a gold partner. We ensure that the development is of the proper sizing for our clients.  

I would rate the solution at a nine out of ten. We've had a very good experience so far. The only downside is that it's not as advanced as, for example, Palo Alto. That said, if you have the right skills to manipulate the configuration capabilities, Cisco is quite good.

We tend to use the solution as it's forced on us by corporate. Our company wants us to use it.

The solution is stable. We haven't had any issues in that sense.

The security of the hardware is excellent. Cisco is very serious in its approach to security.

We have a high level of trust in Cisco and its products.

The solution is excellent for enterprise-level networks.

The solution is difficult to use. There's more required than a typical firewall. It's different than, for example, Palo Alto and Fortinet, which we find are easier to set up. 

If the implementation was easier, it would be a lot better for us.

It would be such a great product for us if it was easier to manage.

I've been working with the solution for more than ten years. It's been a long time. It's been over a decade at this point.

The solution is quite stable. We have no problems with bugs or glitches. It doesn't crash or freeze. It's good.

We've found the solution to be scalable. A company shouldn't have any issues with expanding it if it needs to.

We have about 300 users on the solution currently. We do plan to continue to use Cisco in the future.

We use third-party technical support that's offered and we're quite satisfied with the level of attention we receive.

I have knowledge of Palo Alto and Fortinet.

While those two are easier to set up and control, nothing compares to Cisco in terms of security. They're very strong in that regard. We also find Cisco to be more stable.

However, we only use Cisco firewalls in our organization. We don't use anything else.

The implementation is not so straightforward. It's rather complex and we have a lot of trouble with it.

The implementation took us about one month.

We plan to implement an updated version next month as well.

We need three to eight people to handle the setup.

I did not handle the implementation by myself. Rather, it's done by another team including the original support from Singapore and with license support from headquarters in Japan.

However, our team does handle the implementation in-house, and we can handle the setup for clients as well.

We do need to purchase licenses. Those come from headquarters in Japan. They handle the details in terms of pricing. I'm not sure of the overall costs.

We're both a customer of Cisco and a reseller.

This month we plan to upgrade from our existing hardware.

Overall, we've been happy with the results we've gotten. I would rate the solution at a nine out of ten.

We primarily provide implementation and maintenance services to our clients.

The software itself is very simple.

The solution is easy to operate. It's not overly complex.

The command line is the same as it is on the Cisco iOS router.

The technical support is very helpful and responsive.

The solution needs to have better logging features.

Cisco needs to migrate its ASA Firewall to a management console or to a web console.

I've been working with the solution for six years at this point.

The solution is largely stable. Once we adopted Cisco services, we found that everything was pretty reliable. There aren't bugs or glitches. It doesn't crash or freeze. It's quite good.

The scalability is a problem as the solution has a low throughput.

We've been in touch with technical support and I've always found them easy to reach. They're responsive and helpful. I find their service much better than, for example, Fortinet or Palo Alto. Overall, we're satisfied with Cisco with respect to their technical support.

We have some experience working with Palo Alto and Fortinet solutions as well.

While I don't have the exact pricing of the solution, it's my understanding that Cisco is rather costly. It's not the cheapest option on the market. It's expensive. It's more costly, for example than Palo Alto.

We have a gold partnership status with Cisco, however, we are also partners with companies such as Fortinet and Palo Alto.

For a next-generation firewall, I would likely recommend Palo Alto. However, if a company had the budget, I would recommend Fortinet. That said, for a VPN gateway, I would recommend Cisco ASA.

In general, I would rate Cisco's ASA Firewall at seven out of ten.

We use Cisco ASA for traffic control.

It's a flexible solution.

The configuration is an area that needs improvement.

In the next release, I would like to see the UI include or provide web access, and more integration.

I have been using Cisco ASA Firewall for five years.

We are not using the latest version, as it is not available.

It's a stable solution and we have not had any issues.

It's a scalable product. We have approximately 2,000 users in our organization.

We have plans to continue to use it.

Technical support provides us with good service.

The initial setup was straightforward. It was easy for us because we have experience.

It was already deployed when I arrived.

We have two or three guys for deployment and maintenance.

This is a product that I would recommend to others.

I would rate Cisco ASA Firewall a nine out of ten.

The feature I have found most valuable is the IPS advanced threat detection for removing ransomware and malware.

An area of improvement for this solution is the console visualization.

I have been using this solution for two months.

The solution is stable.

The customer service/technical support is very good with this solution.

The initial setup is straightforward and it took two weeks to deploy. Currently, 5000 employees use this solution in our company.

The solution was chosen because of its price compared to other similar solutions.

I would recommend this solution to other users.

Our primary use case of Cisco ASA Firewall is to protect our environment. We are customers of Cisco and I'm a network engineer. 

The solution is simple to deploy and stable. 

Technical support could be improved, they take a long time to respond. 

I've been using this solution for 10 years. 

This is a stable solution. 

Initial setup was relatively simple, it took around six months and I deployed myself. 

I would rate this solution a nine out of 10. 

We utilize the solution for our IT security. 

To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface.

We frequently use the Bottleneck feature we purchased specialized from Cisco.

It is hard to collaborate with our filtered environment. 

If Cisco could combine the Bottleneck feature of ASA, their platform called Umbrella, and the other team they have that has similar malware protection into one, this would be perfect. 

I have been using the solution for almost three years.

The solution is stable. However, It does have some bugs, but Cisco always fixes them really quickly. Sometimes we have to restart and it would be better if the bugs could be fixed without having to reload.

The scalability is not perfect.

The support has been great and responsive. Most of their engineers are very professional and knowledgeable.

The setup is easy to do if you are familiar with these type of installs, if not then it could be difficult.

We have a perpetual license for all of our firewalls. For some of the features, we purchase them on demand. The pricing is decent but it could always be cheaper, we would be happier.

We will probably change to a higher version in the near future or migrate to a next-generation firewall which would include IPI and some other new features. This makes sense because our current firewall ends the support in several years. 

Cisco FirePower, the next-generation firewall, is much better for stability.

I have used many versions of the software over the years, versions 8.6 to 9.1 and 9.9 to 9.12.

Keep in mind before purchasing the solution, if you do need to scale the solution then ASA is probably not right for you.

I rate Cisco ASA Firewall an eight out of ten.