Cisco Secure Firewall Reviews

I'm the group information technology manager and we are customers of Cisco. 

The best feature for me is the VPN and I also like the firewall. 

In terms of improvement, we'd like to see a good graphical user interface. I'd also like to see the initial setup simplified. In comparison, if I were to implement the Fortigate firewall from scratch, it's a fairly simple set up. That is not the case with the ASA firewall, where you really need to have the skill and know what you're doing.

I've been using this solution for 18 years. 

The solution is stable, we haven't had any issues. If we need something, we go to a consultant. In terms of product stability, it works very well.

We haven't made any changes since implementing and we haven't tried scaling.  

We get our support from the resellers, not from Cisco. 

For those who have the technical know-how with Cisco products, I would recommend going with the ASA firewall, but if you're new to the field and running a smaller business, deployment will be complicated. 

I would rate this solution a nine out of 10. 

I am a pre-sales engineer, and I do comparisons based on my customer's requests.

The most valuable features of this solution are the integrations and IPS throughput.

The price and SD-WAN capabilities are the areas that need improvement.

In the next release, I would like to see more of the FortiGate features added. FortiGate is compatible with Cisco ACI, but I can't see Firepower with Security Fabric. For example, if I had Fortinet activated, could I integrate with it?

I have familiar with the Next Generation firewalls for two years, and six years with firewalls in general.

It's a stable product.

It's scalable indeed.

Our clients are SMB Enterprise.

It's just a fact, nothing is better than Cisco technical support.

Previously, I was working with Fortinet. I would most likely recommend Fortinet, because of the price and the security fabric integration with other products. It's scalable as well, and all of the FortiGate features are useful.

It's very easy to implement and it's very easy to administrate.

The initial setup was straightforward. With other vendors, it is easier, but it was straightforward.

This product is expensive.

I would rate this solution an eight out of ten.

The number one use for this product is security.

The management of the application can be improved with enhancements to the user interface.

I would like the ability to drill down into certain reports because currently, that cannot be done. In fact, this is one of the reasons that we want to move away from Cisco. Better reporting tools would be an improvement.

We have been using Cisco ASA for approximately seven years.

This product is pretty stable.

Our current model is reaching its end of life, so it's not very scalable at the moment. We don't plan to increase usage.

It is currently providing protection for about 30 users.

The technical support is with our solution provider. I would say that it's average, rather than very good.

The initial setup is complex. I would say that it took a maximum of a week to deploy.

We had a service provider who took care of the installation for us.

This is an expensive product. We pay about €2,000 ($2,400 USD) per year for licensing. 

Technical support is in addition to the standard licensing fees.

At this point, Cisco ASA is not a product that I recommend. My advice is that people should look at other solutions because there are other products available on the market that are just as good, if not even better.

I would rate this solution a seven out of ten.

We are a service provider and we work on a variety of different projects for many customers. We do not use this product ourselves. Rather, we deploy it for different customers.

The primary use case is to protect the organization from unauthorized use.

The most valuable feature is the access control list (ACL).

Report generation is an area that should be improved.

I have been working with this product for two years.

This firewall is quite stable and we use it on a daily basis.

The scalability is good.

I have not worked with equipment from OEMs other than Cisco. It's the only vendor I use.

The initial setup is straightforward. The length of time for deployment depends on whether it is the entire setup or just the basic installation.

I deployed this product myself.

This is a product that I can recommend for an internal firewall. It's good enough.

I would rate this solution a seven out of ten.

We primarily use the solution for basic firewall configurations such as NAT, FORWARD PORT and Block TCP-UDP Port.

My company is very small just built last year, i now am using cisco asa 5510 for NAT and Port Forward and limit users access directly from internet only via Remote-VPN.

The ability to block threats is its most valuable aspect.

Most clients in Laos use the basic setup, which works quite well. It ensures that nothing can get onto the local network.

It's pretty reliable and allows for isolation capabilities within the network.

The ADSM is very good.

I like that I can use the command line. I use a lot of Cisco and often work with this. If you are comfortable with the command line, it's quite good.

The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use.

Cisco does not have a lot of web management. We have to use ASTM server management to make up for it.

I've been using the solution, give or take, for around five years at this point.

When we need assistance from technical support, we typically deal with the team in China. They've been very good. Whenever I have a problem, they can resolve it. They are knowledgeable and responsive. We're satisfied with the level of support we get.

We typically offer clients a few different solutions. For example, we may recommend Fortinet.

For a new user, the initial setup may be a bit difficult. For me, since I am comfortable with Cisco, it's pretty straightforward. A new connection has its own complexities. It may be a different thing on Java SDK. There may be some programs that may not be able to access it.

In Laos, clients don't have much wiggle room when it comes to cost. The economy right now isn't very good. Most just choose the basic solution in order to avoid pricey licensing fees.

subscription payment  

We're just customers. We use it in our office and suggest it to clients. However, we don't have a business relationship with Cisco.

We try to adhere to our client's needs, and therefore, if they specify hardware they want to use, like Fortinet, we tend to accommodate them.

That said, if they ask my opinion, I usually recommend Cisco ASA.

I know a lot about the product and I'm good at controlling everything. I have a lot of knowledge and understanding after working with it so closely. That's why I tend to favor it when my customers ask for advice.

Overall, I would rate the solution seven out of ten. If the user interface were a bit better, I'd rate it higher.

We are a solution provider and Cisco NGFW is one of the products that we implement for our clients. My clients use it for internet access within the enterprise.

I like the firewall features, Snort, and the Intrusion Prevention System (IPS). 

This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI). Cisco's FTD devices don't support the command-line interface and can only be configured using FMC.

We have been using this product for the past four years.

This is a stable product and we plan to continue implementing it for clients in the future.

Cisco NGFW is a scalable firewall. My client has more than 100 users.

We have support from Cisco's TAC, the Technical Assistance Center, and they support this product well. We haven't had any issues with them.

Prior to the Next Generation firewall, my clients were using Cisco ASA for more than 10 years.

The initial setup is easy, with the installation and configuration taking about two hours.

I did the deployment myself.

This product requires licenses for advanced features including Snort, IPS, and malware detection.

In summary, this is a good product and I recommend it.

I would rate this solution a ten out of ten.

I am a consultant and when clients ask for white papers or studies, I do the research. At that point, they do whatever change processes they have; I give them all of the numbers and other relevant data, but that's the extent of what we do in my organization.

They are just using it as a stateful packet inspection firewall, traditional firewalling.

At this point, my client is looking for their next solution so something may not be working.

The most valuable features for my client are the ASDM and monitoring.

They have familiarity with the Cisco CLI.

Cisco ASA is not a next-generation firewall product.

My client has been using the Cisco ASA solution for approximately five years.

They've been using it for five years and my assumption is that it's been good for what they needed it t do. However, they were consulting to move forward with something different.

The scalability is very limited because as a traditional firewall, it's a step behind. As far as the scale goes, my assumption is that you just buy a bigger model.

I was not consulting with this client when they implemented the Cisco ASA.

This is a hardware-based device, versus a virtual one, so it's maxed out.

My assumption is that it's a typical HA, basic setup.

My client is looking for a next-generation firewall solution to replace the Cisco ASA.

What they need is a step up from what they already have that includes application-controlled firewall rules, as well as other features that ASA doesn't currently have.

My suggestion for anybody who is looking at Cisco ASA is to work with the vendor, as they have newer products.

I would rate this solution a seven out of ten.

Our company sells Cisco Firewalls and the ASA is one of the products that we implement for our clients. The primary use cases are internet access, AnyConnect, and VPN.

The most valuable features are the provision of internet access, AnyConnect, and VPN capabilities. Because I primarily deal with the VPN functionality, I don't get very deep into the IPS or other capabilities.

I have worked with the new FTD models and they have more features than the ASA line.

We have been dealing with Cisco ASA since about 2002.

I am very happy with its stability and the product in general.

In our organization, we only have one in our data center that all of our people pass through. However, I've got clients that have thousands running through large Cisco firewalls.

Cisco's technical support has always been excellent. They have great support.

I have dealt with four or five others, but so far, I have the most experience with Cisco.

Recently, I worked with the new FTD 1000 or 1100 series, and they do a lot.

The complexity of the initial setup depends on the environment. Sometimes, it's brand new whereas other times, I install a replacement for an existing Cisco device or some other product.

I am in charge of installing and configuring our Cisco Firewall solutions.

I would rate this solution a ten out of ten.