Sold by: Cisco Systems, Inc.
Deployed on AWS
Free Trial
Ideal for remote worker and multi-tenant environments, Secure Firewall ASA Virtual provides scalable VPN options including remote access, site-to-site, clientless, and more. Experience Cisco's industry-leading firewall to protect your cloud resources.
3.8
Overview
Experience Cisco's industry leading Layer 3 and Layer 4 firewall in a virtualized form factor to protect your cloud environment. You can now take advantage of:
High performance security:
- Dynamically scale resilient remote access to meet demand with AWS Route 53
- Leverage site-to-site VPN, clientless remote access, and remote access VPN
- Integrate with AWS Transit Gateway for scalable inter-VPC traffic
Protection for your dynamic environments:
- Ingress and egress traffic protection across your cloud environments
- Advanced inspection, including voice and video protocols
- Micro-segmentation capabilities for east-west traffic
Cloud-delivered management:
- Consistently manage policies with our cloud-delivered management solution, Cisco Defense Orchestrator (CDO)
- Increase efficiency with low-touch provisioning for faster firewall deployments
- Supports REST API, an HTTP-based interface for appliance management, security policies, status monitoring, and enables multiple cloud management solutions
For supported AWS instances, please see the data sheet.
Highlights
- Deploy remote access in as little as 20 minutes with Cisco ASAv RA-VPN on AWS Quick Start guide.
- Ideal for remote worker and multi-tenant environments that require secure, scalable, and resilient remote access options.
- Consistent policy management in the cloud with Cisco Defense Orchestrator.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 9.24.1
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5.xlarge Recommended | $0.92 |
c5a.2xlarge | $1.93 |
c3.2xlarge | $1.93 |
c6a.4xlarge | $3.12 |
m4.large | $0.35 |
c6a.2xlarge | $1.93 |
m5zn.xlarge | $0.92 |
m5.large | $0.35 |
c5n.xlarge | $0.92 |
m5n.large | $0.35 |
Vendor refund policy
The Cisco ASAv instance can be terminated at any time to stop incurring charges.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Resources
Support
Vendor support
For all support queries, only Community Support is available for this product listing. Please visit the Cisco Security - Firewalling community using the link above and include "ASA-AWS" in the title of your community discussion for the fastest response. https://supportforums.cisco.com/community/firewalling For all support queries, only Community Support is available for this product listing. Please visit the Cisco Security - Firewalling community using the link above and include "ASA-AWS" in the
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Cisco Systems, Inc.
By Juniper Networks
By Barracuda Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
VPN Connectivity Options
Supports site-to-site VPN, remote access VPN, and clientless remote access capabilities for secure connectivity
Traffic Inspection and Segmentation
Provides Layer 3 and Layer 4 firewall inspection with advanced protocol analysis including voice and video, plus micro-segmentation for east-west traffic protection
Cloud Infrastructure Integration
Integrates with AWS Transit Gateway for scalable inter-VPC traffic management and AWS Route 53 for dynamic scaling of remote access
API-Based Management
Exposes REST API HTTP-based interface for appliance management, security policy configuration, and status monitoring across multiple cloud management solutions
Cloud-Delivered Policy Management
Centralized policy management through Cisco Defense Orchestrator with low-touch provisioning for rapid firewall deployment
Intrusion Detection and Prevention
Intrusion detection and prevention (IPS) capabilities for threat detection and mitigation
Application Security and Visibility
Application visibility and control through AppSecure with L4-L7 security services
VPN and Secure Connectivity
IPsec and full mesh VPN termination services for secure connectivity across on-premises data centers, campuses, branches, and geographically dispersed VPCs
Cloud-Native Integration
Integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, and Gateway Load Balancer (GWLB) with L3 gateway and L4 load balancer capabilities
Advanced Routing and Network Services
Cloud-grade routing capabilities with NAT, firewall, and network address translation services
Software-Defined WAN (SD-WAN) Engine
Built-in SD-WAN engine combining multiple remote access and WAN optimization technologies for secure access to cloud resources across office and mobile users.
Intrusion Prevention System (IPS)
Integrated IPS engine providing real-time network protection against a broad range of network threats.
Application-Based Traffic Control
Enterprise-grade firewalling with application-aware segmentation and traffic control based on application identity, ports, and user identity.
Network Access Control
Network access control enforcement capabilities for enforcing security policies across dispersed network environments.
VPN and Secure Connectivity
VPN technologies enabling secure remote access, secure office-to-cloud connectivity, and cloud network segmentation with support for branch office direct internet schemes.
Standard contract
No
No
No
Customer reviews
reviewer2802147
Secure remote access has simplified employee and contractor VPN connectivity
Reviewed on Feb 10, 2026
Review provided by PeerSpot
What is our primary use case?
My use case for Cisco Secure Firewall is because the old solution for the VPN access for the employees and also for the external contractors was already out of date, and there was no possibility of somehow prolonging it. So we did the search for a new solution and from the auction and bidding, Cisco Secure Firewall came.
What is most valuable?
I consider the most valuable aspect of Cisco Secure Firewall to be that we are basically using it only for termination of the VPN, so that's basically the most valuable thing for us.
What needs improvement?
If I could improve Cisco Secure Firewall in any way, I have no clue, to be honest. I really don't know what to improve. It's working as it should be. Maybe it would be nice to have a better overview regarding the logging, regarding the issues a client can have with the VPN. But I can understand that because the primary feature for the firewall is not the VPN; it's the firewall, but we are not using the firewall.
There is still room to improve. There can be some things that can be better, such as some of the menu and some of the visibility. It's not chaotic, but it's not that user-friendly.
The GUI of Cisco Secure Firewall could improve, as there are better solutions in terms of how they look and how they can be navigated.
What do I think about the stability of the solution?
I find the solution reliable and stable, and I can say that there is no downtime. As I am used to Cisco products, they are stable and reliable.
What do I think about the scalability of the solution?
I think that what we bought is overkill, but whatever. Basically, it can serve up to 1,000 clients on VPN, so for us it's basically unlimited. The largest number I have seen on the dashboard was 300 users connected on the VPN.
How are customer service and support?
My experience with Cisco customer support has been nice all the time. Sometimes they can take their time, but if they are properly motivated, they can be fast.
If I had to rate their support from one to ten, with ten being best and one being worst, I would give it an eight.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I evaluated basically the new solution from Pulse Secure, which is now called Ivanti.
The reason we chose Cisco Secure Firewall was more or less politics because Ivanti didn't have the hardware, and they will not have the hardware in the foreseeable future. So we went with the only one who was able to provide it to us.
How was the initial setup?
The deployment of Cisco Secure Firewall was kind of straightforward and was not problematic.
What about the implementation team?
It took us two months, together with the migration, but the thing is that we needed to change the groups and rules and everything in the background. It was more or less up to us, not up to the platform. We needed to change things on our side.
It was internal, not the product's fault. The migration was lengthy.
What's my experience with pricing, setup cost, and licensing?
Regarding the pricing and licensing of Cisco Secure Firewall, it's not up to me.
I know that it was purchased from our partner, from the local distributor.
What other advice do I have?
On a scale of one to ten, with ten being best and one being worst, I would rate Cisco Secure Firewall overall with my past experience as nice. Because I cannot say it was good, from the point of view when I was able to look through Cisco Secure Firewall, it was nice. The FTD, the Firepower Threat Detection, is really mature, but the former ASA was a pain in the ass.
The former ASA was a pain in the ass because when someone is used to the Cisco way, the ASA was a strange thing. My overall rating for this product is 8 out of 10.
Sébastien Peeters
Configuration has been frustrating with outdated tools but secure remote access works reliably
Reviewed on Feb 10, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Cisco Secure Firewall is only as a VPN concentrator.
What is most valuable?
The only feature I find most valuable in Cisco Secure Firewall is the VPN concentrator because we use it.
The only real benefit I realize from using Cisco Secure Firewall in this use case is that it's a different vendor, so a different attack vector.
What needs improvement?
A significant drawback for Cisco Secure Firewall is the ASA software, as I have not used the Firepower software yet. The ASA software has a GUI that is extremely ugly and appears to be made in the 1980s. At 28 years old, I am not accustomed to working with something that primitive.
The update procedures do not work, and the VPN creation wizard does not work. The GUI is useless for me and frustrates me to a very high degree, which led me to switch to the CLI for configuration.
For how long have I used the solution?
I have been using Cisco Secure Firewall for three years.
What do I think about the stability of the solution?
I assess the stability and reliability of this firewall as both very good. I have had no issues with stability, as once they run, they run.
What do I think about the scalability of the solution?
Since I am not using Cisco Secure Firewall for very heavy operations such as IPS or other intensive features, it scales quite well. We have two Firepower 1150s, and we are far under the limit of what our organization needs, so it scales well with our needs.
How are customer service and support?
I have used Cisco support extensively, and I used it for this product once because during the setup there was an issue with the licensing, and I needed Cisco support to help me with the licensing for the ASA.
I am always satisfied with the level of support that I received. On a scale of 1 to 10, it is a 10 because they are reactive and effective. That is all we ask for in support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We could accomplish this with another vendor such as Palo Alto, where we would not have to pay for licensing.
How was the initial setup?
When I use the CLI, everything works quite well. I attempted to do everything with the GUI at the beginning, but nothing works. I managed to set up the HA pair with no issues once I used the CLI.
Which other solutions did I evaluate?
We are using quite a few other vendors for firewalls, and I do not think I can disclose which firewall we use where, but we use other major vendors such as Fortinet, Palo Alto, and Check Point. We have a bit of everything in our portfolio.
What other advice do I have?
If it was my choice, I would have put another firewall there with something easier to configure, more straightforward, and a cleaner interface to maintain it.
My honest advice for someone who is evaluating Cisco Secure Firewall based on my experience would be that if you can get something else, go for something else. If you are going to use it, then use the CLI because the GUI is not usable. If I had the choice, I would not be using Cisco Firepower or ASA on top of it because in my opinion and the opinion of my colleagues and my management, it is not the best device for the role it is playing.
My overall rating for Cisco Secure Firewall is 5 out of 10.
reviewer2802009
Network has been securely segmented and keeps critical train services operating without interference
Reviewed on Feb 10, 2026
Review provided by PeerSpot
What is our primary use case?
Our main use case for Cisco Secure Firewall is to have the different clients secured in their own VLAN and subnet, ensuring effective segregation of our network.
We do not have an internet connection with Cisco Secure Firewall ; basically, it is all on-premise. We have different use cases and those need to stay separated, so they do not interfere with each other.
My main usage for Cisco Secure Firewall is that I work in a train company where we are basically managing the network for the different use cases of the train. Those need to get separated, so the phone does not interfere with the cameras, for example, and we only allow the designated ports to the other.
What is most valuable?
What I appreciate most about Cisco Secure Firewall is that it has been working since we bought it without any failure, highlighting its reliability and performance.
An example of how Cisco Secure Firewall benefits my organization is that it performs its function very effectively. We use it as a router, and it works really well, ensuring our operations run smoothly.
What needs improvement?
I think the old interface could be improved, as it is not that good. Cisco Firewall Management Center is much better, but I need to get more experience with that because we do not really have any experience with it. I did not work extensively with it as we are in the migrating phase.
For how long have I used the solution?
I have been using a Cisco firewall, specifically the ASA , for ten years and now we are migrating to Cisco Secure Firewall, which represents our ongoing commitment to network security.
What do I think about the stability of the solution?
I assess the stability and reliability of Cisco Secure Firewall as performing really well. We have had one small issue, but it happened over ten years, and with the new one, we have had no issues.
What do I think about the scalability of the solution?
I believe Cisco Secure Firewall can scale and grow with the needs of my organization because we bought the biggest model, so we do not really need to scale anywhere. We roughly calculated this and it should last the next nine to ten years, so if we buy a new one, it will probably have more performance, but the next ten years are secure.
How are customer service and support?
I have used customer service for Cisco Secure Firewall. We have a partner between us and Cisco and only the extreme cases get to Cisco. Most of the time our partner, Logicalis, will solve the problem for us because they have experts, so only really problems with the software or these kinds of things get right to Cisco.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Before choosing Cisco Secure Firewall, we have a complete Cisco network, so we tried to keep the network together, completely Cisco. Therefore, there were no other solutions, as we did not use one before and we did not consider different options.
How was the initial setup?
I would describe the experience of deploying Cisco Secure Firewall as very smooth. We used the migration software which just took the complete ASA configuration and put it in Cisco Secure Firewall in Cisco Firewall Management Center, and that was it; it worked.
Alessandro Brusoni
Secure perimeter protection has supported reliable cloud integration and simple deployment
Reviewed on Feb 10, 2026
Review provided by PeerSpot
What is our primary use case?
My main use cases for Cisco Secure Firewall include serving as a perimeter firewall between the data center and users, and as the firewall between the internet and users.
How has it helped my organization?
An example of how Cisco Secure Firewall benefits my organization is that we use it with Azure , along with Azure firewall and FTD, and it works very well.
What is most valuable?
Cisco Secure Firewall is highly performant and easy to manage.
What needs improvement?
Cisco Secure Firewall handles this adequately, but a simpler licensing model would be beneficial, especially when using the firewall in the cloud, since on-premises performance is limited by the hardware being used.
For how long have I used the solution?
I have been using Cisco Secure Firewall for approximately fifteen years, starting from Cisco PIX.
What do I think about the stability of the solution?
Cisco Secure Firewall has demonstrated good reliability and stability. Although we did not invest heavily, which results in limited performance due to our license being restricted to one gigabit, that is our constraint rather than a Cisco limitation. I have not experienced any crashes or downtime with Cisco Secure Firewall, and everything has operated smoothly.
What do I think about the scalability of the solution?
Cisco Secure Firewall can scale with the growing needs of my organization.
How are customer service and support?
I have not needed to use customer service.
How would you rate customer service and support?
Negative
How was the initial setup?
Deploying Cisco Secure Firewall is very straightforward and uncomplicated, as the systems are simple to deploy and the graphic interface is user-friendly.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, setup cost, and licensing for Cisco Secure Firewall is positive.
Which other solutions did I evaluate?
Before choosing Cisco Secure Firewall, I considered some competitors, as we have other firewalls from different vendors. It is beneficial to use firewalls from different vendors because if someone can overcome one firewall, there is the other firewall for protection.
What other advice do I have?
I selected Cisco Secure Firewall because it works well in the Azure environment.
Anupama Perera
Has enabled global teams to maintain consistent security policies with strong unified threat management
Reviewed on Sep 16, 2025
Review provided by PeerSpot
What is our primary use case?
One of the biggest use cases for Cisco Secure Firewall is Public Bank; they use it in Malaysia, but we implemented it in the Sri Lankan branches.
When a global company is using Cisco Secure Firewall , they would prefer to go with the same product with the same switching and firewall, making it an umbrella solution.
What is most valuable?
I think the UTM is the best feature of Cisco Secure Firewall.
The UTM features are indeed the best.
The reason why the UTM feature of Cisco Secure Firewall is the best is because the customer is more concerned with security; for a worldwide company, they need the most security, and I think it's very suitable for the most secure companies.
The centralized management console in Cisco Secure Firewall is effective and helpful.
What needs improvement?
Most of the partners are looking for AI-driven solutions now, so if Cisco improves more on the AI part than other products, it will be very good when they are trying to capture the market.
Cisco Secure Firewall has to enhance its AI part.
Customers using Cisco Secure Firewall are looking for UTM features, and some enhancements have to be done, such as when you block applications, more applications have to be able to be blocked and categorized.
For how long have I used the solution?
I've been working with Cisco Secure Firewall for around 15 years as a partner.
What do I think about the stability of the solution?
Cisco Secure Firewall is stable, and there are no issues or challenges that my customers have faced with it.
What do I think about the scalability of the solution?
Customers use Cisco Secure Firewall both on the cloud and on-premises, and it is a scalable solution and easy to scale.
How are customer service and support?
My experience with Cisco support is good. I would rate the technical support of Cisco Secure Firewall eight out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The deployment of Cisco Secure Firewall takes one day.
What was our ROI?
Customers see a return on investment with Cisco Secure Firewall, and it is workable in terms of value for money.
Which other solutions did I evaluate?
Competitively, Checkpoint is the best, but considering pricing and everything else, Cisco Secure Firewall is also the best product.
Cisco Firewall is better in terms of cost and is cheaper; unlike other products, if the license expires, no features work, but Cisco isn't that way. Most of the time, they have perpetual licenses, so that's the best solution customers are looking for.
The threat intelligence functionalities in Cisco Secure Firewall are also good, but when considering Checkpoint and others, they have some enhanced features; there is some differentiation, but it's also good.
What other advice do I have?
They need a global, one single vendor, which is why they see value for money with Cisco Secure Firewall.
I recommend Cisco Secure Firewall because it's a global vendor.
On a scale of 1-10, I rate Cisco Secure Firewall an 8.