Sold by: Cisco Systems, Inc.
Deployed on AWS
Free Trial
Protect your dynamic cloud environments with consistent security, superior visibility, and advanced threat defense such as application visibility and control, deep packet inspection, IPS, malware defense, and URL filtering - powered by Cisco Talos® Threat Intelligence. Achieve deeper visibility into QUIC and TLS 1.3 traffic without breaking Layer 7 policies.
4.2
Overview
Cisco Secure Firewall Threat Defense Virtual delivers consistent security, deep visibility, and advanced threat defense options to help you maintain business continuity amidst unpredictable threats and change. Take advantage of capabilities such as application visibility and control, Snort 3 IPS, malware defense, URL filtering, and Cisco Talos® Threat Intelligence to protect against known and unknown threats across your environments. Maintain Layer 7 policies on encrypted QUIC and TLS 1.3 traffic with our Encrypted Visibility Engine.
Realize a payback period of 10 months over a three-year investment*.
Secure your dynamic environments consistently: Gain consistent security policy enforcement, deep packet inspection, and ingress and egress traffic protection across your cloud environments.
- Deeper visibility into QUIC and TLS 1.3 encrypted traffic without breaking Layer 7 policies
- Dynamic attribute support for AWS tags for situations where static IP addresses are not available
- Firewall clustering for highly-available threat defense
Achieve greater efficiency with unified firewall management: Cisco Secure Firewall Management Center gives you the freedom and choice to administer firewalls, correlate and prioritize threats, as well as quickly act on them in a single pane of glass.
- Reduce up to 95%* of network operation work streams by managing your firewall stack with Secure Firewall Management Center
- Management offered in a cloud-delivered, virtual, and on-premises form factors
- Supports REST API - a HTTP-based interface for management, policies, and monitoring
Accelerate response with Cisco SecureX: Every Secure Firewall includes entitlement for Cisco SecureX to accelerate threat detection and remediation.
- Speed up incident response with the new SecureX ribbon in Firewall Management Center, enabling SecOps to instantly pivot to the SecureX open platform
- Configure AWS VPCs manually or automatically from SecureX in response to events from Cisco Secure products
- Monitor your AWS accounts and workloads for malicious activity by integrating with Amazon GuardDuty
Introduce AWS services for added benefits:
- Combine with Amazon Gateway Load Balancer to dynamically insert scalable security into your AWS environment and reduce complexity
- Leverage Amazon Route 53 for remote access VPN
- Integrate with AWS Transit Gateway for scalable inter-VPC traffic
For supported AWS instances, please see the data sheet. To get started, see our Getting Started Guide.
*Forrester Total Economic Impact of Cisco Secure Firewall, 2022. <www.cisco.com/go/firewallTEI >
Highlights
- An AWS Security Competency approved solution providing real-time, unified, network security to protect your most critical infrastructure and data across dynamic environments.
- Delivers the most advanced threat defense options with Snort 3 IPS, visibility into encrypted QUIC and TLS 1.3 traffic, malware defense, URL filtering, deep packet inspection, and application visibility and control.
- Cisco Talos® Threat Intelligence is included, protecting against known and unknown threats from one of the world's largest commercial threat intelligence teams.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 7.4.7-50
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5.xlarge Recommended | $1.00 |
c4.xlarge | $1.00 |
c6in.4xlarge | $3.50 |
c3.xlarge | $1.00 |
c5a.xlarge | $1.00 |
c5n.2xlarge | $1.80 |
c6a.xlarge | $1.00 |
m5zn.2xlarge | $1.80 |
c5n.4xlarge | $3.50 |
m5n.xlarge | $1.00 |
Vendor refund policy
The Cisco NGFWv instance can be terminated at any time to stop incurring charges.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Resources
Support
Vendor support
For Community Support, please visit the Cisco Security Firepower community using the link below and include NGFWv-AWS in the title of your discussion for the fastest response. The below listed partners can also sell support contracts. https://supportforums.cisco.com/community/12249536/firepower-firesight-system http://WWW.TRACE3.COM http://WWW.SHI.COM http://WWW.SYCOMP.COM http://WWW.COMPUTACENTER.COM (EMEAR) http://WWW.VELOCIS.IN (APJ)
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Cisco Systems, Inc.
By Juniper Networks
By Barracuda Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Intrusion Prevention System
Snort 3 IPS engine for detecting and preventing network-based attacks and intrusions
Encrypted Traffic Visibility
Encrypted Visibility Engine providing Layer 7 policy enforcement and deep visibility into QUIC and TLS 1.3 encrypted traffic without decryption
Threat Intelligence Integration
Cisco Talos Threat Intelligence integration for protection against known and unknown threats
Deep Packet Inspection
Deep packet inspection capability combined with application visibility and control for comprehensive traffic analysis
Firewall Clustering
Firewall clustering support for high availability and distributed threat defense across cloud environments
Intrusion Detection and Prevention
Intrusion detection and prevention (IPS) capabilities for threat detection and mitigation
Application Security and Visibility
Application visibility and control through AppSecure with L4-L7 security services
VPN and Secure Connectivity
IPsec and full mesh VPN termination services for secure connectivity across on-premises data centers, campuses, branches, and geographically dispersed VPCs
Cloud-Native Integration
Integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, and Gateway Load Balancer (GWLB) with L3 gateway and L4 load balancer capabilities
Advanced Routing and Network Services
Cloud-grade routing capabilities with NAT, firewall, and network address translation services
Software-Defined WAN (SD-WAN) Engine
Built-in SD-WAN engine combining multiple remote access and WAN optimization technologies for secure access to cloud resources across office and mobile users.
Intrusion Prevention System (IPS)
Integrated IPS engine providing real-time network protection against a broad range of network threats.
Application-Based Traffic Control
Enterprise-grade firewalling with application-aware segmentation and traffic control based on application identity, ports, and user identity.
Network Access Control
Network access control enforcement capabilities for enforcing security policies across dispersed network environments.
VPN and Secure Connectivity
VPN technologies enabling secure remote access, secure office-to-cloud connectivity, and cloud network segmentation with support for branch office direct internet schemes.
Standard contract
No
No
No
Customer reviews
Aanggaon Aanggaon
Firewall rules and clear GUI have strengthened corporate web protection and secure remote access
Reviewed on Apr 30, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Cisco Secure Firewall is to protect corporate internet access from malicious people.
I can provide a specific example of how I use Cisco Secure Firewall to protect my corporate internet system from malicious activity: I block malicious sites and create rules to detect them.
I also use it to provide remote access for vendors and IT support people.
What is most valuable?
The best features Cisco Secure Firewall offers in my experience are its GUI, clear definition, and process to create rules.
The GUI is clear and I am able to follow the description of processes such as backup, creation of rules, and other management processes.
This has helped my team feel more confident that we are protected from malicious intruders, and I have noticed specific positive outcomes and changes since using Cisco Secure Firewall.
What needs improvement?
I believe Cisco Secure Firewall can be improved, particularly regarding the specifications such as the memory that is used on entry-level firewalls, because sometimes when doing an upgrade or changing configuration, issues arise.
On the performance side, I notice that the upgrade to a different version is slow, so hopefully improved CPU and RAM will help performance.
For how long have I used the solution?
I have been using Cisco Secure Firewall for three years.
What do I think about the stability of the solution?
Cisco Secure Firewall is stable in my experience.
The hardware is working and we have not encountered the firewall failing because of a firmware upgrade.
What do I think about the scalability of the solution?
We have not needed the scalability feature of Cisco Secure Firewall as of now.
How are customer service and support?
I have not needed to reach out to Cisco support for any issues.
Which solution did I use previously and why did I switch?
I have not switched from another vendor or used another firewall vendor prior to Cisco.
Which other solutions did I evaluate?
Before choosing Cisco Secure Firewall, we did not evaluate other options.
What other advice do I have?
I would advise others looking into using Cisco Secure Firewall that it is easy to use and manage, easy to create rules, and upgrade the firmware, and it is reliable; I have not encountered any failure on my Cisco firewall so far. I rate this product an 8 out of 10.
Dimitar Angelov
Rebuilt complex global security has exposed licensing hurdles yet still delivers solid protection
Reviewed on Apr 29, 2026
Review from a verified AWS customer
What is our primary use case?
I have mainly worked with Cisco Firewall, specifically FTD and FMC, controlling the Firewall Threat Defenses from FMC, using Talos and Cisco ISE for approximately two and a half to three years. I completed a comprehensive re-architecture and added different vendors for a company called Gaming Laboratories International, where I extensively used their products.
For a span of two years, I extensively used Cisco products, ranging from switching and routers to firewall solutions for Gaming Laboratories International. For the last year, I have mainly worked with Palo Alto and Cato products, transitioning toward SD-WAN and SASE solutions.
At Gaming Laboratories International, I inherited a poorly designed network architecture and completely re-architected the network using Cisco Secure Firewall FTD and FMC across 45 different offices around the globe, spanning 435 jurisdictions at that time. My team and I used Cisco Secure Firewall as our internal firewall, securing the internal perimeter and protecting our DMZ from the inside. On the outside, we implemented Palo Alto because Cisco Secure Firewall could not handle the capabilities we required, such as application identification, which Palo Alto truly excels at.
What is most valuable?
Cisco Secure Firewall is quite scalable, and I have found it relatively easy to set up high availability using their proprietary protocol HSRP. I have truly enjoyed the flexibility, though their proprietary cables can be prohibitively expensive compared to standard options available from other vendors.
The benefit of Cisco Secure Firewall lies in keeping it to the basics through hardware, which costs a bit more, but the real problem emerges when integrating other platforms and their licensing, which is quite expensive. When calculating the total costs, including ISE, DNA Center , and hardware maintenance, it becomes exorbitant for medium-sized enterprises. It may work for large enterprises already entrenched in Cisco products.
What needs improvement?
The biggest inefficiency with Cisco Secure Firewall, to be honest, is the licensing—too many licenses for too many different products. There is not a single platform, which is essential nowadays. Cisco Secure Firewall is a bit of a colossus where they add weight on top of it, and I believe it amounts to simply placing products next to each other, which is not a very good solution from the perspective of a network security engineer.
There are many features I would personally remove, amend, or create differently from an engineering perspective. The Frankenstein architecture needs to stop and focus on AI. Nowadays, with different products, it is essential to have a single platform for better data and line application control. Everything about AI is to control application usage and how users interact with your systems.
The process with FMC is quite a hurdle, and attempting to integrate it with DNA Center or ISE turns into a nightmare. There is a stark contrast with Palo Alto and Prisma—everything just flows.
When setting up Cisco Secure Firewall, I encounter significant challenges, especially with on-premise Next-Generation Firewalls . There is lacking clarity in documentation, particularly when changing internet service providers or external IP addresses. This lack of guidance often leads to being locked out or corrupting files within the Next-Generation Firewall, resulting in wasted time troubleshooting.
For how long have I used the solution?
I worked with Cisco Secure Firewall more than a year ago, exactly eleven months, to be precise.
What do I think about the stability of the solution?
I am really happy with the performance and capabilities of Cisco Secure Firewall to manage heavy workloads. Although it performs well, integrating the software with existing systems often creates complications.
What do I think about the scalability of the solution?
Cisco Secure Firewall is quite scalable, and I have found it relatively easy to set up high availability using their proprietary protocol HSRP.
How are customer service and support?
Cisco's customer service and technical support respond in a timely manner, which is good. However, they do not always come up with effective solutions. Many times, I need to dig deep to find solutions due to the complexity of the environments where I work, especially in game development.
I would rate Cisco technical support as a seven. They deserve a six or seven for their efforts, but I feel sympathy for them given the challenging circumstances they work under.
Which solution did I use previously and why did I switch?
At the moment, I do not use Cisco Secure Firewall at all. For the last eleven months, I have been working solely with Palo Alto Next-Generation Firewall, Prisma Access , and Cato. I am primarily integrating Cato for companies, and I have witnessed its rise over Cisco Secure Firewall because of its simplicity, ease of management, and deployment cost and time efficiency.
How was the initial setup?
When setting up Cisco Secure Firewall, I encounter significant challenges, especially with on-premise Next-Generation Firewalls . There is lacking clarity in documentation, particularly when changing internet service providers or external IP addresses.
What other advice do I have?
For high traffic rates and heavy CPU consumption, Cisco Secure Firewall could fit well. However, security can lead to lock-out situations, so those considering Cisco Secure Firewall should thoroughly assess their needs. SASE solutions are dominating the market; I primarily work with Cato, which finds traction in eight out of ten meetings I have with customers, with Palo Alto depending on the desired security posture.
I suggested in the design, and that was approved to be moved internally because Palo Alto had better capabilities to handle security concerns. Cisco Secure Firewall overly relies on administrators to do the heavy lifting to connect those platforms with open-source or third-party solutions. Licensing is a recurring issue—it would be much easier if there were a package, but that is not the case.
When we do not talk about money, time has become the critical factor where Cato massively outperforms Cisco Secure Firewall. I would rate this review a five point five overall.
Mohamed Fouad
Strong intrusion prevention has secured our data center and supports flexible firewall deployment
Reviewed on Mar 16, 2026
Review provided by PeerSpot
What is our primary use case?
We have two deployment models for the use case: one is a perimeter firewall and one is a data center firewall. If you have a perimeter, you will position Cisco Secure Firewall as a perimeter firewall; it fits more in data as a data center firewall because in a data center firewall, you are inspecting incoming traffic and you need a very good IPS, so Cisco Secure Firewall is very effective as a data center firewall.
What is most valuable?
The best feature in Cisco Secure Firewall is the stability; we have a stable product with no lagging or crashing, unlike others. Additionally, the IPS is the next-generation IPS from Cisco, which has many features and many signatures with updated signatures for my IPS.
I switched to Cisco Secure Firewall to get very good IPS signatures and next-generation IPS; that is a market leader from Cisco.
The stability is very good. I do not experience any downtime, crashes, or performance issues; that is the best feature from Cisco Secure Firewall.
What needs improvement?
Most of the time, Cisco provides features on some versions and the updated versions will move them; for example, we can do firewall policies based on users, which is from Active Directory. It should be from Cisco ISE , so it is a very bad drawback from Cisco Secure Firewall. Not all customers have Cisco ISE , and we need to integrate to make a policy on users, not just by IP, but with users also. We had integration before with LDAP and Active Directory, but on some versions, Cisco requires us to do it through Cisco ISE.
For how long have I used the solution?
I have five years of experience with Cisco Secure Firewall overall.
What do I think about the stability of the solution?
The stability is very good. I do not experience any downtime, crashes, or performance issues; that is the best feature from Cisco Secure Firewall.
What do I think about the scalability of the solution?
Cisco Secure Firewall is providing scalability. I rate the scalability as a number 10.
How are customer service and support?
I rate the technical support a number 10.
Which solution did I use previously and why did I switch?
Compared to Fortinet, we have a complex configuration, but we still have a stable product rather than Fortinet's product.
How was the initial setup?
Cisco Secure Firewall requires maintenance. Maintaining it is slightly complex; it is not easy or very easy.
What about the implementation team?
I am a customer. It was purchased through a partner. I was satisfied with my experience with the partner.
What was our ROI?
I have seen a return on investment of 50.
What's my experience with pricing, setup cost, and licensing?
The pricing for Cisco Secure Firewall is very good, and we got many discounts from them.
What other advice do I have?
Cisco Secure Firewall is deployed on-premises. We have a team of four users using the solution. I rate this review a 10.
reviewer2801904
Secure access has improved and firewall management provides stronger protection
Reviewed on Mar 10, 2026
Review provided by PeerSpot
What is our primary use case?
I use Cisco Secure Firewall essentially as a firewall and for a secure access VPN solution. I need Cisco Secure Firewall to fulfill that role; I need it for secure access, and it performs the firewalling I need it to do in the network segment where it is located.
What is most valuable?
I have seen a return on investment with Cisco Secure Firewall. Generally, where it sits in my network, there are other vendors as well, but Cisco Secure Firewall is a better product and easier to manage than those alternatives. It does more of the features that I want it to do to be more secure, and I will move the other vendors into Cisco Secure Firewall.
What needs improvement?
The biggest challenge I have with Cisco Secure Firewall is that I often need to look in a few places to find what I want to do or I find myself searching for where a particular feature is located. I know what I want to accomplish, but I cannot always find it easily; it takes some time looking around. Because I do not use Cisco Secure Firewall as heavily as other vendors, I find it a little harder to navigate, though I would caveat that with the possibility that with more use, it would become easier for me to navigate and accomplish what I want to do. I am not sure how I would specifically improve that aspect, but it is probably the biggest day-to-day challenge I have with it.
For how long have I used the solution?
I have been using Cisco Secure Firewall for about a year, maybe just over.
What do I think about the stability of the solution?
Stability of Cisco Secure Firewall is generally very good.
What do I think about the scalability of the solution?
In terms of scalability, because it is there for the secure access solution as well, it was right-sized when it was put in, so I have not had any scalability challenges for what I do. My organization is fairly static in terms of scale, so users and that type of thing do not scale up and down quickly; it is more slow-moving in that regard.
How are customer service and support?
I have not done a whole lot of customer support with Cisco Secure Firewall.
Which solution did I use previously and why did I switch?
Before Cisco Secure Firewall, I used Juniper as a vendor; I have used them with other vendors as well, but where I am using Cisco Secure Firewall, they are sort of a direct competitor with Juniper.
How was the initial setup?
It took a couple of months to deploy Cisco Secure Firewall; that was the same for secure access, as it was all part of the same rollout. What took those months to deploy was probably more internal change controls; it is just slower moving, as I have done a lot of testing deployments in lab environments, so it is less of a technology issue and more of the constraints of where I work that slow it down.
What about the implementation team?
I did not implement Cisco Secure Firewall personally, but I was there for the implementation.
What was our ROI?
I have seen a return on investment with Cisco Secure Firewall. Generally, where it sits in my network, there are other vendors as well, but Cisco Secure Firewall is a better product and easier to manage than those alternatives. It does more of the features that I want it to do to be more secure, and I will move the other vendors into Cisco Secure Firewall.
What other advice do I have?
Integration with other systems is fairly slow-moving and static in that way. I would rate this review an 8.
FataiAkinwande
Centralized security management has protected global branches and simplified daily operations
Reviewed on Mar 04, 2026
Review provided by PeerSpot
What is our primary use case?
In terms of security, Cisco Secure Firewall is very reliable, especially when clients are up to date and run their security updates regularly. It is one of the greatest solutions for security in terms of networking. It is very easy to use, aside from being somewhat costly compared to other firewalling solutions. Cisco has been in existence for a while compared to other firewalling devices, which makes it more expensive. It is very easy to use, especially when you have hands-on experience with any of Cisco's devices before. You do not even need to probably take higher professional courses before you can manage it, especially if you can learn easily. For me, I learn quickly and I approach anything with the understanding that nothing is impossible, though it might take some time.
Because we have a centralized solution that manages all of our Cisco Secure Firewall and Cisco devices within the network, and IHS spreads across more than 10 countries, all of which communicate together using the same devices, we can push policies centrally from the central management system to all the Cisco Secure Firewall devices and the policies take effect immediately.
What is most valuable?
We have been using Cisco Secure Firewall since 2015, which is when I joined IHS. Currently, I cannot remember the exact name because it has been a while since I logged into that environment, and I have already resigned from IHS to work as a consultant. We are using Cisco AnyConnect for our VPN, to be precise. We majorly use the VPN because all of our clients are on VPN, so whenever they want to connect to any of the resources from outside the network, they connect through the VPN.
The major improvement so far is that everything has moved from a black screen interface to a GUI that you can easily use. It is not necessary to do everything on a black screen. Aside from the price constraint, I do not really see much in terms of the disadvantages of this product. Although everything has advantages and disadvantages, the major disadvantage is the cost, which is why many people in the industry are moving to products like Check Point or Sophos because they are cheaper compared to Cisco Secure Firewall.
What needs improvement?
The major improvement needed is the GUI interface. Most of the new generation firewalls actually come with a GUI where you can do whatever you want to do without running a command, and they give that privilege. I believe Cisco Secure Firewall has already probably introduced that, as from the Cisco centralized application, you can manage many things, push many configurations, and do many things. However, they need to do more so that it is not necessary to give access to the black screen as in the core device to your users before they can do certain things. From the GUI interface, they should be able to do certain things. It creates a kind of restriction, and it is only when it is necessary that you probably launch the GUI or SSH to that device that users do whatever they need to do.
For how long have I used the solution?
I have been using Cisco Secure Firewall since 2015, which is when I joined IHS.
What do I think about the stability of the solution?
Reliability is superb because we usually have monthly maintenance on all of our devices. Because all of our devices are on HA, we test the high availability and run any patches that need to be run. So far so good, it is reliable because there has never been a time when we have had a failover test that we ran into a problem.
What do I think about the scalability of the solution?
Cisco Secure Firewall is scalable.
How are customer service and support?
Technically, Cisco covers a lot.
Which solution did I use previously and why did I switch?
Currently, I do not use any other firewalling solutions. I think the other HP product I probably worked with is not used anymore.
How was the initial setup?
I might not say because I cannot compare my own experience with other people's experiences. For people like me and probably the majority of my team, we do not find it difficult to implement or deploy. However, for some new generation people that are just coming to the industry, they might find other firewalls very easy and straightforward in terms of deployment because they cannot be compared to Cisco Secure Firewall devices. For me, probably based on my years of experience, I do not find any challenges in terms of deployment.
What about the implementation team?
The implementation team was effective.
What was our ROI?
Of course, what we are getting from Cisco Secure Firewall is worth it. There is always a return on investment because you find you invest heavily, but your environment is secure and then you are at rest; you do not need to panic. Even if attackers are coming, you know you will be rest assured that you are covered. Although other firewalls are okay, they cannot be compared to Cisco Secure Firewall.
What's my experience with pricing, setup cost, and licensing?
The setup cost is somewhat high compared to other firewalling solutions.
Which other solutions did I evaluate?
I have a different job title now as I am doing more consulting work.
What other advice do I have?
For instance, we have some resources on Azure , and when it comes to security posture on Azure , I take about more than 50% of it because I am in charge. When it comes to cloud security, we do not really have full control 100%, unlike when you have your firewall on-premises where you are the alpha and omega of the solution and these devices. You can do whatever you want to do. However, cloud security gives a kind of platform whereby you have some limitations because you do not have physical intervention to that device.
Aside from that, it is very easy to use, especially when you have hands-on experience with any of Cisco's devices before. You do not even need to take higher professional courses before you can manage it, especially if you can learn easily. For me, I learn quickly and I approach anything with the understanding that nothing is impossible, though it might take some time. My overall rating for Cisco Secure Firewall is 9 out of 10.