My main use cases for Cisco Secure Firewall include certain requirements from the energy sector, NERC CIP compliance, acting as a perimeter security device, doing layer three routing for us, and VLAN segmentation, as well as creating DMZs.

These features benefit my company by reducing my troubleshooting time, and in the energy sector, time is money, so it does help. The time reduction depends on how quickly someone gets used to it.

The feature of Cisco Secure Firewall I prefer most is troubleshooting, packet capture, and packet tracer; I love those features.

You can quickly run certain commands on CLI or on FMC CLI to find out what could be the root cause, and it varies from person to person, but it's very useful.

I prefer Cisco since it has been here for a very long time, we have a good relationship with the sales team and Cisco representatives, and the support is pretty good, providing us with 24/7 support, which makes me pretty happy.

Cisco Secure Firewall in helping my company implement a zero-trust security model. I've yet to try it, however, I'm very excited to work on it. My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is pretty good. We can build site-to-site tunnels and various ways of site-to-route based or policy-based, allowing us to see the packets and cap decaps, and Cisco CLI provides a way to see the packets inside, which is very helpful.

Cisco Secure Firewall's licensing model can be improved, as I struggle with it in an air-gapped environment. To make it a ten, a couple of challenges need to be addressed, particularly with the licensing model, as I'm looking for a permanent license solution for air-gapped environments.

The second issue is the ROMmon mode, where during power outages the firewalls go into ROMmon mode, causing outages and financial loss until we can send someone on-site.

I have been using Cisco Secure Firewall for almost six years.

The stability and reliability of the platform are pretty stable.

The only challenge I see is with the substation, where when it loses power and there's no manual reboot, it ends up in ROMmon mode and requires a physical reboot, which means we have to send somebody on-site. It does not pick it up when the power goes out and comes back up, going into ROMmon mode, so I need better answers from Cisco about that.

I'm not sure how Cisco Secure Firewall scales with the growing needs of my company.

My experience with customer service and technical support has been good. If I were to rate customer service and technical support on a scale of one to ten, I would give them an eight.

In the past, we have used other solutions such as Palo Alto and other vendors. I am more of a Cisco person and prefer Cisco.

My experience with the deployment of Cisco Secure Firewall is that it's pretty straightforward.

The biggest return on investment for me when using Cisco Secure Firewall is reliability and robust network design.

Regarding pricing and setup costs, apart from the licensing issue, Cisco products are on the pricier side. That said, they're worth it. We have over 500 substations plus our data center just on OT, and everything is Cisco, so we are a core Cisco customer, and as long as the product is reliable, it's worth every penny.

We did consider other solutions before choosing Cisco Secure Firewall.

I'm not sure how Cisco Secure Firewall's ability to unify policies across my environment is, as I haven't tried that.

I am not using Cisco SecureX with Secure Firewall; I'm using FMC for centralized management for the firewalls.

The impact of the cloud-delivered firewall on my company's security posture is tricky. For compliance, we are not supposed to have anything cloud-based, so it must be on-prem. We're a big company and we can use it in some other parts of the network, just not for my team.

Overall, I would rate Cisco Secure Firewall an eight out of ten.

My main use case for Cisco Secure Firewall is just control between outer boundary and inner boundaries.

The feature I appreciate the most about Cisco Secure Firewall is the FMC platform where it merges multiple firewalls into one management plane. An example of how features of Cisco Secure Firewall have benefited my organization is through easy deployment of access policies across a long array of devices. I assess Cisco Secure Firewall's ability to unify policies across my environment as a single pane of glass with the FMC. If I need to look up a policy or implement something, I just type in the name of the policy I made to see what objects apply to our policy. I appreciate that part.

Cisco Secure Firewall could be improved in several ways. I've noticed in different versions that some versions had packet caps and some didn't. The user interface could be improved, and maintaining a consistent version across the board would be beneficial. Ease-of-use is important, with the user-based interface and keeping plain language. In the next release of Cisco Secure Firewall, it should include features that utilize AI to speak plain language. For example, it could respond to, 'Hey, I want to do this thing,' and guide users accordingly. I know AI feedback is a hot topic, but I wonder how reliant that is on external connectivity. If it can work in an air-gap network, that would be significant.

I have been using Cisco Secure Firewall for at least a few years, maybe three or four years.

I evaluate the stability and reliability of Cisco Secure Firewall as quite strong since it's probably one of the few things that hasn't crashed on us. While I haven't experienced crashes with Cisco Secure Firewall, most of our issues don't come from it unless it's something we've blocked, preventing users from accessing areas. It's never been a device problem or related to the technical implementation of things.

I think Cisco Secure Firewall scales effectively with the growing needs of my organization because we work in boundary-level areas. Most of our users connect on the inside of the boundary and then egress out, making it easy for us to scale out to support thousands of users as long as they connect to that inner part.

My evaluation of customer service and technical support for Cisco is positive. TAC cases generally serve as a good option for anything we've had problems with Cisco devices, and the process is good. On a scale of one to ten, I would rate Cisco's customer service a 10.

Prior to adopting Cisco Secure Firewall, I was using Fortinet. The factor that led me to consider changing from Fortinet was its vulnerability problems. We scrapped that solution.

My experience with the deployment of Cisco Secure Firewall is pretty good.

Before selecting Cisco Secure Firewall, I considered a couple of other platforms, including some Palo Altos, for separate requirements that Cisco doesn't meet.

My experience with Cisco Secure Firewall is positive. I appreciate it because it has always been easy for me as an individual to navigate and manage anything Cisco-related.

My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is somewhat mixed. I have a concern about the GRE and the Snort inspection. Sometimes Snort would break GRE traffic when trying to tunnel from the outside in. Making a policy to allow GRE always breaks. But other than that, it's been straightforward.

This unified policy management is important to my organization because different functions in a network can apply to many other users. It allows us to see that from one pane of glass, and I can easily search it up by name or IP address. I use Cisco SecureX with Cisco Secure Firewall, mainly Firepower, and we integrate them in FMC.

The integration of Cisco SecureX with Cisco Secure Firewall doesn't really affect dwell time for my team. It just gives us the ability to filter out unwanted things from the outside. We don't use much cloud functionality, so I can't comment on the impact of the cloud-delivered firewall on our organization's security posture.

My evaluation of Cisco Secure Firewall in helping my organization implement a zero-trust security model is that we don't really use it for firewalls. We work with DNA center stuff and fabric-enabled technologies. We use the zero-trust model with 802.1X, but that's more unfirewall-related.

The process of using Cisco Secure Firewall is straightforward; you install it and decide whether to block or allow protocols. It's simple and easy. The language part makes it easy since a Cisco box is a Cisco box, and opening up TAC cases on the Cisco portal is straightforward.

My advice to other organizations considering Cisco Secure Firewall is to understand how a firewall works, know your network, and what you want to block and allow. Cisco has been good with their support level, so as long as they know Cisco, they should be fine. I rate Cisco Secure Firewall 10 out of 10.

My main use cases for Cisco Secure Firewall are to help secure the network and control what we allow in and out of the network.

The benefits of Cisco Secure Firewall's features for my company include giving us more visibility into what's going on when there's either an attack or just normal traffic, allowing us to see what's going through it.

The feature of Cisco Secure Firewall that I appreciate the most is the central management. The central management feature makes it easier to configure once, push out, and replace firewalls when they go bad. It's nice to have one pane of view, one pane of glass.

I assess Cisco Secure Firewall's ability to unify policies across my environment as definitely easy. We just do it through the one central management and then push it out from there. It is important for our organization to have such a feature. The importance of this feature lies in that it just helps standardize our configuration approach, allowing us to ensure that our ideas get pushed out to everything.

Cisco Secure Firewall could be improved by providing more visibility, especially regarding encryption, to be able to see what's in those traffic flows. More application visibility would also help; it knows about certain types of traffic yet not everything. It would be awesome if it knew everything.

To make Cisco Secure Firewall a better product or a perfect product, visibility is a good improvement area. You sort of have to know the product to use it, so user and technical improvements should aim for simplicity. There's so much it does that I don't know how much more simple it could go, so I'm not sure what really could be improved.

My impression of Cisco Secure Firewall's visibility and control capabilities in managing encrypted traffic is that somewhat limited. Most tools seem to be limited on encrypted traffic, so we don't get too much visibility into it—just the general type of traffic, not too much more than that.

We've been using the solution for at least 15 years.

The stability and reliability of the Cisco Secure Firewall platform are very good; it's rock solid and has always just done its work.

Cisco Secure Firewall is growing and handling everything we ask it to do, so it's performing that part effectively.

I evaluate customer service and technical support of Cisco overall as good; it's definitely one of the better companies to work with.

While using Cisco Secure Firewall, we did consider other solutions. We recently upgraded all of them to the latest edition of Cisco, and we looked at Palo Alto and other tools at that time, but those firewalls have been in place for about 15 years. I don't know what happened when we initially put them in, but we did do an evaluation three years ago and decided to stay with Cisco.

The deployment seems to go well. I'm not the one personally doing it. That said, the guys I tell to do it get it done when we need it done.

I don't see a return on investment with Cisco Secure Firewall; it's more of a needed tool, just something we need to do to get business done, so I'm not really looking at it as a tool that would give us an ROI.

My experience with the pricing, the setup cost, and the licensing of Cisco Secure Firewall has been what I expect; I'd always prefer it cheaper, but nothing too exorbitant.

Familiarity was the biggest reason for staying with Cisco; everybody knows how to use the Cisco CLI, so it wasn't worth the effort to swap out, as there were no big benefits from other solutions.

I'm not sure if there are any new features or functionalities that I have tried recently in Cisco Secure Firewall; it's just been doing its work for a while now.

I don't really use a cloud-delivered firewall as of today, so the only effect of not looking at it is speed. We're looking for the best performance we can get, and cloud usually isn't that. Cisco Secure Firewall helps us along the path to implementing a zero-trust security model, but there are a lot of tools and different paths to cover, so it's just really one tool in the arsenal.

On a scale of one to ten, I rate Cisco Secure Firewall an eight.

My main use cases for Cisco Secure Firewall are to safeguard our network, including the IPS and all the traffic, and to control the traffic.

The visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic are very good. I can implement all my certificates, so I can open the traffic and see everything.

Cisco Secure Firewall’s ability to unify policies across our environment is at a high level. This unification of policies into one system is important for my company. We are able to consolidate all the policies instead of spreading them across many security systems.

What I appreciate the most about Cisco Secure Firewall is that it can be very elastic, as it can be configured with all the flexibility of my network needs and complexity. The service I receive from the Cisco engineer helps me implement all my needs.

Cisco Secure Firewall allows me to safeguard Layer 7 or Layer 3 and manage the security rules with the business needs of my organization. The firewall has benefited my company overall because it safeguards and finds and stops all the malicious traffic.

Cisco Secure Firewall can be improved by simplifying the GUI, as it shouldn't be so complex.

I have been using Cisco Secure Firewall for ten years.

It's very robust. We don't have any downtime or anything. We work with a cluster with high availability, so if something goes wrong, we have it functioning.

Cisco Secure Firewall helps with the growing needs of our company as it's scalable.

Customer service and technical support for Cisco Secure Firewall are very good. I would rate them a nine out of ten.

It was a little bit difficult.

We needed a good integrator to help us, and we contacted Cisco for some help with technical issues.

We are able to safeguard our assets.

It's acceptable and comparable to other products.

We did consider other solutions before choosing Cisco Secure Firewall. We considered all the big vendors such as Palo Alto, Check Point, Fortinet, and others. Cisco won because it has the best IPS model on it, and that's the reason why we chose this firewall.

I would rate Cisco Secure Firewall an eight out of ten. To make it a ten, the complexity of the configuration compared to other vendors needs to be addressed. Overall, we're very happy with the product.

My main use case for Cisco Secure Firewall is to secure a data center.

They help keep our environment more secure.

The features I appreciate the most about Cisco Secure Firewall are the policies, ACLs, and traffic behavior analytics. These features have benefited my organization by keeping the environment more secure within the organization.

If I assess Cisco Secure Firewall's ability to unify policies across my environment on a scale of one to ten, it would be an eight. This is very important to my organization, as we work extensively with security because we are a bank, so we can keep the data safe.

I have not recently used any new features or functionalities in Cisco Secure Firewall, however, I would want to try more visibility and observability. My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is that it can improve. There is some traffic that is encrypted that needs to be decrypted to catch something and analyze and give some analytics, so that part needs to work more.

The dashboard needs to be more intuitive and easier to navigate. What stood out to me about Cisco Secure Firewall that made me choose to use it is that it is intuitive, but I feel it could be improved further in terms of intuitiveness. It could be improved to achieve easier configuration and more efficiency.

I have been using Cisco Secure Firewall for eight years.

I would evaluate the customer service and technical support on a scale of one to ten as a ten, as they have expertise and provide solutions for the most difficult problems, so we have had a very good experience.

We did have Fortinet previously. That had a more intuitive dashboard.

We did consider other options, including Juniper.

I did not purchase via AWS Marketplace.

At the moment, we are not using the cloud-delivered firewall. It could be better regarding encryption and encrypting traffic. I have not seen that part and we do not use it since we use it on Fortinet, however, that would be something that helps to keep the network more secure.

I would advise other organizations considering Cisco Secure Firewall that they can trust Cisco Secure Firewall and that they should provide training for their staff to achieve better and more efficient work.

On a scale of one to ten, I would rate Cisco Secure Firewall overall as an eight.

Our main use cases for Cisco Secure Firewall are segmentation and VPNs. My involvement is more at the remote sites, setting up those firewalls for VPN, and we have centralized management for handling all the policies.

I appreciate the uniformity of being able to push the policies out with Cisco Secure Firewall. That was one of the reasons we acquired it, so we could push the policies out everywhere.

Downtime due to bugs requiring code upgrades has been problematic. That's the reason why we are moving away from Cisco Secure Firewalls.

I have been using Cisco Secure Firewall for approximately four years.

It has been problematic, primarily due to bugs in the code rather than crashes.

We're looking at Palo Alto, and we will probably be cutting over to Palo Alto, which will likely be a many-year project.

I appreciate Cisco's support and have been very happy with it. I imagine the support is the same for the firewall. I typically handle break-fix issues at the firewall level and turn them over to engineering, who then contact tech support. With switching, I call tech support directly.

The support has improved significantly over the years, and the escalation process is very straightforward now. Even if the first engineer isn't highly knowledgeable, we get additional support and can escalate the issue.

We have been using a Meraki solution.

Licensing with Cisco Secure Firewall isn't too difficult. However, pricing seems high. We had been using a Meraki solution, and Cisco Secure Firewall seems more expensive than Meraki, even though Meraki is also cloud-based.

We're going to cut over to Palo Alto, which will probably be a many-year project, because the amount of downtime is substantial. While it doesn't affect the whole company, there is downtime in certain areas, usually due to bugs that require code upgrades to fix. That has been problematic.

We had planned to deploy Meraki more extensively as our Cisco ASAs aged out. However, we're also deploying SDA fabric, and Meraki is currently not compatible with that solution. I recently spoke with an engineer about SDA, and his answer indicated they will be supported, but with some variance. That's why we're moving away from Meraki, but we're still not ready for Palo Alto since it has a big learning curve and is totally different. We still have deployment and upgrade needs, so we're continuing to get Cisco Firepower firewalls while implementing Palo Alto more internally. This could be a multi-year process, depending on how it progresses.

It's difficult to predict how other organizations will deploy Cisco Secure Firewall, but my advice is to ensure the code being installed is the code recommended by Cisco. My recommendation wouldn't be extremely high, as deciding to discard millions of dollars in investment makes a significant statement. I would have difficulty recommending it based on our management's decisions, especially considering we're willing to replace our core firewalls and perimeter firewalls. The Palo Alto transition entails substantial training and design work. If we're willing to get rid of Cisco Secure Firewall in favor of a different product, it says a lot.

I would rate Cisco Secure Firewall a seven out of ten. It performs necessary firewall functions, but there are issues related to bugs.

Our main use cases include segmenting different networks for IPS and IDS, using it for basic firewall purposes, controlling ACLs, and monitoring traffic to identify issues within the network.

Currently, I find the event viewer feature of Cisco Secure Firewall very useful as it visually displays what is being blocked or allowed by the ACL. I also appreciate the improved visual presentation of the ACL layout.

We have many different opportunities to share incidents with individuals on how traffic flows through the network, and we utilize Cisco Secure Firewall features such as network packet inspection to ensure that policies are applied correctly and to monitor traffic for what is blocked, allowed, or denied.

Cisco Secure Firewall's ability to unify policies across our environment is pretty good.

We can deploy different features and ACLs between various firewalls easily with the FMC, which has improved significantly from the initial deployment time, which was once poor and is now manageable for multiple firewalls.

We use the new AnyConnect or Secure Connect VPNs, which works pretty well. Although we haven't switched to the latest series to utilize the VPNs fully, I appreciate the deployment phase where we can track our deployment progress.

What stands out positively about Cisco is their training and support, which has effectively prepared engineers to work with their products. When hiring, I find it beneficial that most network engineers are familiar with Cisco, whereas I might question the expertise of those trained with Palo Alto or Fortinet.

Performance-wise, Cisco seems to be the best. For instance, my sister company uses Palo Alto and Juniper and reports a high RMA rate. In contrast, we have only RMAed one Cisco Secure Firewall in six years, indicating stability and dependability.

The interface of Cisco Secure Firewall works effectively once you become familiar with its layout, although hiring engineers requires training on the platform, especially as updates occur. They should prioritize adding to the existing product rather than overcomplicating it with new features that may not be necessary.

Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities.

Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI.

My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time.

For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface.

If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.

I have been using Cisco Secure Firewall for about six years.

The process of expanding the usage was fairly smooth. My assessment of the stability and reliability of Cisco Secure Firewall is great from a hardware perspective, yet only okay from a software perspective.

I have experienced downtime crashes and performance issues. Specifically, the FTDs have had High Availability (HA) issues, which I struggle to understand, especially concerning switch connections and HA setups between firewalls.

We have often encountered split-brain scenarios during failover processes and code upgrades, which have been persistent problems for us. It seems that Cisco lacks enough skilled technical support engineers to quickly resolve these issues, often requiring escalation that takes too long.

Cisco Secure Firewall scales incredibly well with our growing needs. We recently transitioned to the new 4100s and we have only just reached the firewall's limitations after five years, indicating that it has been able to build for our future success.

I would rate customer service and technical support about a five out of ten, sometimes dipping to a four depending on the time of day. As in many support models, the quality depends on the region. Some TAC engineers are better in specific areas, such as India or South America. However, they often lack the skills to troubleshoot effectively, leading to repetitive troubleshooting sessions and unresolved issues.

Prior to adopting Cisco Secure Firewall, I used solutions such as SonicWall and Juniper firewalls. I didn't prefer Juniper and found Cisco Secure Firewall to be the most stable firewall I've worked with.

The deployment time could be improved. The deployment was good, however, it could be sped up. There was a bit of a learning curve as well.

What works well is the interface. It's pretty good as far as knowing where to go and the layout. When hiring engineers, they need to know the platform. In terms of updates, sometimes they bolt on too much.

I have not seen ROI with Cisco Secure Firewall initially, however, over time, it has paid for itself as we scale our business.

My experience with pricing, setup costs, and licensing was a nightmare. It is indeed challenging as Cisco has too many variations of support with no clear explanation of what you are actually getting.

Sales representatives try their best but often fall short, making it complicated for users to understand what licenses are included with the product, leading to confusion over various levels of support.

Before selecting Cisco Secure Firewall, I considered Fortinet and Palo Alto, and I even thought about sticking with ASAs. We still operate a couple of FTDs alongside ASAs, which creates internal competition. Fortinet, in particular, has remained a competitive option.

We did not purchase this on the AWS Marketplace.

My advice to organizations considering Cisco Secure Firewall would be to recognize the tendency for Cisco to overcomplicate things. However, they are striving for simplification in their firewall products. If someone has experience with ASAs, they can adapt to FTDs as easily. Cisco should focus on learning from competitors to enhance its features and remain competitive in the market.

If you want a stable solution with fewer vulnerabilities, Cisco Secure Firewall is likely to meet your needs as it requires fewer upgrades compared to competitors.

On a scale of one to ten, I rate Cisco Secure Firewall a seven.

Our main use cases for Cisco Secure Firewall include firewall, IPS, and URL filtering.

The feature of Cisco Secure Firewall that I prefer the most is IPS. I appreciate the IPS feature because it's built in and I can control it using the FMC and push out the policy company-wide, making it centrally managed. The IPS benefits my company because that's one of the requirements; we used to have separate IPS. Now it's all integrated, providing ease of use for us. Cisco Secure Firewall has helped my company achieve its goals because it's a next-generation firewall. That's what we need to maintain certain compliance from the security side. Having IPS built in, firewall, URL filtering, everything is centrally managed, so we have more visibility and management.

Compared to the previous generation, the ASA, firewall rules appear differently in the ASDM and the previous generation firewall versus FTD, which I don't prefer as much. The ASA makes it easier to view those policies. There could be some improvement in the way FMC displays the policy.

I have been using Cisco Secure Firewall in my company for the last two years.

I haven't seen any breakdown or instability; the platform has been stable, and we haven't had any issues.

Cisco Secure Firewall scales with the growing needs of my company as we're going to implement clustering. I've used clustering in my past experience; it's very easy and straightforward. We had some minor issues with the clustering. I appreciate the clustering capability, though I haven't implemented it in my current job.

The customer service and technical support have been great; they've always been great.

I considered other solutions such as Palo Alto before choosing Cisco Secure Firewall. We were using Palo Alto, but we decided to go with Cisco because of its ease of use. We were a Cisco shop, and there's a micro facility where you can migrate all the ASA to the firewall.

The deployment process of Cisco Secure Firewall is simple enough. Out of the box, you perform the initial management configuration, specify the FMC location, join FMC, and then you can manage it from FMC. The process is straightforward and simple.

From my point of view, the biggest return on investment when using Cisco Secure Firewall is the single pane of glass, which is a huge plus for us. Having that visibility, managing all the alerts, IPS alerts, vulnerability management - everything is a huge plus.

My experience with the pricing, setup costs, and licensing is that it's consistent. I don't have much visibility on the licensing side, but I assume it remains the same.

There are differences between Palo Alto and Cisco, particularly on the cloud side. Palo Alto has Prisma Cloud and additional tools. I would say Cisco has room for improvement in that area for the future. We're not heavily in the cloud, so for us, it's not a significant concern.

We haven't used any new features or functionalities in Cisco Secure Firewall recently, but we plan to try file scanning, focusing more on the malware side, AMP and everything. That's something we want to try next.

My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is limited as we haven't tried SSL encryption yet. That's something we might explore in the future.

Regarding Cisco Secure Firewall's ability to unify policies across my environment, managing via FMC ensures accuracy. Unifying policies is essential for my company because it provides one pane of glass. Software pushes, policy implementation, traffic monitoring, and having all alerts in one place are crucial.

The impact of the cloud-delivered firewall on my company's security posture is significant. Having the same FTD running in the cloud, managed by FMC, is our future direction. We currently implement this with Azure.

Regarding zero trust security model implementation, we are exploring options with SD-WAN, both on-premises and in the cloud with firepower. I'm meeting with a Cisco engineer next week to discuss implementation strategies.

I don't see anything that needs improvement in Cisco Secure Firewall; we've been very satisfied with it. I've been using FTD for almost five to seven years now, including with a previous company, and heavily worked on migration from ASA to FTD.

From one to ten, I would rate Cisco Secure Firewall a ten.

We bundle Cisco Secure Firewall with our telco offerings as a service provider. We bundle it basically with Meraki.

We have received good feedback from our engineers. It helps them with their day-to-day operations. I need to get some more input on specific items they need to gather more information about, but so far, there are no issues.

Regarding Cisco Secure Firewall's ability to unify policies across our environment, I haven't heard any particular issues from our engineers.

The feature of Cisco Secure Firewall that I appreciate the most is its ability to be used via the cloud, so we don't have to deploy service engineers on-site at any time.

Since telcos just provide basic connectivity, bundling Cisco Secure Firewall has actually allowed us to gain more value for our customers and level up versus our competitors. It helps our customers even more because they don't have to worry about cybersecurity issues, as we put it out of the box.

We found something that prevented us from using it and integrating it a few years back, so they should really have a discussion about improving those aspects. More specifically, it's related to cybersecurity technical details. Implementing a zero-trust security model is what we need help with. We're making progress. We have different types of security for our native applications, but we're slowly looking into what Cisco can deliver. We tried to look into Z3 models before, but our cybersecurity team found some issues where it was lacking. They found some bugs or loopholes, so we wanted Cisco to address these before we fully roll out the solution. We're trying again, and hopefully, with Cisco's updates, it will be acceptable to us in the near future.

We've been using Cisco Secure Firewall since 2016.

Cisco Secure Firewall covers roughly our 2,000 employees really effectively. It's just a matter of expanding the requirements and infrastructure requirements with AWS, and I believe Cisco has some integrations that allow us to use that scale to our advantage.

My opinion is somewhat biased because we have access to Cisco's TAC, and we are very much managed by our Cisco Philippines company team. I'd give them a nine out of ten.

The biggest return on investment when using Cisco Secure Firewall is that there's no waste in any infrastructure cost and licensing costs for us. If we have to repurpose a specific box per year, we could save on cost by just transferring it to another person or project rather than pay another one-year license for it.

The pricing is very good for us, especially since we have a partnership with Cisco. The challenge is the licensing. There are competitors that offer more flexible licensing, such as daily licensing, some offer hourly, but Cisco is locked in for one, three, and five years. We don't have much flexibility, especially if we want to shift applications or shift users at any time. Hopefully, licensing becomes more flexible.

There were solutions from Fortinet. The main difference between Cisco and Fortinet is that Cisco will have more flexibility. It's just a matter of being able to put together the flexibility that we require versus what Cisco can provide at this time.

The impact of the cloud-delivered Cisco Secure Firewall on my company's security posture involves some hesitation because it's on the cloud, but we're slowly adopting certain parts of it for our cybersecurity team. We're undergoing that transition and don't have full visibility yet on how they see that as a future mode of operations versus what other companies are doing globally.

I would rate Cisco Secure Firewall an eight out of ten.

My main use cases for Cisco Secure Firewall include firewall protection and managing the ingress and egress of a fabric and cloud, involving private cloud tasks, inter-domain, and inter-tenant processes, as well as handling whatever comes in and exits the fabric.

The features from the Firewall have benefited my organization by providing more integration with the Firewall Management Center and other Cisco tools such as ACI, APEX, ISE, and several others such as PXGrid, helping to create an ecosystem of Cisco solutions.

The feature I appreciate the most about Cisco Secure Firewall is its speed, especially for a 40-gig network.

Improving Cisco Secure Firewall could involve adding more functionality on the box without needing an FMC, as some features become less effective without it. I find it hard to think of anything else to add since there are so many features now that it's challenging to use and understand them all.

I have been using Cisco Secure Firewall since it came out, which was just a year or two ago.

Regarding the stability and reliability of Cisco Secure Firewall, the only issues I encounter are with the Secure Firewalls we have in HA. Sometimes, if they are reloaded improperly, junior staff may fail to see the HA pair, requiring physical resetting of the ports to link them together. Beyond that, I have never had a problem with a Cisco Firewall, FMC, or any of their next-generation firewalls, which speaks for itself.

I would evaluate customer service and technical support for Cisco Secure Firewall as excellent, as my Cisco team for the Army has been exceptional. I don't know how you can get better, and I don't have any complaints after ten years with the same team from Cisco.

I haven't really seen ROI on Cisco Secure Firewall yet, as we are not in a business that focuses on that. We just need the security functionality.

My experience with pricing, setup costs, and licensing for Cisco Secure Firewall is pretty good. There are a lot of in-place contracts for us that provide the benefit of discounts.

Before selecting Cisco Secure Firewall, I considered other solutions such as Palo Alto. That was about it. I was mainly looking at layer seven firewalls.

When comparing Cisco Secure Firewall to Palo Alto, what stood out positively was the FMC, which you can buy as either a physical or virtual appliance, allowing for the tying of all your firewalls to it, whereas Palo Alto lacks such functionality or the availability to do deeper analysis such as snort, making it clear that Cisco Secure Firewall wasn't really a competition.

My advice for organizations considering Cisco Secure Firewall is to take advantage of Cisco's C-Pot program, where you can actually use their equipment in a practical setting. This allows for firsthand comparisons with other vendors, giving you clear insights into how everything works, making it worthwhile to get demo gear from our Cisco team to test before making any purchases.

I rate Cisco Secure Firewall a nine out of ten.

It's not perfect, as nothing truly is, however, I don't know of anything that compares to it, with Palo Alto being the closest option, though their layer seven firewalls are not as effective as those of Cisco Secure Firewall.