I benefit from using Cisco Secure Firewall mainly because at least 99% of my customers have a Cisco environment, including switching and routing, making it easier to integrate with other Cisco components than with other vendors.

The impact of a cloud-delivered firewall on my organization's security posture depends on the environments I manage, which are primarily disconnected and focused more on industrial security rather than the cloud. While traditional IT recognizes that the delivery of cloud services is beneficial, comparing it to Azure Firewall, Google Firewall, or AWS Firewall shows that they are not true firewalls but rather sets of rules that do not work perfectly. From my perspective, it is better to add Cisco Secure Firewall for proper coverage.

The deployment for Cisco Secure Firewall takes no more than six to eight hours, but the fine-tuning of the solution typically takes four or five days.

Using Cisco Secure Firewall is financially beneficial as it provides clear settings for all members managing the solution, making it easy to teach the engineering team how it works and how to configure it, ultimately reducing the time needed to apply policies or make changes in the infrastructure.

I would assess Cisco Secure Firewall's ability to unify policies across environments as complex, since different customers have varying situations. Some wish to consolidate rules in the same place, while others prefer different rule sets in different locations.

I would rate Cisco's technical support a nine out of ten.

I am working with both on-premises and cloud deployment models.

I have not used any new features or functionalities recently in Cisco Secure Firewall, as it usually functions as a Layer 4 firewall without applying any filtering or inspection.

My experience with the licensing model indicates that for a long time, I believed the price was reasonable, but currently, I am uncertain as all services I purchase are directly from the customer while I act as a consultant, not purchasing any components myself.

I would rate this product a nine out of ten overall.

Our company's use case for Cisco Secure Firewall is to separate and protect the different server network ranges in our data center and to provide access to and from those services that sit in our data center to users and customers alike. We also use Cisco Secure Firewall on the edge to provide internet access to and from the internet for our business.

The most valuable aspect of Cisco Secure Firewall for me is not a specific feature but the fact that it is quite stable as a firewall overall. It is not too buggy or disruptive when performing our day-to-day operations, and that is the main thing about it.

Centralized management of Cisco Secure Firewall benefits our organization because we have multiple firewalls, but we go to one single page or use the Firewall Management Center to administer policies and make changes. This allows us to see what is going on from a visibility perspective, so all troubleshooting, configuration, and administration of the firewall happens at one single place, which is beneficial.

A single pane of glass for management is available.

One thing I would improve in Cisco Secure Firewall is somehow embedding the capability to use an asterisk-type of firewall rules in the access control policy. An example could be star.google.com; being able to use an asterisk for anything in the subdomain would be beneficial, as I know some of Cisco's competitors allow that on their firewalls, which eliminates the need for an additional appliance to facilitate that component.

I have been using Cisco Secure Firewall for about five years.

Currently, Cisco Secure Firewall has been up and running for about three years since its last reboot, so it is quite stable.

I find the solution to be scalable, especially with the other products that Cisco is developing. For instance, Cisco Secure Cloud now allows us to potentially take the management functions of Cisco Secure Firewall, move it into the cloud, and integrate it with other Cisco security products, managing everything from one single pane.

I have worked with Cisco's customer support.

When it comes to customer support, referring to TAC, I find that Cisco's support stands out. It is very important for us as a business to have that support when needed, and Cisco has often never failed in providing that support.

If I were to rate the support overall from one to ten, I would give it a nine.

While I rate it a nine, to make it a ten, it could be improved based on individual cases. Some support people truly embody Cisco's values in responding and assisting, but there are times when some individuals may not be as helpful as others, leading to a disconnect in the support experience.

Deploying Cisco Secure Firewalls is quite straightforward, as Cisco provides a lot of available documentation online, extensive support, and training, which makes it easy for engineers and customers to use Cisco products effectively.

The deployment time for Cisco Secure Firewalls varies. Currently, I am going through a refresh where we are replacing older Firepower systems with newer ones, but in the past, it has been relatively simple, typically taking within an hour or two to get everything up and running.

I have been part of the deployment of Cisco Secure Firewalls.

From a return on investment perspective, I think Cisco Secure Firewalls keep our organization safe and protect the organization's image from a governance standpoint. With cybersecurity being a big issue in the world, Cisco Secure Firewalls protect data, the environment, organization, and keep things safe. It is always reassuring for customers to know that the organization I work for invests in products like Cisco Secure Firewall to protect ourselves.

Cisco Secure Firewall is similar to insurance in that it provides peace of mind.

I rate Cisco Secure Firewalls a nine overall. While there are features I think could be added to achieve a perfect ten, I still regard it higher than its competitors. From both a technical and peace of mind perspective, Cisco Secure Firewall is the frontrunner.

I would tell someone considering purchasing Cisco Secure Firewalls that they will not be disappointed. My overall review rating for Cisco Secure Firewall is nine.

Cisco Secure Firewall's main use case is the edge firewall, which has great IPS and IDS capabilities, providing a solid defense layer for the organization.

I really appreciate the NAT-ting feature of Cisco Secure Firewall the most.

The main benefit of the NAT-ting feature in Cisco Secure Firewall is that when I establish a site-to-site tunnel with another endpoint from another company, I can provide them with a fake IP instead of the real IP.

Cisco Secure Firewall benefits our organization by serving as the first defense layer, which is the edge firewall as I mentioned before, helping to prevent DDoS attacks and similar threats.

I think Cisco Secure Firewall could become even better overall, but as of now, it is already in a stable status, and I do not see any significant features that need immediate attention. Perhaps something will come up in the future.

Cisco Secure Firewall is a stable and reliable product.

Cisco Secure Firewall remains stable because even if there are bugs, Cisco TAC engineers are consistently working to find solutions on the spot.

I am not experiencing any downtime with Cisco Secure Firewall.

There are bugs in Cisco Secure Firewall, but as I mentioned, the TAC engineers are actively working to resolve issues as quickly as possible, so the downtime is only for a short period.

I have experienced bugs with Cisco Secure Firewall, such as a sudden reboot, for example, but they resolved it on the spot.

Cisco Secure Firewall scales with the growing needs of an organization and has scalability.

Cisco Secure Firewall definitely demonstrates scalability, though I cannot explain it exactly.

I find that customer support from Cisco is good, as the TAC engineers are available all the time.

If I could rate Cisco Secure Firewall's support on a scale from one to ten, I would give it a ten.

The deployment model for Cisco Secure Firewall is on-premises.

My experience with deploying Cisco Secure Firewall is that it is complicated, but if you have the experience, you can deploy it smoothly.

There is a high learning curve for the deployment of Cisco Secure Firewall.

I have seen ROI with Cisco Secure Firewall, as they definitely save time and provide peace of mind.

Cisco Secure Firewall saves time and also saves money, definitely providing peace of mind.

My impression of the pricing and licensing of Cisco Secure Firewall is that it is not the normal pricing; it is high, but they deserve it.

They bring great value for the price because they provide excellent support, have stability, and we trust this product.

I would rate Cisco Secure Firewall a nine on a scale from one to ten. I rate it a nine because there is one point regarding the bugs that the versions of Cisco in general have.

My advice to other organizations considering Cisco Secure Firewall is to ensure that customers receive guidance from TAC engineers regarding bugs and workarounds when they are published. It is crucial to expedite the process of finding bugs before deploying new versions.

We are running Cisco Secure Firewall firewalls as edge devices. It is very good to have FTD, a device like FTD and FMC for management of the devices.

I am Ahmed from Palestine, working with a service provider company for mobile and landlines. Our company, Jawwal, is a service provider for Palestine with about 3,000 employees serving all people in Palestine. We used to have Cisco devices and also other vendors because our security team always asks to have multiple vendors in our company. We are very happy to have Cisco Secure Firewall devices. Our favorite features are that it is the next-generation firewall, always providing an IPS capability and multi-homing for multiple devices, clustering, and similar functionalities. We also appreciate FMC for management. It is a very good and very strong device to have in our company. We use it as edge firewalls for our company. We have three data centers spread all around the country. We always use Cisco and try to bring Cisco devices to our company because we always have something new.

Cisco Secure Firewall has many features, so the most important thing in the next-generation firewall is an IPS and URL filtering. It is a very good experience to have FTD for IPS and URL filtering.

My favorite feature inside the firewall is an IPS integrated with Threat Defense. I would like to highlight some protection. I would like to mention something about the intelligence for the firewall. We are very much looking forward to having AI included in the firewalls from Cisco, and I am looking to know how I can get benefits from AI inside Cisco Secure Firewall devices. We are always looking for improvement for the devices, and Cisco is always doing that. The most benefit for the firewalls in our company, regarding protection, intrusion prevention, and URL filtering, is a very good feature to have.

We faced some issues, though they are not very big issues in the device. When managing these devices from FMC, we have some tricky points for the device flexibility regarding upgrade from one FMC to another FMC and bringing the devices inside to be managed by this FMC. This also applies regarding the flexibility for having the data or the device when upgrading from one hardware to another hardware. To make it more easily to have this configuration from this device to another device would be beneficial.

When upgrading, Cisco always makes something called end of life for the hardware devices. When going from one device to another device, it is very hard to have this configuration exported from this device and put it in another device. This affects our service continuity, potentially causing some interruption for our service provider because we are running in a very critical environment. This may affect our user experience.

The only bad experience is that exporting and importing from one device is problematic. If trying to make a scalable device to increase capability for the device, it is very hard to export the configuration from this device to another device. We have to do it manually. This is a very bad experience, but other things are very good.

We have been using this solution for more than seven years.

At IT, every time we may have something like this, but it is perhaps not related to the device itself. It depends on very wide other reasons. Sometimes, we have some downtimes because of something unknown, perhaps from the Linux kernel. Cisco engineers are always listening to us and contacting us for any improvement, which is why we love Cisco.

In the network world, there is nothing straightforward. We always have obstacles on our way. Cisco is very good regarding availability and the stability for the device. When something happens in the device, the failover happens very quickly without any interruption. This is our experience with Cisco, and we are looking forward to having more and more. It is not straightforward because of the complexity of the network. As a device, it is straightforward, but because of the complexity of the other things, we can find it not hard, but a little bit complex. It is not related to the device itself.

Cisco technical support is always doing a great job. While supporting us during our maintenance window for downtimes, it is very good. We are trying to have better support, and it is about financial issues because if going up with the support level, it becomes better and better. We need to make it more equitable.

Companies are always looking for security. If needing to have a secure firewall with high throughput and heavy-duty devices, we always have to choose Cisco devices because the reality of these devices may be better than any other vendor. Other vendors are very good also, but sometimes Cisco is more flexible than others.

We have to use solutions such as IPS and IDS also. It is in detection and IPS for prevention also, but it is a different device, so it may have added layers for our network and making problems around that experience we have with it. It is not because of the device or the vendor, but layers in the network making some delays and making some overhead on the network. Cisco is the vendor we use. When comparing devices financially, we can see that other devices have very advanced features and other vendors have very good advantages. Cisco always wins. Maybe it is financially good because we have very high features and there are real advantages and features. Regarding throughput, some other vendors say it is fake throughput, not like Cisco. Cisco, when they say one gig, it is one gig.

We have many models such as 2000, 2003, and 4005. We have about eight devices spread around the company. I would give Cisco Secure Firewall a rating of eight out of ten because we are always looking for improvement. Cisco is very stable. From my experience, Cisco Secure Firewall is very stable. Because of the many integrations with the ICE and SGT, it is very nice to have these features. We always can see improvements on Cisco.

My use case for Cisco Secure Firewall includes secure access into the network, remote access VPN, site-to-site VPN, NAT, and access control.

I believe the most valuable feature of having the FTD in Cisco Secure Firewall is that it is typically managed through FMC, which is a tool that allows you to manage multiple devices. The ability to manage, view, and push templates across multiple devices at one time is beneficial versus having to manually do it.

Cisco Secure Firewall helps organizations improve by making networking easier, as they have provided a graphical user interface for much of the functionality. I think people prefer the GUI and find it easier to navigate versus having to remember commands, making it excellent for both novice and senior engineers.

If I could improve Cisco Secure Firewall, I feel that even with my experience, I have difficulty navigating some of the logs and trying to find specific flows, whether it is the source address or the pre-NAT address. I find the filtering very difficult to navigate and determine exactly what field I have to put the criteria in, as there are too many fields.

I probably started using Cisco Secure Firewall at the beginning of the pandemic, around 2021, while I was using ASAs before that, which had been for approximately 10 years. I have used FTD and Firepower for approximately five years and ASA for approximately 10 years.

I believe Cisco Secure Firewall is stable because I have never seen it crash and I have never seen it fail to forward packets.

My experience with customer support for Cisco Secure Firewall is positive, as they are helpful. On a scale of one to ten, I would rate Cisco Secure Firewall customer support as a nine, with ten being best.

I have briefly looked at some marketing materials for other firewall solutions such as Palo Alto, Fortinet, and FortiGate to understand where they are in the market, but I have never really managed or configured those platforms.

The complexity of deploying Cisco Secure Firewall varies depending on how many you have deployed. When I first deployed it, I still had to refer to documentation and conduct some trial and error, as we had to reconfigure some elements because of the interesting environment where we had to port-channel separately instead of as one bundled channel in an HA cluster. The complexity really depends on the environment.

I have deployed Cisco Secure Firewall with some customers.

I believe the market space for firewall solutions is crowded, and these vendors need to be competitive. I find that they are all quite similar.

Cisco Secure Firewall is used for securing perimeters, such as internal or external perimeters of the network.

I consider a valuable feature of Cisco Secure Firewall to be that it serves its purpose. ASA is nice, but it is outdated now. When it comes to FTD, complexity is one of the things. I am not sure they should build it from scratch.

Cisco Secure Firewall has helped improve my company over the last 15 years. Nowadays, you cannot live without a firewall. We are currently moving to another vendor.

Navigating through Cisco Secure Firewall is not intuitive. Complexity is another significant issue that needs to be addressed.

I have been using Cisco Secure Firewall for 15 years.

Cisco Secure Firewall is working with some bugs and glitches, but it is stable overall. ASA is a super stable firewall, even though it is outdated nowadays. FTD is working fine with some glitches.

Scalability depends on which Cisco Secure Firewall you are buying. For the enterprise level, it is scalable, but not significantly.

I have contacted Cisco support about these issues and opened many TAC cases for the firewalls.

I would evaluate Cisco support as good. Cisco is the best there. However, they need to rebuild this product. I love Cisco products, but when it comes to the firewall, I do not.

We are transitioning to Palo Alto.

I find Palo Alto to be much easier to operate and much more stable. If you want to incorporate FTD with another Cisco product, then you need to go with Cisco to have the full ecosystem. Since we do not have that requirement, we are going to another vendor, which is definitely easier to handle.

I have knowledge about the pricing and licensing.

A couple of days ago, I was working on a project and received a quote for the FTD 1230. For the same level with Palo Alto, even though we had a huge discount with Cisco, it turned out to be more expensive than Palo Alto. The pricing is quite expensive. My overall review rating for this product is 6.

Cisco Secure Firewall is used to protect our edge network. We use site-to-site VPNs, VPN clients, and benefit from Next-Generation Firewall features including threat prevention, URL filtering, and application control.

I appreciate all of the features of Cisco Secure Firewall, but the most important ones are the URL filtering feature that gives control over what users try to browse or reach on the internet, along with the threat prevention that inspects all traffic going out of and incoming to our network, making them very powerful features.

For example, I want to restrict a group of employees from my area in a very secure department that is not allowed to reach the internet or browse any websites that might be malicious or harmful to our network. By applying URL filtering, I can restrict their access to only the allowed websites according to our policy, allowing them to use certain websites related to their work while restricting them from reaching other harmful websites.

With everyone discussing AI and threat intelligence, security is advancing further. In addition to the features we have, we might consider threat intelligence that uses AI for more investigation and analytics on malicious codes or access. If Cisco integrates Cisco Secure Firewall with the cloud using AI, which I am sure they are working on, that would be beneficial for customers.

The first Cisco firewall I used was the ASA back in 2008, which was a long time ago.

Cisco Secure Firewall is one of the best and most stable solutions I have encountered, with no crashes and a powerful, stable system that shows no degradation in performance.

So far, we have not had other sites to expand, but I am confident that with the current design and features from Cisco, it will be easily expandable. If I decide to put another firewall in a DR site or any HA site, it is simply an HA configuration that will integrate smoothly with the current firewall we have.

The Cisco team is a wonderful team, always helpful and ready to assist us anytime. Our local vendors and the Cisco TAC team provide support wherever we are and whenever we need it. I would rate the Cisco team a ten because they are very responsive and solve our issues. I have never been stuck on any cases, although some may take time depending on their complexity, but they are wonderful.

I have used firewalls including the Forcepoint firewall, which I found to be good, but it was complex in terms of user management, and my team suffered from the complexity of managing this firewall. I have also used FortiGate firewalls and Palo Alto firewalls.

All the mentioned products are Next-Generation Firewalls with similar features, but the main difference lies in how we use these features. The simplicity of using these features is the key point. The URL filtering and threat prevention features in Cisco Secure Firewall are very nice, simple, and easy to configure and apply to our network.

I find deploying Cisco Secure Firewall to be a little bit challenging, but once it is implemented on our network, it is stable with no problems or issues. It is not that complex, and if we know our network, the Cisco team is helpful in guiding us to achieve the best design and implementation.

Cisco is not a cheap product, but when discussing an excellent product, we should not expect it to be that cheap. We normally have agreements and get discounts because we have been a Cisco customer for a long time, so the prices are reasonable.

My advice to other companies considering Cisco Secure Firewall is to assess your network thoroughly and understand your security needs very well. I am confident that if you choose Cisco Secure Firewall from a technical point of view, it will meet all your requirements, and I highly recommend using it. I rate Cisco Secure Firewall a nine out of ten because I am expecting more from Cisco, and I am sure next time they will reach a ten.

Our company's use case involves internal data center firewalls, mostly for east-west traffic.

The most valuable feature of Cisco Secure Firewall is the firewalling, which is essentially the security part of the firewall.

The security is improving with the blocking of access and the access rules. Security-wise, I find that it helps improve access between entities and departments, and more importantly, it covers the regulatory aspect as well.

If I could improve Cisco Secure Firewall, I would focus on the fact that there are many bugs, specifically with the FTDs. The versioning and software stability need improvement.

I have been using Cisco Secure Firewall for almost ten years.

Regarding bugs in Cisco Secure Firewall, for example, the logs show some traffic between two endpoints while others do not, which is a bug we found out recently. Cisco has reviewed it, and we are trying to fix it through an upgrade.

The bugs are problematic.

Cisco Secure Firewall is scalable and reliable. Regarding scalability, it is seamless. We have had a recent upgrade, added new data centers, and enhanced the existing firewalls.

My experience with their support team is that support is good and they are quite responsive. On a scale of one to ten, I would rate them a ten for good support.

I know that they evaluated other companies, including Forcepoint, a company providing firewalls as well, specifically next-generation firewalls. They picked Cisco Secure Firewall mainly for the FTD and superior Cisco support, which was the main deciding factor.

Deployment-wise, Cisco Secure Firewall is straightforward, as all Cisco products are straightforward. It takes roughly two months to deploy Cisco Secure Firewall, but it depends on the type of implementation and the specific data center involved.

The two months mainly involve the LLDs, the design phase, and the shipping. The most delay comes from shipping and delivery, as the standard delivery from Cisco is six to eight weeks, which is where the delay occurs, while the rest of the activities are completed prior to that. I would rate Cisco Secure Firewall a seven on a scale of one to ten overall. I would not rate it a ten due to the stability of the product needing improvement, specifically with the FTD.

Cisco Secure Firewall's use case in our organization is justified because we operate in the financial industry where security best practices require multi-vendor products. We are running other vendors' solutions as well, and since Cisco is a prominent and one of the best vendors in the market, we opted for Cisco Secure Firewall. Both solutions serve our security requirements effectively.

The most valuable feature of Cisco Secure Firewall is the policy cleanup functionality. In the firewall, we have hundreds of policies deployed, and we often face a challenge regarding what to do with unused policies and how to remove them without impacting required access. Cisco Secure Firewall helps us identify the unused policies efficiently, and we are confident to remove them without any negative impact.

Cisco Secure Firewall helps our company overall because the firewall provides substantial capability when it comes to throughput, the number of policies, and the number of records. However, whenever traffic comes into the network, it must pass through all the policies and match the required ones, which takes considerable time. This solution helps us streamline our processes, streamline our information security requirements, and streamline our audit requirements to achieve our goals.

From the improvement perspective, I would identify automation as a key area. Whenever a requirement comes and needs to be deployed, there are individual rules to configure. When it comes to CLI, it was easy to create a script and copy-paste, but the GUI approach takes considerable time. Built-in automation would help significantly. Although there are options in the market such as Terraform or Ansible Tower with possible integration, having something built directly into Cisco Secure Firewall would be more beneficial.

I have been using Cisco Secure Firewall for a couple of years.

Cisco Secure Firewall is quite stable. While I experienced some issues when it was new in the market, the solution is stable now.

We are running other solutions as well, but being in the financial industry, we run multiple vendors and multiple firewalls. When I compare this solution with others, Cisco Secure Firewall is quite stable.

Cisco Secure Firewall is scalable and provides the required functionality and scalability from a throughput perspective and from a bandwidth perspective.

Regarding my experience with Cisco support for firewalls, we are using TAC support and partner support from Cisco. The experience is generally fine, but there is one area where we consistently face problems. Whenever we open a case, for example a P1 (severity one) case, an L2 engineer initially takes time to understand the requirement. Then the engineer mentions that their shift is going to finish and hands over to a new engineer, who takes additional time to get up to speed. This approach is not workable in our environment, especially in banking, where uptime is critical. This area requires improvement.

From the pricing and licensing perspective for Cisco Secure Firewall, we have multiple licenses covering threat intelligence, antivirus, and other security functionalities, and these come within the offering. This is satisfactory from that perspective. My overall review rating for Cisco Secure Firewall is 8 out of 10.