My main use cases for Cisco Secure Firewall are to safeguard our network, including the IPS and all the traffic, and to control the traffic.

The visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic are very good. I can implement all my certificates, so I can open the traffic and see everything.

Cisco Secure Firewall’s ability to unify policies across our environment is at a high level. This unification of policies into one system is important for my company. We are able to consolidate all the policies instead of spreading them across many security systems.

What I appreciate the most about Cisco Secure Firewall is that it can be very elastic, as it can be configured with all the flexibility of my network needs and complexity. The service I receive from the Cisco engineer helps me implement all my needs.

Cisco Secure Firewall allows me to safeguard Layer 7 or Layer 3 and manage the security rules with the business needs of my organization. The firewall has benefited my company overall because it safeguards and finds and stops all the malicious traffic.

Cisco Secure Firewall can be improved by simplifying the GUI, as it shouldn't be so complex.

I have been using Cisco Secure Firewall for ten years.

It's very robust. We don't have any downtime or anything. We work with a cluster with high availability, so if something goes wrong, we have it functioning.

Cisco Secure Firewall helps with the growing needs of our company as it's scalable.

Customer service and technical support for Cisco Secure Firewall are very good. I would rate them a nine out of ten.

It was a little bit difficult.

We needed a good integrator to help us, and we contacted Cisco for some help with technical issues.

We are able to safeguard our assets.

It's acceptable and comparable to other products.

We did consider other solutions before choosing Cisco Secure Firewall. We considered all the big vendors such as Palo Alto, Check Point, Fortinet, and others. Cisco won because it has the best IPS model on it, and that's the reason why we chose this firewall.

I would rate Cisco Secure Firewall an eight out of ten. To make it a ten, the complexity of the configuration compared to other vendors needs to be addressed. Overall, we're very happy with the product.

My main use case for Cisco Secure Firewall is to secure a data center.

They help keep our environment more secure.

The features I appreciate the most about Cisco Secure Firewall are the policies, ACLs, and traffic behavior analytics. These features have benefited my organization by keeping the environment more secure within the organization.

If I assess Cisco Secure Firewall's ability to unify policies across my environment on a scale of one to ten, it would be an eight. This is very important to my organization, as we work extensively with security because we are a bank, so we can keep the data safe.

I have not recently used any new features or functionalities in Cisco Secure Firewall, however, I would want to try more visibility and observability. My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is that it can improve. There is some traffic that is encrypted that needs to be decrypted to catch something and analyze and give some analytics, so that part needs to work more.

The dashboard needs to be more intuitive and easier to navigate. What stood out to me about Cisco Secure Firewall that made me choose to use it is that it is intuitive, but I feel it could be improved further in terms of intuitiveness. It could be improved to achieve easier configuration and more efficiency.

I have been using Cisco Secure Firewall for eight years.

I would evaluate the customer service and technical support on a scale of one to ten as a ten, as they have expertise and provide solutions for the most difficult problems, so we have had a very good experience.

We did have Fortinet previously. That had a more intuitive dashboard.

We did consider other options, including Juniper.

I did not purchase via AWS Marketplace.

At the moment, we are not using the cloud-delivered firewall. It could be better regarding encryption and encrypting traffic. I have not seen that part and we do not use it since we use it on Fortinet, however, that would be something that helps to keep the network more secure.

I would advise other organizations considering Cisco Secure Firewall that they can trust Cisco Secure Firewall and that they should provide training for their staff to achieve better and more efficient work.

On a scale of one to ten, I would rate Cisco Secure Firewall overall as an eight.

Our main use cases for Cisco Secure Firewall are segmentation and VPNs. My involvement is more at the remote sites, setting up those firewalls for VPN, and we have centralized management for handling all the policies.

I appreciate the uniformity of being able to push the policies out with Cisco Secure Firewall. That was one of the reasons we acquired it, so we could push the policies out everywhere.

Downtime due to bugs requiring code upgrades has been problematic. That's the reason why we are moving away from Cisco Secure Firewalls.

I have been using Cisco Secure Firewall for approximately four years.

It has been problematic, primarily due to bugs in the code rather than crashes.

We're looking at Palo Alto, and we will probably be cutting over to Palo Alto, which will likely be a many-year project.

I appreciate Cisco's support and have been very happy with it. I imagine the support is the same for the firewall. I typically handle break-fix issues at the firewall level and turn them over to engineering, who then contact tech support. With switching, I call tech support directly.

The support has improved significantly over the years, and the escalation process is very straightforward now. Even if the first engineer isn't highly knowledgeable, we get additional support and can escalate the issue.

We have been using a Meraki solution.

Licensing with Cisco Secure Firewall isn't too difficult. However, pricing seems high. We had been using a Meraki solution, and Cisco Secure Firewall seems more expensive than Meraki, even though Meraki is also cloud-based.

We're going to cut over to Palo Alto, which will probably be a many-year project, because the amount of downtime is substantial. While it doesn't affect the whole company, there is downtime in certain areas, usually due to bugs that require code upgrades to fix. That has been problematic.

We had planned to deploy Meraki more extensively as our Cisco ASAs aged out. However, we're also deploying SDA fabric, and Meraki is currently not compatible with that solution. I recently spoke with an engineer about SDA, and his answer indicated they will be supported, but with some variance. That's why we're moving away from Meraki, but we're still not ready for Palo Alto since it has a big learning curve and is totally different. We still have deployment and upgrade needs, so we're continuing to get Cisco Firepower firewalls while implementing Palo Alto more internally. This could be a multi-year process, depending on how it progresses.

It's difficult to predict how other organizations will deploy Cisco Secure Firewall, but my advice is to ensure the code being installed is the code recommended by Cisco. My recommendation wouldn't be extremely high, as deciding to discard millions of dollars in investment makes a significant statement. I would have difficulty recommending it based on our management's decisions, especially considering we're willing to replace our core firewalls and perimeter firewalls. The Palo Alto transition entails substantial training and design work. If we're willing to get rid of Cisco Secure Firewall in favor of a different product, it says a lot.

I would rate Cisco Secure Firewall a seven out of ten. It performs necessary firewall functions, but there are issues related to bugs.

Our main use cases include segmenting different networks for IPS and IDS, using it for basic firewall purposes, controlling ACLs, and monitoring traffic to identify issues within the network.

Currently, I find the event viewer feature of Cisco Secure Firewall very useful as it visually displays what is being blocked or allowed by the ACL. I also appreciate the improved visual presentation of the ACL layout.

We have many different opportunities to share incidents with individuals on how traffic flows through the network, and we utilize Cisco Secure Firewall features such as network packet inspection to ensure that policies are applied correctly and to monitor traffic for what is blocked, allowed, or denied.

Cisco Secure Firewall's ability to unify policies across our environment is pretty good.

We can deploy different features and ACLs between various firewalls easily with the FMC, which has improved significantly from the initial deployment time, which was once poor and is now manageable for multiple firewalls.

We use the new AnyConnect or Secure Connect VPNs, which works pretty well. Although we haven't switched to the latest series to utilize the VPNs fully, I appreciate the deployment phase where we can track our deployment progress.

What stands out positively about Cisco is their training and support, which has effectively prepared engineers to work with their products. When hiring, I find it beneficial that most network engineers are familiar with Cisco, whereas I might question the expertise of those trained with Palo Alto or Fortinet.

Performance-wise, Cisco seems to be the best. For instance, my sister company uses Palo Alto and Juniper and reports a high RMA rate. In contrast, we have only RMAed one Cisco Secure Firewall in six years, indicating stability and dependability.

The interface of Cisco Secure Firewall works effectively once you become familiar with its layout, although hiring engineers requires training on the platform, especially as updates occur. They should prioritize adding to the existing product rather than overcomplicating it with new features that may not be necessary.

Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities.

Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI.

My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time.

For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface.

If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.

I have been using Cisco Secure Firewall for about six years.

The process of expanding the usage was fairly smooth. My assessment of the stability and reliability of Cisco Secure Firewall is great from a hardware perspective, yet only okay from a software perspective.

I have experienced downtime crashes and performance issues. Specifically, the FTDs have had High Availability (HA) issues, which I struggle to understand, especially concerning switch connections and HA setups between firewalls.

We have often encountered split-brain scenarios during failover processes and code upgrades, which have been persistent problems for us. It seems that Cisco lacks enough skilled technical support engineers to quickly resolve these issues, often requiring escalation that takes too long.

Cisco Secure Firewall scales incredibly well with our growing needs. We recently transitioned to the new 4100s and we have only just reached the firewall's limitations after five years, indicating that it has been able to build for our future success.

I would rate customer service and technical support about a five out of ten, sometimes dipping to a four depending on the time of day. As in many support models, the quality depends on the region. Some TAC engineers are better in specific areas, such as India or South America. However, they often lack the skills to troubleshoot effectively, leading to repetitive troubleshooting sessions and unresolved issues.

Prior to adopting Cisco Secure Firewall, I used solutions such as SonicWall and Juniper firewalls. I didn't prefer Juniper and found Cisco Secure Firewall to be the most stable firewall I've worked with.

The deployment time could be improved. The deployment was good, however, it could be sped up. There was a bit of a learning curve as well.

What works well is the interface. It's pretty good as far as knowing where to go and the layout. When hiring engineers, they need to know the platform. In terms of updates, sometimes they bolt on too much.

I have not seen ROI with Cisco Secure Firewall initially, however, over time, it has paid for itself as we scale our business.

My experience with pricing, setup costs, and licensing was a nightmare. It is indeed challenging as Cisco has too many variations of support with no clear explanation of what you are actually getting.

Sales representatives try their best but often fall short, making it complicated for users to understand what licenses are included with the product, leading to confusion over various levels of support.

Before selecting Cisco Secure Firewall, I considered Fortinet and Palo Alto, and I even thought about sticking with ASAs. We still operate a couple of FTDs alongside ASAs, which creates internal competition. Fortinet, in particular, has remained a competitive option.

We did not purchase this on the AWS Marketplace.

My advice to organizations considering Cisco Secure Firewall would be to recognize the tendency for Cisco to overcomplicate things. However, they are striving for simplification in their firewall products. If someone has experience with ASAs, they can adapt to FTDs as easily. Cisco should focus on learning from competitors to enhance its features and remain competitive in the market.

If you want a stable solution with fewer vulnerabilities, Cisco Secure Firewall is likely to meet your needs as it requires fewer upgrades compared to competitors.

On a scale of one to ten, I rate Cisco Secure Firewall a seven.

Our main use cases for Cisco Secure Firewall include firewall, IPS, and URL filtering.

The feature of Cisco Secure Firewall that I prefer the most is IPS. I appreciate the IPS feature because it's built in and I can control it using the FMC and push out the policy company-wide, making it centrally managed. The IPS benefits my company because that's one of the requirements; we used to have separate IPS. Now it's all integrated, providing ease of use for us. Cisco Secure Firewall has helped my company achieve its goals because it's a next-generation firewall. That's what we need to maintain certain compliance from the security side. Having IPS built in, firewall, URL filtering, everything is centrally managed, so we have more visibility and management.

Compared to the previous generation, the ASA, firewall rules appear differently in the ASDM and the previous generation firewall versus FTD, which I don't prefer as much. The ASA makes it easier to view those policies. There could be some improvement in the way FMC displays the policy.

I have been using Cisco Secure Firewall in my company for the last two years.

I haven't seen any breakdown or instability; the platform has been stable, and we haven't had any issues.

Cisco Secure Firewall scales with the growing needs of my company as we're going to implement clustering. I've used clustering in my past experience; it's very easy and straightforward. We had some minor issues with the clustering. I appreciate the clustering capability, though I haven't implemented it in my current job.

The customer service and technical support have been great; they've always been great.

I considered other solutions such as Palo Alto before choosing Cisco Secure Firewall. We were using Palo Alto, but we decided to go with Cisco because of its ease of use. We were a Cisco shop, and there's a micro facility where you can migrate all the ASA to the firewall.

The deployment process of Cisco Secure Firewall is simple enough. Out of the box, you perform the initial management configuration, specify the FMC location, join FMC, and then you can manage it from FMC. The process is straightforward and simple.

From my point of view, the biggest return on investment when using Cisco Secure Firewall is the single pane of glass, which is a huge plus for us. Having that visibility, managing all the alerts, IPS alerts, vulnerability management - everything is a huge plus.

My experience with the pricing, setup costs, and licensing is that it's consistent. I don't have much visibility on the licensing side, but I assume it remains the same.

There are differences between Palo Alto and Cisco, particularly on the cloud side. Palo Alto has Prisma Cloud and additional tools. I would say Cisco has room for improvement in that area for the future. We're not heavily in the cloud, so for us, it's not a significant concern.

We haven't used any new features or functionalities in Cisco Secure Firewall recently, but we plan to try file scanning, focusing more on the malware side, AMP and everything. That's something we want to try next.

My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is limited as we haven't tried SSL encryption yet. That's something we might explore in the future.

Regarding Cisco Secure Firewall's ability to unify policies across my environment, managing via FMC ensures accuracy. Unifying policies is essential for my company because it provides one pane of glass. Software pushes, policy implementation, traffic monitoring, and having all alerts in one place are crucial.

The impact of the cloud-delivered firewall on my company's security posture is significant. Having the same FTD running in the cloud, managed by FMC, is our future direction. We currently implement this with Azure.

Regarding zero trust security model implementation, we are exploring options with SD-WAN, both on-premises and in the cloud with firepower. I'm meeting with a Cisco engineer next week to discuss implementation strategies.

I don't see anything that needs improvement in Cisco Secure Firewall; we've been very satisfied with it. I've been using FTD for almost five to seven years now, including with a previous company, and heavily worked on migration from ASA to FTD.

From one to ten, I would rate Cisco Secure Firewall a ten.

We bundle Cisco Secure Firewall with our telco offerings as a service provider. We bundle it basically with Meraki.

We have received good feedback from our engineers. It helps them with their day-to-day operations. I need to get some more input on specific items they need to gather more information about, but so far, there are no issues.

Regarding Cisco Secure Firewall's ability to unify policies across our environment, I haven't heard any particular issues from our engineers.

The feature of Cisco Secure Firewall that I appreciate the most is its ability to be used via the cloud, so we don't have to deploy service engineers on-site at any time.

Since telcos just provide basic connectivity, bundling Cisco Secure Firewall has actually allowed us to gain more value for our customers and level up versus our competitors. It helps our customers even more because they don't have to worry about cybersecurity issues, as we put it out of the box.

We found something that prevented us from using it and integrating it a few years back, so they should really have a discussion about improving those aspects. More specifically, it's related to cybersecurity technical details. Implementing a zero-trust security model is what we need help with. We're making progress. We have different types of security for our native applications, but we're slowly looking into what Cisco can deliver. We tried to look into Z3 models before, but our cybersecurity team found some issues where it was lacking. They found some bugs or loopholes, so we wanted Cisco to address these before we fully roll out the solution. We're trying again, and hopefully, with Cisco's updates, it will be acceptable to us in the near future.

We've been using Cisco Secure Firewall since 2016.

Cisco Secure Firewall covers roughly our 2,000 employees really effectively. It's just a matter of expanding the requirements and infrastructure requirements with AWS, and I believe Cisco has some integrations that allow us to use that scale to our advantage.

My opinion is somewhat biased because we have access to Cisco's TAC, and we are very much managed by our Cisco Philippines company team. I'd give them a nine out of ten.

The biggest return on investment when using Cisco Secure Firewall is that there's no waste in any infrastructure cost and licensing costs for us. If we have to repurpose a specific box per year, we could save on cost by just transferring it to another person or project rather than pay another one-year license for it.

The pricing is very good for us, especially since we have a partnership with Cisco. The challenge is the licensing. There are competitors that offer more flexible licensing, such as daily licensing, some offer hourly, but Cisco is locked in for one, three, and five years. We don't have much flexibility, especially if we want to shift applications or shift users at any time. Hopefully, licensing becomes more flexible.

There were solutions from Fortinet. The main difference between Cisco and Fortinet is that Cisco will have more flexibility. It's just a matter of being able to put together the flexibility that we require versus what Cisco can provide at this time.

The impact of the cloud-delivered Cisco Secure Firewall on my company's security posture involves some hesitation because it's on the cloud, but we're slowly adopting certain parts of it for our cybersecurity team. We're undergoing that transition and don't have full visibility yet on how they see that as a future mode of operations versus what other companies are doing globally.

I would rate Cisco Secure Firewall an eight out of ten.

My main use cases for Cisco Secure Firewall include firewall protection and managing the ingress and egress of a fabric and cloud, involving private cloud tasks, inter-domain, and inter-tenant processes, as well as handling whatever comes in and exits the fabric.

The features from the Firewall have benefited my organization by providing more integration with the Firewall Management Center and other Cisco tools such as ACI, APEX, ISE, and several others such as PXGrid, helping to create an ecosystem of Cisco solutions.

The feature I appreciate the most about Cisco Secure Firewall is its speed, especially for a 40-gig network.

Improving Cisco Secure Firewall could involve adding more functionality on the box without needing an FMC, as some features become less effective without it. I find it hard to think of anything else to add since there are so many features now that it's challenging to use and understand them all.

I have been using Cisco Secure Firewall since it came out, which was just a year or two ago.

Regarding the stability and reliability of Cisco Secure Firewall, the only issues I encounter are with the Secure Firewalls we have in HA. Sometimes, if they are reloaded improperly, junior staff may fail to see the HA pair, requiring physical resetting of the ports to link them together. Beyond that, I have never had a problem with a Cisco Firewall, FMC, or any of their next-generation firewalls, which speaks for itself.

I would evaluate customer service and technical support for Cisco Secure Firewall as excellent, as my Cisco team for the Army has been exceptional. I don't know how you can get better, and I don't have any complaints after ten years with the same team from Cisco.

I haven't really seen ROI on Cisco Secure Firewall yet, as we are not in a business that focuses on that. We just need the security functionality.

My experience with pricing, setup costs, and licensing for Cisco Secure Firewall is pretty good. There are a lot of in-place contracts for us that provide the benefit of discounts.

Before selecting Cisco Secure Firewall, I considered other solutions such as Palo Alto. That was about it. I was mainly looking at layer seven firewalls.

When comparing Cisco Secure Firewall to Palo Alto, what stood out positively was the FMC, which you can buy as either a physical or virtual appliance, allowing for the tying of all your firewalls to it, whereas Palo Alto lacks such functionality or the availability to do deeper analysis such as snort, making it clear that Cisco Secure Firewall wasn't really a competition.

My advice for organizations considering Cisco Secure Firewall is to take advantage of Cisco's C-Pot program, where you can actually use their equipment in a practical setting. This allows for firsthand comparisons with other vendors, giving you clear insights into how everything works, making it worthwhile to get demo gear from our Cisco team to test before making any purchases.

I rate Cisco Secure Firewall a nine out of ten.

It's not perfect, as nothing truly is, however, I don't know of anything that compares to it, with Palo Alto being the closest option, though their layer seven firewalls are not as effective as those of Cisco Secure Firewall.

Regarding the use cases for the Cisco Secure Firewall, the Firepower is used in enterprise corporations, DMZ sites, perimeter security, and IPS applications.

The valuable features of the Cisco Secure Firewall include the unified console and compatibility with other solutions such as Duo Mobile with DAC and EDR. The single solution allows users to see one dashboard, and the compatibility solution provides better dashboard integration.

Areas that could be improved with the Cisco Secure Firewall include the ease of use with the product, and it needs to work better with NAC and integration.

Cisco could improve their firewall by providing better support when issues arise, such as during an attack, to help resolve problems more efficiently.

The stability of the Cisco Secure Firewall is excellent, and I find it very reliable at this moment.

Regarding the scalability of the Cisco Secure Firewall, it depends on the situation because in some cases, equipment changes are necessary when the size is very small.

Equipment changes become necessary when companies upgrade with more devices and people, as the firewall becomes insufficient for different security requirements.

The score for their support is eight.

I work only with Firepower and Palo Alto security solutions.

The initial setup for the Cisco Secure Firewall is very easy, particularly during the initial start of the equipment.

On a scale of one to ten, I would score the setup as eight.

I have experience with Cisco Secure Firewall, specifically the ASA and Firepower solutions. I work in the education and retail industry, where Palo Alto firewall is commonly used in my country. For B2B business, I use the Firepower solution as a Cisco partner.

We use Network Access Control with NAC, and we use Duo for solutions with easy integration. We also implement attack protection.

I would rate this solution as ten out of ten.