Review for Cisco Secure Firewall Threat Defense Virtual
What do you like best about the product?
It is a web-based firewall where we can access remotely by accessing and configure the requests with malware defense and URL filtering.
What do you dislike about the product?
Management flatform performance can be improvised with more user-friendliness and overall stability.
What problems is the product solving and how is that benefiting you?
Below are the benefits:
1. Network visibility and easy policy implementation
2. Site-2-Site VPN
3. Threat detection
4. Scalability
5. Traffic inspection
6. State-full firewall
Top of the line Threat Defense
What do you like best about the product?
The central management features make it so easy to manage devices across platforms and locations.
What do you dislike about the product?
The only downside, I feel, is that the vast menu of powerful capabilities makes it take much more time to become a competant admin of the product.
What problems is the product solving and how is that benefiting you?
I am able to securely protect my internal network and automate with a robust IDP.
One of best world class security controls
What do you like best about the product?
The best thing about Cisco firewall threat defense is the lower deployment cost with low-cost provisioning, and efficiency in blocking malicious flows is excellent
What do you dislike about the product?
There is a need to improve encrypted traffic performance and detect more sophisticated threats with a complete line of firewall solutions, which will help in having a more secure environment.
What problems is the product solving and how is that benefiting you?
Critical features like VPN and firewall are very beneficial. It guards the system against Webapp attacks and Malware executions or dropper infections, which helps in having a secure environment for users
Enhancing Network Security in a Virtual Environment
What do you like best about the product?
"Cisco Secure Firewall Threat Defense Virtual (formerly NGFWv) provides comprehensive protection against advanced threats and malware, making it ideal for businesses with multiple branch locations or cloud-based applications. Its scalability and simplified management make it easier, while its seamless integration with other Cisco security solutions further enhances its capabilities."
What do you dislike about the product?
For smaller organizations, the cost of deploying and managing Cisco Secure Firewall Threat Defense Virtual can be high, as licensing, maintenance and support fees can quickly add up. With limited third-party integration, it also requires significant expertise to deploy and manage effectively.
What problems is the product solving and how is that benefiting you?
The NGFWv provides advanced security features such as application visibility, intrusion prevention, and threat detection, which help to protect virtualized and cloud environments against cyber threats, improving the overall security posture of an organization and reducing the risk of data breaches and other security incidents. Simplied management relieves the burden on IT staff, making it easier to maintain security controls across virtualized and cloud environments. An important thing to note is the scalability of the NGFWv, as it can be extended to all areas of an organization in large virtualized and cloud environments.
Works seamlessly and in the background.
What do you like best about the product?
Once you set it up, there aren't a ton of annoying pop ups or udpates required by staff. It works seamlessly and in the background.
What do you dislike about the product?
I did have to hire a third party IT expert to help set it up.
What problems is the product solving and how is that benefiting you?
This was part of an upgrade of our security systems that was recommended by our IT consultant. With a growing team, we needed to ensure our IT has properly secured, and this was part of that foundation.
The application layer offers the network the added security.
What do you like best about the product?
The tool's threat intelligence, signatures, and configuration for detecting risks all seem to be acceptable. Which leads to quality and security of the application.
What do you dislike about the product?
As of the right moment, the tool has received only favorable comments, it can be better in terms of the speed and smooth flow
What problems is the product solving and how is that benefiting you?
We can defend against numerous unfiltered malicious activities with Firepower.
We required geo IP-based filtering for our remote access solution.
It's incredible to see how natively it stops DDoS.
Used by my company but not sure how it stacks up to others
What do you like best about the product?
I do not have virus threats so I guess it is working as it should
What do you dislike about the product?
Not sure if I have an answer for this as I do not have much to compare it to.
What problems is the product solving and how is that benefiting you?
Working in mental health, documents are susceptible to threats. It keeps PHI safe
Provides great security for our applications
What is our primary use case?
We use them for site-to-site VPN solutions as well as other VPN activities, and for general application security.
We needed a good VPN solution and, as our network grew, we had more applications that were virtualized and that can be spun up. We needed a solution that would keep us ahead.
How has it helped my organization?
Cisco ASA provides great security for our applications.
What is most valuable?
One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI. When I first started learning firewalls, Cisco was the first one that was taught to me and it was pretty easy to grasp. When I'm teaching other engineers to use Cisco ASAs, the results of their learning are immediate.
What needs improvement?
It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection.
Also, the ASAs need to be improved a little bit to keep up with the demand for high bandwidth and session count applications.
For how long have I used the solution?
I've been using Cisco ASAs for about 11 years.
What do I think about the stability of the solution?
It's reliable. It doesn't have all the features of some of the newer firewalls, but it's very reliable. It doesn't break. It's pretty rock-solid.
What do I think about the scalability of the solution?
We have at least a pair in every one of our data centers. We gateway our applications around the firewall system, meaning all application data goes through firewalls.
How are customer service and support?
We have good support from Cisco for the ASAs. That helps us out a lot. Some of our ASAs are pretty old and technically not supported anymore, but TAC always helps us out.
How was the initial setup?
The initial one, for me, was a little bit complex because I hadn't done it before. It was inline and an active/standby pair, so it involved a little bit more than just deploying one firewall.
We had some documentation written and we tested it in the lab and then the deployment took about four hours.
We deployed it alongside different solutions and then we cut over to it when it wouldn't impact the customers.
The maintenance involves doing code upgrades periodically to keep up with the security environment requirements. One person handles that.
What about the implementation team?
We deployed with a consultant from Cisco support. Our experience with them was good. They provided a lot of documentation ahead of time to help us with our configuration.
From our side there were two people involved. One was doing the configuration and the other person was checking to make sure there were no errors, looking at IPs and the like.
What's my experience with pricing, setup cost, and licensing?
The licensing is straightforward and simple, so we don't have to keep relicensing every year as we do with other applications.
Which other solutions did I evaluate?
A performant NGFW firewall
What do you like best about the product?
GUI is new and user-friendly. SSL VPN is straightforward with wizard and can satisfy many vpn needs of users seen that it is based on ANYCONNECT. Clsuter configuration is solid. prefilter rules concept is nice also.
What do you dislike about the product?
HIT counters are not compliant. FDM is very weak with limited configuration options. CLI console are complicated with many embedded consoles. Software is not stable; many upgrades are needed yet.
What problems is the product solving and how is that benefiting you?
EAST-WEST traffic segmentation, NORTH-SOUTH traffic filtering, Layer 7 inspections needs, network attacks detection, remote working solution, increasing performance by accelerating traffic analysis.
Recommendations to others considering the product:
a firewall that works like ASA
Best protection for the network at the application layer.
What do you like best about the product?
The threat intelligence of the tool , signatures are upto the mark and the tool configuration to identify the threats is unique.
What do you dislike about the product?
There are no negative comments for the tool as of now.
What problems is the product solving and how is that benefiting you?
With Firepower we can protect many unfiltered network threats.
