Used by my company but not sure how it stacks up to others
What do you like best about the product?
I do not have virus threats so I guess it is working as it should
What do you dislike about the product?
Not sure if I have an answer for this as I do not have much to compare it to.
What problems is the product solving and how is that benefiting you?
Working in mental health, documents are susceptible to threats. It keeps PHI safe
Provides great security for our applications
What is our primary use case?
We use them for site-to-site VPN solutions as well as other VPN activities, and for general application security.
We needed a good VPN solution and, as our network grew, we had more applications that were virtualized and that can be spun up. We needed a solution that would keep us ahead.
How has it helped my organization?
Cisco ASA provides great security for our applications.
What is most valuable?
One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI. When I first started learning firewalls, Cisco was the first one that was taught to me and it was pretty easy to grasp. When I'm teaching other engineers to use Cisco ASAs, the results of their learning are immediate.
What needs improvement?
It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection.
Also, the ASAs need to be improved a little bit to keep up with the demand for high bandwidth and session count applications.
For how long have I used the solution?
I've been using Cisco ASAs for about 11 years.
What do I think about the stability of the solution?
It's reliable. It doesn't have all the features of some of the newer firewalls, but it's very reliable. It doesn't break. It's pretty rock-solid.
What do I think about the scalability of the solution?
We have at least a pair in every one of our data centers. We gateway our applications around the firewall system, meaning all application data goes through firewalls.
How are customer service and support?
We have good support from Cisco for the ASAs. That helps us out a lot. Some of our ASAs are pretty old and technically not supported anymore, but TAC always helps us out.
How was the initial setup?
The initial one, for me, was a little bit complex because I hadn't done it before. It was inline and an active/standby pair, so it involved a little bit more than just deploying one firewall.
We had some documentation written and we tested it in the lab and then the deployment took about four hours.
We deployed it alongside different solutions and then we cut over to it when it wouldn't impact the customers.
The maintenance involves doing code upgrades periodically to keep up with the security environment requirements. One person handles that.
What about the implementation team?
We deployed with a consultant from Cisco support. Our experience with them was good. They provided a lot of documentation ahead of time to help us with our configuration.
From our side there were two people involved. One was doing the configuration and the other person was checking to make sure there were no errors, looking at IPs and the like.
What's my experience with pricing, setup cost, and licensing?
The licensing is straightforward and simple, so we don't have to keep relicensing every year as we do with other applications.
Which other solutions did I evaluate?
A performant NGFW firewall
What do you like best about the product?
GUI is new and user-friendly. SSL VPN is straightforward with wizard and can satisfy many vpn needs of users seen that it is based on ANYCONNECT. Clsuter configuration is solid. prefilter rules concept is nice also.
What do you dislike about the product?
HIT counters are not compliant. FDM is very weak with limited configuration options. CLI console are complicated with many embedded consoles. Software is not stable; many upgrades are needed yet.
What problems is the product solving and how is that benefiting you?
EAST-WEST traffic segmentation, NORTH-SOUTH traffic filtering, Layer 7 inspections needs, network attacks detection, remote working solution, increasing performance by accelerating traffic analysis.
Recommendations to others considering the product:
a firewall that works like ASA
Best protection for the network at the application layer.
What do you like best about the product?
The threat intelligence of the tool , signatures are upto the mark and the tool configuration to identify the threats is unique.
What do you dislike about the product?
There are no negative comments for the tool as of now.
What problems is the product solving and how is that benefiting you?
With Firepower we can protect many unfiltered network threats.
Cisco Firepower NGFW Virtual
What do you like best about the product?
Behave just like our equivalent physical on-site appliances which made it easy to migrate services from our onsite datacentres to Azure cloud. Able to manage physical and virtual appliances from the same management center.
What do you dislike about the product?
Haven't had any issues yet, so far these behave as expected based on our physical onsite appliances. Firepower Management Center in Azure doesn't support cross region HA configuration.
What problems is the product solving and how is that benefiting you?
Behave just like our equivalent physical on-site appliances which made it easy to migrate services from our onsite datacentres to Azure cloud. Able to manage physical and virtual appliances from the same management center.
Best Virtual Firewall for Cloud
What do you like best about the product?
Its very easy to manage and configure, the best security updates from Cisco umbrella.
Cisco has the awesome customer support as well.
What do you dislike about the product?
Nothing to dislike about Cisco products, they are the best in data centers and now they are in cloud
What problems is the product solving and how is that benefiting you?
Geo IP based blocking is something we needed for our remote access solution.
Its amazing to see how it blocks the DDoS natively.
Recommendations to others considering the product:
Overall it is the most suitable product for our environment. Its delivers what is says.
CISCO NGFW
What do you like best about the product?
What best about the Cisco ASA line is that it is not just a router or a switch, it is an excellent firewall for your network, very efficient and more secure even than the well-known IP tables because it is a device fully developed for this purpose it becomes more efficient and secure than a server with several services and any firewall.
What do you dislike about the product?
Nothing else but License is terribly expensive of cisco NGFW.
What problems is the product solving and how is that benefiting you?
Configuration by console or ASDM client very stable. The client option presents many practical options to implement and improve in the network
Recommendations to others considering the product:
Designed as an important component of the Cisco Self-Defending Network, the Cisco ASA 5510 provides proactive threat protection that stops attacks before it spreads to the network, controls network activity and application traffic, and provides flexible VPN connectivity.
Cisco NGFW
What do you like best about the product?
it is quickly available in US market and the supoort of Cisco team is something I liked the most.
What do you dislike about the product?
this device doesn't give complete visibility. we need to have separate firepower module to understand Layer 7. both have different management.
What problems is the product solving and how is that benefiting you?
device which is quickly available and provide basic level of security.
CISCO NGF
What do you like best about the product?
Next generation firewall provide so many things in same firewall like we can do web filter, provide advance threat and malware protection, allowing policy to be create on the basis if application & not only limited to IP AND PORT.
What do you dislike about the product?
Nothing else it is very easy to config and maintain .
What problems is the product solving and how is that benefiting you?
In next generation firewall we can do so many things in one and same firewall.like It provide URL filter, web filter, we can create rules and policy as per our requirement.
Recommendations to others considering the product:
IT is very easy to configure we can do so many things on one firewall
Cisco Firewalls - General
What do you like best about the product?
Scalable and reliable for the enterprise
What do you dislike about the product?
Cost is high and features are not very agile
What problems is the product solving and how is that benefiting you?
Perimeter security is a good benefit
