It is best suited for larger companies with lots of remote workers that need complex access management. We've barely scratched the surface on what Appgate can do via its API.
When it comes to security on the edge of your network (downstream) Cisco's IOS security features provide pretty much everything you need when it comes to securing your network, network devices, and access. I would absolutely recommend Cisco switches due to many reasons, but a big reason is security.
Live logging in the client. Currently you have to "download" the logs into a zip file and then open that zipfile to look at the logs. There's no logfile to tail or watch.
Load balancing between controllers could be better. Currently relies on round robin DNS and sometimes a browser will pick a different IP than previous and you'll get a big "LOST CONNECTION TO CONTROLLER" message.
Cisco could provide an initial set up script for those are not used to the CLI (Command Line Interface). With that initial script, people could easily deploy the security features instead of having to learn how to use the commands.
The web interface that Cisco provides with the routers, although it’s useful to set up the security features, it could also have some sort of tutorials to help people understand the main concepts of iOS security.
You have to license iOS security separately from the main OS. For that reason, sometimes it tends to be a little expensive if you have a small business.
The company has been supportive overall of our needs and desired features. I have not personally called the support services, but I've heard no direct complaints either.
Cisco has the best Support team that gives us 24/7 support as we need. Cisco has huge detailed documentation for design, implementation, and troubleshooting all areas of the IOS security. There are many communities discussing all Cisco devices and solutions for studying groups and for customers to share their stories, technical problem and solutions.
The existing system was FortiGate. The management of the system was a hassle. Because IT personnel had to manually create VPN accounts, user passwords were known to who created them and the end user did not have a way to change them. This created a security issue in the event an IT engineer left the company.
I also like HP Procurve. It is my choice when the customer cannot afford Cisco. Cisco is better all round but HP is the only other [product] I will use if I have a choice.
Cisco iOS security helped our business deploy a relatively safe solution for a small amount of money.
If you don’t have enough budget to invest in a robust and expensive firewall solution, you can safely use Cisco iOS security to protect your branch or remote office without compromise your network.
Because Cisco iOS security uses a simple command-line based interface, you can deploy standardized scripts and keep the operational costs low.
