Cisco Adaptive Security Appliance (ASA) software is the core OS for the ASA suite. It provides firewall functionality, as well as integration with context-specific Cisco security modules. It is scaled for enterprise-level traffic and connections.
N/A
Cisco SD-Access
Score 8.9 out of 10
N/A
Cisco's Software-Defined Access (SD-Access) provides automated end-to-end segmentation to separate user, device and application traffic without redesigning the network. Cisco SD-Access automates user access policy so organizations can make sure the right policies are established for any user or device with any application across the network.
Cisco ASA's are great for internal network connected access between a firewall and the central management server. And, for complex networks where high security requirements with overly strict compliance are necessary. For networks with limited connectivity to the core or for poor network connectivity these are not the best solution. There are other more stand-alone firewall's that do this better. These firewall's are a little more complex to set up to start with so significant knowledge of these devices is required to set them up and ensure they are best practice installed.
It's well suited in our corporate offices, where all our business users resides and where we can control all their accesses. What doesn't really fit well is when we have our branch fronts, where all the software domain access features aren't utilized to its fullest, due to the fact that customers and users don't really need to have all the security features that SDA provides.
To be honest there has been now great products out in the market compared to Cisco ASA. I beleieve Cisco has to do a lot of improvement in this area. The other defeiniete factors is the cost when it comes to renewals which is always a premium on Cisco products
It is difficult to start using the product due to its unfamiliar name and acronyms. ,The task should be accomplished in a specific order to ensure success
I generally have not noticed the outages, however since it's a machine it can malfunction, we need to implement the firewall infrastructure in such a way that it is highly available with device failure, region failure etc. Else any solution will be having the issues if they are not build with resiliency.
The support is usually very good and gets back to you very quickly. However I had some instances of when two engineers will give me wildly different answers to what I thought was a simple question. Overall however I do rate the support highly and they are generally always very good.
As far as my experience with SD-Access -I'd say things that can be improved are - better functionality with ISE, ease to understand licensing and better documentation for configuration (add-ons, etc), and licensing.
I rated the training an 8 because overall, it was well-structured, and the instructor was highly knowledgeable on the subject matter. The content was relevant, and I appreciated the clear explanations of complex topics. However, I felt that some sections were covered too quickly, making it difficult to fully absorb the information before moving on. Additionally, I would have liked more time dedicated to Q&A, as there were moments when I had questions but didn’t get the opportunity to ask them due to time constraints. Adding more interactive discussions or hands-on exercises could further enhance the learning experience and make it even more engaging
It was quite a good one, how ever requires an expertise to deploy hence the SMB segment would be finding it difficult to implement this product. The one good reason is that there are lot of ASA certified engineers in compared to the other certified engineers. Hence this resembles positively on the deployment as you have quite a lot of experienced engineer on your deployment
We were using [pfSense] before in our environment but we regularly facing difficulties over it due to software bugs & downtime. After implementing Cisco ASA, it resolved our availability issue & provides us a reliable solution with the best security features & easy to understand GUI.
Automation, pushing template-based configuration to multiple devices in one push saves time and manpower. Assurance helps trace issues related to devices, clients, and provide the troubleshoot as the best practices. Segmentation, with the use of the SGT tags, we are able to achieve segmentation and micro-segmentation securely.
