Likelihood to Recommend Cisco ASA's are great for internal network connected access between a firewall and the central management server. And, for complex networks where high security requirements with overly strict compliance are necessary. For networks with limited connectivity to the core or for poor network connectivity these are not the best solution. There are other more stand-alone firewall's that do this better. These firewall's are a little more complex to set up to start with so significant knowledge of these devices is required to set them up and ensure they are best practice installed.
Read full review Sometimes it is really hard to handle. There are so many bugs especially when it comes to ACL or HA creation. Sometimes the Cisco Secure Firewall just needs a restart in order to work but that shouldn't be like that in our environment the Cisco Secure Firewall is the heart of the network and if the Cisco Secure Firewall is down the whole branch is down, for that we need a more reliable product.
Read full review Pros ASA is our VPN concentrator. The client and server are very stable and very easy to use ASA also offers Intrusion Prevention, to an extent. This is also very useful for an improved security posture for a small company ASA allowed us to scale very quickly. We could onboard clients, partners, and consultants and give them a great onboarding experience as well Administrative costs with ASA are low. It's very easy to administer. Read full review How the firewall works well is normally the firewall is protecting the secure network for the internal network to prevent the attack from external network. normally for the ISP customer, we usually filter the firewall polices only for the server farm, server farm because normally in ISP is the customer doesn't want to be filtered. So only for the server farm, they need the firewall for the enterprise like banking and for the DDoS attack, like the malware attack, something like that. And then sometimes it's some customer in ISPalso, they got the many DDoS attack and then they are using the public ip. When there are using the public ip, they need to protect their ip. So they need to use the firewall. So the firewall is essentially needed. many attackers and many, many things, terrible things have been to the network which has large impact.. Read full review Cons The ASDM software is at times a nightmare to install because of different java versions[.] [The firewall] could do with a power button, just to be able to do a hard reboot when needed[.] It would be nice to manage the firewall via the web on port 443[.] Read full review The UI in Cisco Firepower formerly Sourcefire) is complicated and entirely redundant. A lot of these features are not useful, and therefore, it can be removed from the main window. The interface is very slow, with each operation taking a lot of time. Searching through the logs takes too much time. Read full review Likelihood to Renew To be honest there has been now great products out in the market compared to Cisco ASA. I beleieve Cisco has to do a lot of improvement in this area. The other defeiniete factors is the cost when it comes to renewals which is always a premium on Cisco products
Read full review It works really well. We can do most anything we want or need to with it, and you don’t have to have a doctorate or multiple certs to necessarily figure it out. The thing that would probably have to happen to make us switch would be if we just got priced out - Cisco’s more powerful and higher bandwidth models cost a pretty penny.
Read full review Usability Solution is highly effective, offers a lot of features with constant improvements and additions of new features over time. It's relatively easy to get familiar with the system, especially if transitioning from adaptive security appliances. If this is not the case, as for learnability there's a learning curve but once learned it is relatively easy to remember the details about the system even after a period of non-use
Read full review Reliability and Availability I generally have not noticed the outages, however since it's a machine it can malfunction, we need to implement the firewall infrastructure in such a way that it is highly available with device failure, region failure etc. Else any solution will be having the issues if they are not build with resiliency.
Read full review We have had really good success with Cisco Secure Firewall when it comes to availability. Even when we’ve had temporary issues with one appliance or the other, or with the Firewall Management Center, it has stayed up and defended our network diligently. We even had an issue where the licensing got disabled for multiple days, and it kept spinning like a top
Read full review Support Rating The support is usually very good and gets back to you very quickly. However I had some instances of when two engineers will give me wildly different answers to what I thought was a simple question. Overall however I do rate the support highly and they are generally always very good.
Read full review Customer service has been great. TAC has been mostly able to identify and fix problems that we may have and have been very responsive. If for some reason something isn't fixed right away, they have been adamant on staying with us and working the issues out before things get escalated up the chain.
Read full review Implementation Rating It was quite a good one, how ever requires an expertise to deploy hence the SMB segment would be finding it difficult to implement this product. The one good reason is that there are lot of ASA certified engineers in compared to the other certified engineers. Hence this resembles positively on the deployment as you have quite a lot of experienced engineer on your deployment
Read full review In the beginning transition from Adaptive Security Appliance to Cisco Secure Firewall did not look like the best choice. Solution was new, there were a lot of bugs and unsupported features and the actual execution in the form of configuration via Firepower Management Center was extremely slow. Compare configuring a feature via CLI on ASA in a manner of seconds (copy/paste) to deployment via FMC to Secure Firewall which took approx. 10 mins (no exaggeration). Today, situation is a bit different, overall solution looks much more stable and faster then it was but there's still room for improvement.
Read full review Alternatives Considered We were using [
pfSense ] before in our environment but we regularly facing difficulties over it due to software bugs & downtime. After implementing Cisco ASA, it resolved our availability issue & provides us a reliable solution with the best security features & easy to understand GUI.
Read full review We use the FMC as a virtual machine, it combines administration, monitoring and can be used perfectly for error analysis. There are restrictions due to administration without the FMC, so we decided on the FMC as the central administration.
Read full review Return on Investment Most network engineers have worked with ASA, so there is no need for re-training when adding or turning over staff Current configs from older devices plug in easily, and are operational on larger devices if an upgrade is required Many support options available Read full review Cisco Secure Firewall has provided a single management interface for all of our devices. We have had issues implementing 1010 in HA where a site was using a dynamic IP previously. Lack of DHCP options has slowed deployment to our smaller sites. Read full review ScreenShots