The Cisco Firepower® 1000 Series for small to medium-size businesses and branch offices is a family of four threat-focused Next-Generation Firewall (NGFW) security platforms designed to deliver business resiliency through superior threat defense. The vendor provides that they offers exceptional sustained performance when advanced threat functions are enabled. The 1000 Series’ throughput range addresses use cases from the small office, home office, remote branch office to the Internet edge. The…
N/A
Cisco Firepower 2100 Series
Score 7.5 out of 10
N/A
Cisco offers the Firepower 2100 Series NGFW, designed to allow businesses to gain resiliency through superior security with sustained performance. The Firepower 2100 Series has a dual multicore CPU architecture that optimizes firewall, cryptographic, and threat inspection functions simultaneously, to achieve security doesn’t come at the expense of network performance.
We use both devices for different purposes. Both have their benefits, which we try to bring to best use in our environment. This makes it hard to compare them. All I can say for sure is, that they work quite well as a team, each leveling out the others flaws.
The Cisco Firepower 1140 hit the sweet spot between performance and price. Also, I am more familiar with Cisco products so I wanted to stay on that side. We looked at the Firepower 2110, but thought the 1140 was a better fit for our needs.
In the days of purchase of Cisco Firepower 2100 series it was new platform and Cisco aimed their sailsmains to force selling this platfrom. It was one of the first platform with FXOS with full support of ASA images. It was cheper then 4k series and would be better than ASA …
Features
Cisco Firepower 1000 Series
Cisco Firepower 2100 Series
Firewall
Comparison of Firewall features of Product A and Product B
Cisco Firepower 1000 Series
8.3
33 Ratings
4% below category average
Cisco Firepower 2100 Series
8.5
2 Ratings
2% below category average
Identification Technologies
8.031 Ratings
9.02 Ratings
Visualization Tools
7.230 Ratings
6.01 Ratings
Content Inspection
8.330 Ratings
9.02 Ratings
Policy-based Controls
8.733 Ratings
9.02 Ratings
Active Directory and LDAP
8.429 Ratings
9.02 Ratings
Firewall Management Console
7.232 Ratings
8.02 Ratings
Reporting and Logging
8.333 Ratings
9.02 Ratings
VPN
9.128 Ratings
10.02 Ratings
High Availability
9.232 Ratings
10.02 Ratings
Stateful Inspection
8.828 Ratings
10.02 Ratings
Proxy Server
00 Ratings
5.02 Ratings
Best Alternatives
Cisco Firepower 1000 Series
Cisco Firepower 2100 Series
Small Businesses
pfSense
Score 8.8 out of 10
pfSense
Score 8.8 out of 10
Medium-sized Companies
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Enterprises
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
Score 9.1 out of 10
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
I think it is well suited for smaller companies or (as in our case) extension to a central system with higher performance. My personal guess is, that it can be quite annoying with those delays in bigger environments, when 20 or more devices needed to be managed. From the point of security, support and updates it works quite good and seem to have no downsides.
The Cisco [Firepower] 2100 [Series] is an easy sell for anyone looking. You already know Cisco excels in the security department, but now that firepower lives right on the box and inline with the rest of the firewall data flow you can save yourself a lot of time and headaches. Unless you cant quite afford Cisco's 2100 line, there's not much reason to go with the competition.
My organization is all Cisco and wants to stay in the Cisco life cycle, Firepower 1000 series is great for small to medium-size office.
Very robust enterprise-grade security solution with updated threat features to handle any current and upcoming threats. The solution is backed by Cisco to ensure constant security updates. Integrated AnyConnect remote client VPN is a big plus to allow for secure remote workers access. Easier to set up a site to site VPN due to the large user base and case studies published on integrating to other manufacturer solutions.
Career-wise very familiar with the ASAs, you know, the previous gen firewalls, Pyxis, ASAs, the CHA. As far as being intuitive, those seem to be far more intuitive to learn and figure out what the features and changes and config management, all that stuff is. With Firepower, it's a learning curve and I feel like I have quite a bit of experience with it, and so does my team, but feels like it's not as intuitive, and trying to make changes just always seems harder for some reason. We've gone to some Cisco security training and all that, but even then it's just harder to work with. The other big thing is, and this is a big gripe of mine, I suppose, that on any other firewall, when we have various different manufacturers, if you make a change, you know, a simple change object, object name gets changed or object is deleted or whatever the simplest of change is, it gets implemented instantly.
With the Firepower system, you have to deploy the change and it'll take about six or seven minutes for the change to actually take, which is insanely different than any other platform where that change is instantaneous. So let's say if I'm making seven different changes for a troubleshooting job I don't know which one of the seven is gonna fix it, I do one by one by one. I'm like, oh, let me try one change, one second, change, third change, four changes. It's going to take seven deploys. And seven deploys mean it's gonna take an hour of just deploy time. So that is a big, big gripe
It is quite good, robust and reliable but not always so easy to manage and configure. The tools could be improved and the price is not low for an entry level firewall
Firepowers are secure, reliable, central management and configuration is easy and they fit in well with our existing Cisco infrastructure. Good feature set and support. Good management and control with chassis manager and central control with additional Firepower Management Centre.
There are three main problems with this platform: - short EoL time - it is really missery because this platform was overrated from cisco sales and after shor time they accepted on EoL - sometimes problems with upgrades paths, because of strange behaviour between FXOS and ASA image on the top of it - not good performance when comparing to newer 1k platform
Great performance even on the lower end model of the series. You can push a lot of traffic through these devices without much performance impact. If you decide you want to inspect encrypted traffic however, you may take a big hit on the cpu and memory of the box, but they still manage to keep up even with all the bells and whistles turned on.
I have had troubles with Firepower Management Center and the FTD's in the past. Sticking to a Gold Star image and upgrading when the "bugs" are fixed is great. That still doesn't mean you are left vulnerable though. The extra features are just not enabled yet. Great product and calling support is readily available for any issue.
Cisco Meraki MX is much more simple to configure it if you compare to Cisco Firepower 1000, but it is more limited to pur some complex configurations. The Cisco Firepower 1000 Series is typically deployed as a physical appliance, while the Meraki MX can be deployed as a physical or virtual appliance.The Firepower 1000 Series has a more complex user interface, with a steeper learning curve, but offers more customization and configuration options. The Meraki MX has a simpler, more intuitive interface,
In the days of purchase of Cisco Firepower 2100 series it was new platform and Cisco aimed their sailsmains to force selling this platfrom. It was one of the first platform with FXOS with full support of ASA images. It was cheper then 4k series and would be better than ASA 5500-x series (but regarding all problems with upgrades and EoL , it is not).
It took several attempts with Cisco engineers to configure the device; it requires a deep set of knowledge to set up in a more complicated environment.
This will allow us to move forward with a more stable and configurable environment with security available we didn't have before.
