Cisco Firepower 2100 Series vs. CrowdSec

The Cisco [Firepower] 2100 [Series] is an easy sell for anyone looking. You already know Cisco excels in the security department, but now that firepower lives right on the box and inline with the rest of the firewall data flow you can save yourself a lot of time and headaches. Unless you cant quite afford Cisco's 2100 line, there's not much reason to go with the competition.

Incentivized

Since I've only used CrowdSec in a homelab/small-medium sized business setup, that's really the only market I can safely recommend it and say it's well suited for, because I don't know how much it would cost to run it in an enterprise environment. I've heard some pricing and how they plan on rolling out a subscription model, but it's still in talks. Either way, if you have publicly exposed web applications hosted locally or on a virtual private server, then CrowdSec should be part of every virtual machine and/or network. Even with the lmited number of filter you get out of the free subscription, it provides a nice layer of constantly updated data,

Incentivized

• For us, to power the whole system does scaling quite a bit. So we can definitely have a lot of room to grow if needed. The device can support a lot of way more than we need right now, but in the future, if we need more it seems to be a big pro of that. Also the support of Cisco, knowing that it's backed by Cisco definitely is good. You guys are the largest players in the market

Incentivized

• Provides great integrations with tools you already use, such as fail2ban, Cloudflare, WordPress, NGINX, Linux Firewalls, etc.
• Lightweight agents can run on individual servers and report to a main security engine so that if there's an attack on one server and a block is implemented, the entire network can be protected
• There are a lot of ways to receive alerts and store logs
• CrowdSec Central API is a nice way to manage everything externally

Incentivized

• Cisco patches bugs quickly but patches are slow to install and reboot
• Smart licensing is getting better but still can be troublesome
• Some weird visual interface glitches that require clicking the same options a few extra times

Incentivized

• Getting CrowdSec to run on OPNsense can be a challenge, but that's also a limitation of the OS
• You can only subscribe to a couple of feeds before paying an unknown amount of money that's part of their "Enterprise" package. So, there could be better transparency.

Incentivized

• It's keeping threats out like a firewall should. Definitely cost wise it is at a higher cost center than other alternatives. Especially when it comes to licensing. Cisco is generally the higher, for perhaps, definitely for good reason, right? I mean, definitely positive impact as far as working as it should that's at cost.

Incentivized

• It flat-out blocks malicious IPs from accessing any PC on my network.
• It's free-tier makes this a no brainer to implement

Incentivized