Cisco Secure Firewall delivers comprehensive threat protection for modern, distributed networks. Built to support hybrid workforces and multicloud environments, it enables Zero Trust access, application visibility, and secure remote connectivity. With integration across the Cisco Secure portfolio, including SecureX and Talos threat intelligence, the firewall powers organizations to detect and stop more sophisticated threats. Centralized management simplifies policy enforcement, orchestration,…
N/A
Cisco Umbrella
Score 8.8 out of 10
N/A
Cisco now offers OpenDNS Umbrella Web Filtering. Cisco acquired OpenDNS in August 2015, and rebranded the product as Cisco Umbrella.
The administraion interface of the Cisco secure firewall is a lot more easy to learn than the Palo Alto solution. Also, the dashboard panels offers by Cisco seems a lot more useful and details than the Palo Alto solution.
Cisco has a more seamless integration with its firewall management center compared to palo alto's panorama which tends to become out of sync with their firewalls. This can cause config differences, duplicate rules, or just the inability to deploy polices due to inconsistencies. …
We demoed a few Palo Alto firewalls as a comparison to Cisco Secure Firewall. The two are indeed similar, but for our environment, Cisco's solution won out. Palo Alto appeared to potentially be more expensive than Cisco and although it has many similar features, we found that …
Cisco Secure Firewall is not so complicated to configure, especially as a Firewall manager where your main business is to create new rules or create site to site tunnels and so on. You can easily do this on the Cisco Secure Firewall, with CheckPoint this was a bit more …
We found that Cisco compares very favorably to the Palo Alto firewalls, especially with their latest release in the Secure Firewall line. The performance has been phenomenal compared to the earlier Firepower models, which was one of the few advantages I felt Palo Alto still …
Cisco Secure Firewall aka Firepower has a more visibility than the ASA, specially with use of FMC. The Secure Firewall also adds a lot of security features, with IPS, IDS, AVC, Security Intelligence, Identity Mapping and so on.
Cisco Secure Firewall is essential for any organization that wants to secure its network and ensure that data packets are not lost during transmission. It helps structure and consistently deploy policies throughout the organization. However, the high licensing costs for the standby unit, which remains idle, may make this solution unsuitable for small, cost-sensitive organizations.
It’s very well suited. From what I’ve seen where it’s installed and tested, it’s actually very well suited in accommodation businesses because people still use VPNs or similar tools when going to hotels, but it helps keep the hotel network itself secure, so malicious actors aren’t doing something there. I’m also thinking for smaller companies—as I mentioned—they have firewalls but don’t want to use them because they’re expensive and hard to configure. So it simplifies the process, and there are smaller licenses where you can protect only access points or only specific users. The flexibility is actually quite good because you can define it for different needs, like specific licenses, add-ons, APIs, and integrations, and so on.
It's good at segregating networks and ensuring that you only give the access that you need to give. Especially with medical devices, you want to only give the access that they need and keep them in their own separate areas so that they can't just communicate with the rest of the network. It's also good at the border for keeping attackers out of the network.
So for example, we had the problem in the past. We are connecting users to our own managed data centers. We had seven locations around the world, put them with Cisco, any connect to our on-prem data center and let them out to the internet. So that's causing some high latency bad experiences with teams and so on. And with Umbrella we can directly connect the user to the cloud and to the internet so the users have a good experience with speed with latency and it's much better than back hauling the traffic to their own company and then processing them there.
I wish that the deployment of the updates to the sensors from the FMC was faster.
Cisco ASA firewall did a great job of authentication and authorization on the local firewall. FTD does not authorize users well in terms that an AAA must be setup to provide the granular tools that the ASA did.
Cisco's method of licensing the firewall can be improved. The FMC and the FTD are licensed through the Cisco software manager and there are instances where the devices are licensed but the firewall still displays and error due to licensing.
The smart search feature in Cisco Umbrella is great addition for sure which helps us to identify malicious domain just by searching the URL and there is scoring system of Cisco Umbrella which mark the URL in low, medium and high risk. Sometimes Cisco Umbrella mark well known and good domain as malicious whether sometimes they mark malicious sites/domain as low risk. So, it's something that they should focus on, I think.
The live activity search is great for checking internet activities, but the filtering options could be improved. It would be helpful if we could filter by multiple parameters at once like combining username, destination IP and time range.
It works really well. We can do most anything we want or need to with it, and you don’t have to have a doctorate or multiple certs to necessarily figure it out. The thing that would probably have to happen to make us switch would be if we just got priced out - Cisco’s more powerful and higher bandwidth models cost a pretty penny.
First off I never give anything a "10" unless it's perfect. LOL - I grade on the curve. I think OpenDNS/Umbrella is a very good product. I think that fact that Cisco absorbed them is one of the proofs of that. I have used the product back when it was free for companies our size. I have not always appreciated the cost - but in the post pandemic cyber chaos, I believe the cost benefit ratio is still very high. I have honestly not looked at other products because Umbrella continues to work to my satisfaction. I consider Umbrella to be one of the key layers in my cyber security strategy.
i think overall after ALOT of tac cases it works allright now. But still have alot of issues if you use cloud based mangement. fx, if you open 2 windows of access policys, both of the pages, rules starte to jump form side to side. if you then open one more list, its start to jump even faster. if you close the 2 of them, its back to normal. ALSO the extended access lists for VPN, SUCKS. Its the tiniest window when opening the editor, and you are not able to give the rules names, Which means finding and editing rules SUCKS, its a horrible experience, and eveytime we have to we want to yell :P
Better features and easy to manage system with great customer support and overall usability is great as it works for hybrid environment with ease as it is having features for on prem users as wells as cloud users with great customer support and great team of trained engineers to support our opeartions.
Cisco umbrella services in the cloud are always available. However, the weakness is the VM installed in the data center that are the first resolvers. If the VMs become unavailable for any reason or the vSphere goes down, then all DNS is affected
We have not had any performance issues with Cisco Secure Firewall, even with DPI and IPS enabled, we have not seen a performance hit. Emoployes have not complained about any slow network speeds that could have been attributed to the secure firewall it has always been something else within the office network.
our experience with cisco products has always been awesome and same is the case with cisco umbrella .Under umbrella cisco provides flexible and scalable software solution to use across different dept and sites . These softwares are very user friendly ,pages load quickly as these applications are designed for minimum latency and reports are also provided quickely
Firewall support is professional just like any other technology Cisco sells. From answering simple questions to bringing out outages affecting a large population of our workforce, Cisco support is always courteous, professional, and communicates with our team to keep our request on their radar. Some of the brightest people I've met are from Cisco support both in IQ and EQ which shows the talent Cisco is able to onboard to their team.
Whilst the support is good once you get through to them, it's email only and the response is slow. This is a issue, because its a core system that needs to work. We have had issues in the past where several of our companies have gone down due to Umbrella and support is nowhere to be seen. It is very difficult to know whether Umbrella is having service issues, since they do not regularly update customers on the status of their services, such as is seen by providers such as Microsoft (status.umbrella.com just seems to show up all of the time, I'm not sure it's even updated)
was a good training but questions was answered not so good. Training was "Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPF)".
Quite easy to understand training modules prepared by knowledgeable trainers. Training modules have included all the desired features of these softwares and the content delivery is very good from the respective module trainers and it explains in details the features and apart from that further training material support is also provided if needed.
Our initial implementation was aided by Cisco's professional services and was excellent. The engineer was very knowledgeable and helped us work through issues while building out our new internet security edge Part of this involved tools to migrate the firewall configuration from old to new.
At the time we were forced to move from Cloud Web Security to Cisco Umbrella, Cisco Umbrella was far from being a direct replacement. It was frustrating and difficult to migrate due to the lack of functionality. This has since been addressed, however we now have legacy rulesets that were built as bandaids that cannot be removed. Hopefully the migration to Secure Access will address this.
Cisco Secure Firewall works better with the Cisco ecosystem when we can utilize it and feels beefy enough when we utilize it in the data center. The Fortinet we have found are great, small cost boxes for remote offices with a better UI then Cisco Secure Firewalls. The feature set included with the firewalls feels similar from a security point of view.
Umbrella checked all the boxes for us (at the time) because it supported multiple domains and multiple IPs to protect (we have 20+ offices), and its configuration and policies cover a lot of different options for us. We used another product prior, and it worked well, but it didn't have all the features we needed at the time.
A solid, realistic rating most people give for Cisco Secure Firewall pricing is 7 or 8 out of 10 (because the product is strong but licensing can be a bit complex)
Cisco Secure Firewall has never given us any trouble, it has stayed up at all times, upgrading the appliance has also become much simpler. We operate the appliance in a HA pair, so 0% downtime within our organisation. During switchover while upgrading, not a single packet seems to get lost, so this has been a very valuable asset to our company.
Cisco umbrella provides fleaxible and scalable software solutions which are easy deploy across multiple departments and sites wherever needed and this softwares are very easy to use and provides the best interface along with cisco support for other devices apart from cisco infrastructure but still there is scope for improvement on the inclusion of latest features
Positive impact. Cisco is a big player in IT environment. It is future stuff, everything, what you learn today, maybe something can be tomorrow. And yes, it's quite important to learn the new stuff every day. And yes, that's it. Yes, I'm happy with Cisco.
