Cisco Secure Firewall (formerly Cisco Firepower NGFW) is a firewall product that integrates with other Cisco security offerings. It provides Advanced Malware protection, including sandboxing environments and DDoS mitigation. Cisco also offers a Next Generation Intrusion Prevention System, which provides security across cloud environments using techniques like internal network segmentation. The firewall can be managed locally, remotely, and via the cloud. The product is scalable to the scope of…
N/A
Cisco Umbrella
Score 8.7 out of 10
N/A
Cisco now offers OpenDNS Umbrella Web Filtering. Cisco acquired OpenDNS in August 2015, and rebranded the product as Cisco Umbrella.
We found that Cisco compares very favorably to the Palo Alto firewalls, especially with their latest release in the Secure Firewall line. The performance has been phenomenal compared to the earlier Firepower models, which was one of the few advantages I felt Palo Alto still …
Cisco Secure Firewall aka Firepower has a more visibility than the ASA, specially with use of FMC. The Secure Firewall also adds a lot of security features, with IPS, IDS, AVC, Security Intelligence, Identity Mapping and so on.
If you are already using [a] Cisco product like the Cisco ASA Series and you need more security on layer 7 then you can upgrade with firepower. This is well suited for middle and big organizations. If your company deals with credit card information then you should buy this firewall. It provides you all the features to stop any type of advanced attack on your organization
Well suited to networks that include Active directory, as you can hook it into the directory to allow you to target specific users and computers. Not particularly well suited to personal users due to the price point, and also not well suited to organisations with disorganised IT, since the system can be bypassed simply by changing the DNS server of the device. You need a dedicated IT department to ensure these sorts of settings are locked down
Cisco Firepower NGFW (formerly Sourcefire) shows a very detailed report of traffic that it finds as malicious. From Capturing Pcaps to generating analytics corresponding to an incident it makes it very easy for us analysts to decide the next steps.
Cisco Firepower NGFW (formerly Sourcefire) has search functionality that allows us to go very specific while on the managing window, unlike Palo Alto Panorama.
Umbrella Virtual Appliances have been buggy in resolving local domain hosts.
Integration between other Cisco and Meraki products is complicated.
Reporting is not always accurate; for example, if you configure a Meraki access point to use an Umbrella Virtual Appliance, you lose device reporting. All reporting shows up under the AP's IP.
There are other vendors on the market with highly complimented solutions and based on the feedback received by fellow engineers using them in production in their organizations it sounds like something worth paying attention to. Proof of concept and feature comparison with Cisco Secure Firewall will would be the next potential step. Overall, the user experience with ease of management of solutions might be the key here.
First off I never give anything a "10" unless it's perfect. LOL - I grade on the curve. I think OpenDNS/Umbrella is a very good product. I think that fact that Cisco absorbed them is one of the proofs of that. I have used the product back when it was free for companies our size. I have not always appreciated the cost - but in the post pandemic cyber chaos, I believe the cost benefit ratio is still very high. I have honestly not looked at other products because Umbrella continues to work to my satisfaction. I consider Umbrella to be one of the key layers in my cyber security strategy.
Solution is highly effective, offers a lot of features with constant improvements and additions of new features over time. It's relatively easy to get familiar with the system, especially if transitioning from adaptive security appliances. If this is not the case, as for learnability there's a learning curve but once learned it is relatively easy to remember the details about the system even after a period of non-use
Better features and easy to manage system with great customer support and overall usability is great as it works for hybrid environment with ease as it is having features for on prem users as wells as cloud users with great customer support and great team of trained engineers to support our opeartions.
As for the availability, in general we did not experience any issues with it, neither in situations where there's only one physical device implemented nor when there's and High Availability pair. Failover works like a charm, no complaints here, it works as it should and so far it has been highly reliable.
Cisco Umbrella's availability was great, they got back to me in less than an hour to get my problem solved.
We needed to get our Meraki AP's hooked up to Cisco Umbrella to monitor that specific traffic and they got back to me promptly, they guided me and explained every question I had.
Customer service has been great. TAC has been mostly able to identify and fix problems that we may have and have been very responsive. If for some reason something isn't fixed right away, they have been adamant on staying with us and working the issues out before things get escalated up the chain.
We have not had a chance to use Cisco support frequently, but when we needed to troubleshoot some issues that we were having with the agent installation, the support was very responsive and the solution that they offered worked. The only reason I give it one less point is that the turnaround time for non-critical issues is very long.
In the beginning transition from Adaptive Security Appliance to Cisco Secure Firewall did not look like the best choice. Solution was new, there were a lot of bugs and unsupported features and the actual execution in the form of configuration via Firepower Management Center was extremely slow. Compare configuring a feature via CLI on ASA in a manner of seconds (copy/paste) to deployment via FMC to Secure Firewall which took approx. 10 mins (no exaggeration). Today, situation is a bit different, overall solution looks much more stable and faster then it was but there's still room for improvement.
The implementation just required us a bit of study because there are a lot of options and configurations available. I believe that the interface could be a bit better, but it works fine. We did an initial setup and only need to do changes when a new demand appears. Other than that, we just keep it running.
We've selected the Cisco Secure firewall as there is full Layer 7 functionality. You get more features out of the box so to speak with full application visibility and control, Intrusion Prevention, SI (Security Intelligence), Adavanced Malware Protection and a whole host of other feature. Although some of these are available in Meraki, the Cisco Secure Firewall goes into the next level.
We used a product before this called iPrism by EdgeWave and also briefly tried Barracuda Web Security in the cloud. We were having such a large influx of service desk calls about proxy-based layer 7 web filters that we wanted to step back and pick something more at the DNS level, to protect our employees but not hover over their social media use, etc. Cisco will also employ a layer 7 proxy if a site is suspicious, which does require us to push a certificate out should we want that feature. For most policies we have it enabled.
Positive ROI when the service keeps users from going to malicious websites.
We had it deployed while users were internal and external with the AnyConnect Umbrella module so our protection was both on and off the corporate network.
