Cisco Secure Firewall delivers comprehensive threat protection for modern, distributed networks. Built to support hybrid workforces and multicloud environments, it enables Zero Trust access, application visibility, and secure remote connectivity. With integration across the Cisco Secure portfolio, including SecureX and Talos threat intelligence, the firewall powers organizations to detect and stop more sophisticated threats. Centralized management simplifies policy enforcement, orchestration,…
N/A
Trellix Network Security
Score 8.6 out of 10
Enterprise companies (1,001+ employees)
Trellix Network Security (formerly FireEye Network Security and Forensics products) combines network traffic analysis and network forensics for attack analysis .
This security solution is well-suited for a complex environment that requires a scalable and secure solution with granular control. It is also recommended that it be implemented with other Cisco security solutions. Requirements are Security-First. It is less appropriate in a small business scenario where advanced configurations are not required. It should be well-trained on this solution.
It’s a dedicated Network Advanced Threat Detection and Prevention solution. Easy maintenance and low operating costs fit perfectly for SMEs. Variety of appliance selection makes NX the perfect choice for large enterprises. As it’s a dedicated solution with its own appliance, price is higher compared to NGTP add on solutions. FireEye is an ecosystem therefore when you’ve the EX or HX vice versa, you should be looking to NX. Otherwise, you’re missing the threat intel exchange on the network side reverse is the true. Sizing is important before the purchase, if you select a low end model for a busy network you lose your initial investment. For multiple NX deployments I highly recommend CMS. Without CMS you’ll lose the threat intel exchange and this will negatively reduce the risk scores.
It's good at segregating networks and ensuring that you only give the access that you need to give. Especially with medical devices, you want to only give the access that they need and keep them in their own separate areas so that they can't just communicate with the rest of the network. It's also good at the border for keeping attackers out of the network.
I wish that the deployment of the updates to the sensors from the FMC was faster.
Cisco ASA firewall did a great job of authentication and authorization on the local firewall. FTD does not authorize users well in terms that an AAA must be setup to provide the granular tools that the ASA did.
Cisco's method of licensing the firewall can be improved. The FMC and the FTD are licensed through the Cisco software manager and there are instances where the devices are licensed but the firewall still displays and error due to licensing.
It works really well. We can do most anything we want or need to with it, and you don’t have to have a doctorate or multiple certs to necessarily figure it out. The thing that would probably have to happen to make us switch would be if we just got priced out - Cisco’s more powerful and higher bandwidth models cost a pretty penny.
i think overall after ALOT of tac cases it works allright now. But still have alot of issues if you use cloud based mangement. fx, if you open 2 windows of access policys, both of the pages, rules starte to jump form side to side. if you then open one more list, its start to jump even faster. if you close the 2 of them, its back to normal. ALSO the extended access lists for VPN, SUCKS. Its the tiniest window when opening the editor, and you are not able to give the rules names, Which means finding and editing rules SUCKS, its a horrible experience, and eveytime we have to we want to yell :P
would rate Cisco Secure Firewall’s availability a 9 out of 10. In our production environments at Rackspace, the platform has been consistently reliable. We’ve deployed it in high-availability pairs, and failover works as expected with minimal disruption. Over the past several quarters, we’ve had no major unplanned outages directly attributable to the firewall itself. The software has been stable
Firewall support is professional just like any other technology Cisco sells. From answering simple questions to bringing out outages affecting a large population of our workforce, Cisco support is always courteous, professional, and communicates with our team to keep our request on their radar. Some of the brightest people I've met are from Cisco support both in IQ and EQ which shows the talent Cisco is able to onboard to their team.
was a good training but questions was answered not so good. Training was "Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPF)".
Our initial implementation was aided by Cisco's professional services and was excellent. The engineer was very knowledgeable and helped us work through issues while building out our new internet security edge Part of this involved tools to migrate the firewall configuration from old to new.
Cisco Secure Firewall works better with the Cisco ecosystem when we can utilize it and feels beefy enough when we utilize it in the data center. The Fortinet we have found are great, small cost boxes for remote offices with a better UI then Cisco Secure Firewalls. The feature set included with the firewalls feels similar from a security point of view.
FireEye NX is a solid product. It gives you sustainable security throughout the organization. NX detection engines are more capable compared to others. Its catch rate is higher, FP rate is lower, [and] speed is awesome. NX can work for highly regulated environments with 1 way solution. Operation costs are much lower. Software quality is very good. It may have bugs, but these bugs do not compromise the security in general. SOC team loves the FireEye NX for its pinpoint detection capabilities. Local and partner support is exceptional.
Positive impact. Cisco is a big player in IT environment. It is future stuff, everything, what you learn today, maybe something can be tomorrow. And yes, it's quite important to learn the new stuff every day. And yes, that's it. Yes, I'm happy with Cisco.
As [a] financial company on the digital markets, we need to be safeguard for 0days and targeted attacks. FireEye NX provides the best updated protection with its enhanced capabilities.
Security score based on detection/prevention metrics [is] very high ensuring the highest level of security.
APTs in our region successfully detected and mitigated by the NX.
For the ROI, in a six month period FireEye is paying off its [investment].
One negative thing, especially with increasing network bandwidths, [is that] you need to make [the] investment every two or three years.
