Cisco Secure Firewall delivers comprehensive threat protection for modern, distributed networks. Built to support hybrid workforces and multicloud environments, it enables Zero Trust access, application visibility, and secure remote connectivity. With integration across the Cisco Secure portfolio, including SecureX and Talos threat intelligence, the firewall powers organizations to detect and stop more sophisticated threats. Centralized management simplifies policy enforcement, orchestration,…
N/A
WatchGuard XTM - Discontinued Product
Score 8.0 out of 10
N/A
WatchGuard XTM is a firewall option, from WatchGuard Technologies.
Cisco Secure Firewall is essential for any organization that wants to secure its network and ensure that data packets are not lost during transmission. It helps structure and consistently deploy policies throughout the organization. However, the high licensing costs for the standby unit, which remains idle, may make this solution unsuitable for small, cost-sensitive organizations.
WatchGuard XTM comes in different models, so you can choose the model best suited for your company size. I think it works well in small as well as very large networks. I have not used this feature, but you can create a "FireCluster" to connect member devices of the same model if you need to put multiple WatchGuard XTMs in your environment. Coming from command line, it took a little adjusting to learn which screen to use to set up the different rules. Once you understand how to set up policies, it is simple to create more. New firewall administrators would appreciate the ease of creating policies, and expert administrators should find everything they need plus extra features.
It's good at segregating networks and ensuring that you only give the access that you need to give. Especially with medical devices, you want to only give the access that they need and keep them in their own separate areas so that they can't just communicate with the rest of the network. It's also good at the border for keeping attackers out of the network.
I wish that the deployment of the updates to the sensors from the FMC was faster.
Cisco ASA firewall did a great job of authentication and authorization on the local firewall. FTD does not authorize users well in terms that an AAA must be setup to provide the granular tools that the ASA did.
Cisco's method of licensing the firewall can be improved. The FMC and the FTD are licensed through the Cisco software manager and there are instances where the devices are licensed but the firewall still displays and error due to licensing.
Support can be hard to work with. While they are typically knowledgeable, there can be a language barrier. Also, most troubleshooting seems intrusive which is a problem in a production environment.
The throughput of the cheaper models leaves something to be desired.
Have had some issues running VOIP behind these, but have not been able to narrow down the issues to the phone provider or WatchGuard yet.
It works really well. We can do most anything we want or need to with it, and you don’t have to have a doctorate or multiple certs to necessarily figure it out. The thing that would probably have to happen to make us switch would be if we just got priced out - Cisco’s more powerful and higher bandwidth models cost a pretty penny.
i think overall after ALOT of tac cases it works allright now. But still have alot of issues if you use cloud based mangement. fx, if you open 2 windows of access policys, both of the pages, rules starte to jump form side to side. if you then open one more list, its start to jump even faster. if you close the 2 of them, its back to normal. ALSO the extended access lists for VPN, SUCKS. Its the tiniest window when opening the editor, and you are not able to give the rules names, Which means finding and editing rules SUCKS, its a horrible experience, and eveytime we have to we want to yell :P
We have not had any performance issues with Cisco Secure Firewall, even with DPI and IPS enabled, we have not seen a performance hit. Emoployes have not complained about any slow network speeds that could have been attributed to the secure firewall it has always been something else within the office network.
Firewall support is professional just like any other technology Cisco sells. From answering simple questions to bringing out outages affecting a large population of our workforce, Cisco support is always courteous, professional, and communicates with our team to keep our request on their radar. Some of the brightest people I've met are from Cisco support both in IQ and EQ which shows the talent Cisco is able to onboard to their team.
was a good training but questions was answered not so good. Training was "Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPF)".
Our initial implementation was aided by Cisco's professional services and was excellent. The engineer was very knowledgeable and helped us work through issues while building out our new internet security edge Part of this involved tools to migrate the firewall configuration from old to new.
Cisco Secure Firewall works better with the Cisco ecosystem when we can utilize it and feels beefy enough when we utilize it in the data center. The Fortinet we have found are great, small cost boxes for remote offices with a better UI then Cisco Secure Firewalls. The feature set included with the firewalls feels similar from a security point of view.
Again, WatchGuard is priced much lower than other vendors in its space. It may not have some of the bigger features such as Layer 7 awareness. It's more simple to manage and provides IT staff the time to work on other tasks versus time spent to create complex rule sets.
A solid, realistic rating most people give for Cisco Secure Firewall pricing is 7 or 8 out of 10 (because the product is strong but licensing can be a bit complex)
Cisco Secure Firewall has never given us any trouble, it has stayed up at all times, upgrading the appliance has also become much simpler. We operate the appliance in a HA pair, so 0% downtime within our organisation. During switchover while upgrading, not a single packet seems to get lost, so this has been a very valuable asset to our company.
Positive impact. Cisco is a big player in IT environment. It is future stuff, everything, what you learn today, maybe something can be tomorrow. And yes, it's quite important to learn the new stuff every day. And yes, that's it. Yes, I'm happy with Cisco.
