Cisco ASA 5500-X with FirePOWER Services Reviews

<a href='' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
42 Ratings
<a href='' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.3 out of 100

Do you work for this company? Learn how we help vendors

TrustRadius TRUE Badge

Overall Rating

Reviewer's Company Size

Last Updated

By Topic




Job Type


Reviews (1-16 of 16)

Companies can't remove reviews or game the system. Here's why.
May 24, 2021
Basant Gupta | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Lots of security features were missing in Cisco ASA so Cisco launched the Firepower services to add on and [Cisco ASA 5500-X with FirePOWER Services] is very good and trustworthy. The advanced malware protection and IPS is best option to protect your organization. I am using firepower services for the last 2 years and I am very happy with the services and security features.
  • Advanced malware protection is one of the best security features providing by firepower
  • Advanced IPS
  • Sandbox
  • Anti spam
  • Every time available technical support for help you
  • ASDN is not good option for configuration. It [got] stuck and crashed during the push policy
  • Very expensive as compare to other companies
if you have a good budget and you worry about deep security then you can choose this product. [Cisco ASA 5500-X with FirePOWER Services offers] lots of option like AMP and Advanced IPS which helps you to secure your organization from external threats. Anti-spam and others features also good for organization security. Sandbox is a new but very good feature for deep scanning every packet which is comping to your organization.
Cisco support is one of the best advantage. their highly experience technical support persons and SLA is really good. I [think] Cisco is [one of the best for support services.]
Read Basant Gupta's full review
May 13, 2021
Flavio Pereira | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Our ASA 5500-X with FirePOWER Services is used on our network to protect our large branch from external threats such as hackers, ransomware, malware in general and denial of service attacks. The model in question is the Cisco ASA 5545-x with layer 7 protection features, web content filter, anti-virus, anti-spam and VPN. We have two units with the ultimate goal of creating a significant protection redundancy. The appliance allows us to access servers, internal services from a VPN client with a cryptographic tunnel.
  • Complete network protection against external attacks
  • Anti-malware solution
  • Anti-spam solution with AMP
  • IPS Solution
  • Url filter solution and application control
  • Ipsec and ssl VPN
  • The appliance overloads a lot and degrades performance by enabling all ASA Firepower services.
  • Warranty service with expensive value.
It is good hardware with advanced security features known as Next Generation that can be purchased through license subscriptions. I recommend to use it in the edge scenario of the internet. It is great to offer protection to the internal network, servers, PCs, sensitive data and to offer the remote service to company users remotely from the use of an SLL VPN. It is important to measure the number of users and the speed of internet links to find the right Cisco ASA model for your scenario.
I would recommend the purchase of the Smartnet 24x7 service in the case of a unit and the Smartnet 8x5NBD in the case of only one appliance installed on site. This service is important to always have the latest firmware updates, corrective updates and especially the hardware warranty and maintenance service in case of problems. The service is done by phone or on the official Cisco website and I can say that it is very good and efficient.
Read Flavio Pereira's full review
May 24, 2021
gaurav sharma | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Cisco FirePOWER services' advanced features provide layer 7 security. Before FirePOWER services, Cisco ASA was very weak for deep-level security, and other competitors like Checkpoint and Palo Alto are fully loaded with advanced security features. As a result, Cisco launched the advanced security features services that is Cisco FirePOWER. I have been using this product for the last 2 years and all the features are really good.
  • Lots of advanced features in malware protection.
  • Improved intrusion prevention system and called this Advanced IPS.
  • DevNet sandbox
  • Web filtering
  • Anti spam
  • Anti-spoofing
  • Lots of bugs in ASDN.
  • Lots of issue with web filtering categorization.
  • Very expensive.
  • Not good in application control.
Firepower services are well suited for medium-sized and small-sized organizations that are worried about security. This product is very useful and easy to deploy in the existing network and you can easily manage this. You need to put in some extra effort and you will never face any downtime.
Iam giving this rating because of advanced malware protection and advanced IPS features. These are really good and advanced as compared to other companies like checkpoint and Palo Alto.
Read gaurav sharma's full review
May 18, 2021
Vipin Sharma | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
The Cisco ASA 5500-X with FirePOWER firewall is a fully integrated threat-focused firewall that offers application control, threat prevention, and advanced malware protection to your network as well as endpoint devices. I am handling Cisco ASA 5500-X with FirePOWER for one of my clients and I am very impressed with the features of this product. Most next-generation firewalls mainly focus on enabling application control and a few features for threat defense. Cisco ASA 5500-X with FirePOWER is an integrated and threat-focused product.
  • Advanced intrusion prevention system
  • Advanced malware protection
  • DNS threat intelligence
  • URL filtering.
  • Cloud-based sandboxing
  • NAT
  • VPN
  • High cost
  • GUI could be better.
  • Lots of issues during deployment.
  • Expensive most features require a license cost.
If you have a middle-sized organization, have a good budget, and are thinking about security, then you can go with Cisco ASA 5500-X with FirePOWER. However, the issue is that there are other companies offering the same feature with less cost. The cost of this product is very high and some advanced next generation features are also not working properly.
24/7 experienced technical support and lots of easy documentation and training are one of the main advantages of Cisco products.
Read Vipin Sharma's full review
May 13, 2021
Rajesh Singh | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Cisco ASA 5500-X with FirePOWER Services is the true next generation introduced by Cisco. It fulfills layer 7 security and lots of security features to prevent any kind of attacks in your organization. they are offering advanced malware protection, advanced intrusion prevention and content filtering. I updated my Cisco ASA 5500-X with FirePOWER in my organization.
  • Capable to provide advanced malware protection
  • Amazing technical support
  • Advanced IPS/IDS
  • Easy to deploy
  • Issues with URL filtering sometime fall in wrong category
  • Application control features not available
If you have a medium or SBS company and you want to deeply secure your infrastructure on a normal budget then you can go with Cisco ASA 5500-X with FirePOWER Services firewall.
Cisco customer support really best, they are providing 24*7 support and their SLA is the best SLA to satisfy their client.
Read Rajesh Singh's full review
May 11, 2021
Chandan Singh Rathore | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We used Cisco ASA 5500-SFR in our organization [for] the network security as Cisco is so user friendly. Cisco has the best support (as per my experience) and documentation available open on the internet. Cisco SFR provides the IPS feature to prevent the attacks. Its also reduces the attack surface by using its other technologies i.e. URL filtering etc. Creating the Site to Site /Remote VPN is so easy.
  • VPN Services
  • User Friendly CLI
  • Documentation available openly on internet
  • Cisco SFR should work on their URL filtering database as sometimes it doesn't filter the correct categorization.
  • Cisco SFR ASDM app crashes sometimes and has room for improvement.
  • Cisco has the best CLI commands and [is] easy to use, but I feel it lacks ease in their GUI.
Cisco ASA 5500 SFR is best suited for almost all types of organization as it's so user friendly. Cisco has the best support onsite/offsite. Even in case of device failure, they provide the RMA device within 24 hours unlike some other vendors who ask for many documentations before getting the RMA done. Configuration documentations are easily available on internet.
I always say this (based upon my experiences) Cisco has the best support both onsite and offsite. Cisco does the RMA of faulty device within the defined 24 hours. And their TAC support is very good as it's also available in India. Overall, I would say Cisco has the best Customer Support.
Read Chandan Singh Rathore's full review
May 29, 2021
rahul Verma | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
The main problem with Cisco ASA was not security on application level and malware attack so Cisco introduced FirePOWER Services to cover all the parameters for a secure organization. The Cisco ASA with FirePOWER Services and Advanced Malware Protection (AMP) provide a security solution that helps you to find the threats and enforce the policies before an attack takes place. We have replaced single Cisco ASA with Cisco ASA with FirePOWER Services.
  • Access Control Policy - means which traffic you want to permitted or denied in a network.
  • Advanced intrusion detection and prevention.
  • File control to secure your network.
  • Advanced Malware protection.
  • Application programming interfaces for securing your organization.
  • Good performance.
  • Support cloud features.
  • Very expensive services.
  • Cisco SFR ASDN slowness.
This service is good for those of you already using Cisco ASA and needing to implement more security and no need take more burden to deploy and configure. This is very easy to configure and easy to implement. Cisco AMP and sandboxing services are very good for find any type of attack and find virus before attack.
No one can give to support like Cisco. Cisco is one of best and top of every company for customer support. Very helpful and experienced customer support for help in every configuration and implement. Lots of training videos available for any help.
Read rahul Verma's full review
May 27, 2021
Neha Sharma | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Every client of Cisco ASA 5500 was struggling with application layer security. Cisco ASA can protect you only up to layer 4 so Cisco introduced the new service to extend the security in Cisco ASA. FirePOWER is a combination of various types of security features. I am using Cisco ASA 5500 with FirePOWER services in one of my location. With the help of FirePOWER we can organize our infrastructure at every layer.
  • Cloud-based sandboxing.
  • Advanced malware protection for network and endpoint security.
  • Web gateway.
  • Control more than 4000 application.
  • Advanced IPS.
  • Deep visibility.
  • Threat protection.
  • ASDN lagging.
  • Policy takes lots of time to apply through ASDN.
  • Web filtering issue.
  • Very expensive license.
Cisco ASA with FirePOWER is really very good product but the problem is the features are very expensive. Other companies like FortiGate are offering the same features in very low cost. If you are already using the ASA product and you don't want any other firewall but you wanna increase the security features then you can go with this service. Cisco AMP and sandboxing are really one of the best features in market.
The main advantage of Cisco products is customer support. I will give 5 stars out of 5.
Read Neha Sharma's full review
May 26, 2021
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Our Cisco ASA is an integral part of our network. It is our main firewall and responsible for all our VPN connections utilizing Cisco AnyConnect clients. In addition, we fully utilize the FirePOWER services for content filtering and malware detection managed via a VMware appliance running Linux. Although not perfect, this device has proven to be a very powerful robust piece of hardware which I would highly recommend.
  • Policy based content filtering.
  • VPN services are excellent.
  • Very robust firewall.
  • Learning curve for unfamiliar users.
  • Yearly license costs for content and malware protection.
This device fits very well in medium to large enterprise networks, the ability for active/passive failover makes it extremely reliable should you choose to purchase two units. For smaller networks, the 5500 series may be overkill with a multitude of less expensive options available. Having everything in one box and management utilizing the Cisco ASDM console is very nice.
We have had very little interaction with support on this ASA. On the few occasions we have, Cisco has been responsive and corrected the problem. As mentioned in my previous comment, we have an ongoing issue with the internet going offline and since it's a random problem Cisco hasn't been able to help yet.
Read this authenticated review
February 13, 2021
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use several Cisco ASA's with FirePOWER [Services] throughout our organization. They serve as edge firewalls that touch the internet as well as internal networks that need to be walled off from the outside. The added security of the firepower services within the ASA bring the ASA up to speed as far as next generation firewall are concerned. I use a range of sizes of ASA-5500-X models from the smaller 5506-X to the 55250-X. Depending on the type and amount of traffic that will be going through will determine which one was used. In general I would say the performance of these units is on par with the industry as long as they were sized correctly. I feel they have a done a good job at securing the networks they protect.
  • Intrusion Detection
  • Intrusion Prevention
  • Integration with AMP
  • Network Address Translations
  • Securing multiple networks
  • Performance when using FirePower services make the unit slow
  • Capacity of what the FirePower services need
  • The interface is better than ASDM but these still need ASDM and that can be a challenge to get the correct Java version loaded
  • Certain 5500-X models are different than previous versions with no switchport options
If you were looking for a internet edge firewall and wanted to add the modern day "next gen" features than I would say the [Cisco ASA 5500-X with FirePOWER Services] would do the job. The packages Cisco offers with the hardware is pretty easy to understand and you can add the right feature sets to it. If you don't need next gen functions for basic NAT/PAT then it still would be a good firewall. If you wanted it for a data center to inspect traffic going from the LAN to the Data Center it would be a good fit. If you do not size these correctly you might quickly run out of performance or capacity when using the FirePOWER Services. The smaller 5506-X with Firepower really seems to struggle when adding FirePower with it. I would say you would be less likely to use it if your organization has more than 100 devices. You would need to move up to a 5508-X, 5512-X or larger units.
Every time I have ever needed support for these devices I have had a good experience. The TAC team Cisco has in place to help with their security appliances has been excellent. The TAC engineers are normally pretty quick about getting on a support call with you to dig in with you to figure out the issue. If you have the right smartnet plans in place you can get a bad device swapped out pretty quick without too much hassle. The support updates and patches that come to the device are not bad to install and keep it up and supported isn't too taxing on my day to day workload.
Read this authenticated review
March 09, 2021
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using Cisco ASA 5500-X with FirePOWER Services--mainly the 5516-X in the active/standby modes--in our organization to build OT/process control networks. This is the perfect solution to isolate and segment your production environment from the business network.
  • Cisco ASA 5500-X with FirePOWER Services are very well suited for most environments.
  • Cisco ASA 5500-X with FirePOWER Services have a variety of networking features including NextGen, web content filtering, data analysis, high availability failover, packet inspection, context-based ACL, and other features to protect your networks.
  • It's easy to deploy and manage.
  • New models do not support switch ports.
Cisco ASA is the world’s most widely deployed, enterprise-class stateful firewall which includes Clustering & High Availability option, Intrusion Prevention & Stateful Layer 2-7 inspection, Advanced Malware Protection, URL Filtering, Network Firewall Routing and Switching, Application Visibility & Control and some other.
The Cisco Technical Assistance Center provides great support from the beginning to the end. Also, there is Cisco community support available with tons of questions and answers.
Read this authenticated review
November 17, 2020
Zakarieya Abderoef | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
The Cisco ASA firewall is being used to protect the environment from external threats and viruses. We also use it for external access to our servers i.e. port forwarding, DMZ and the guest wifi access also gets restricted via the firewall. Our users can also access our environment externally from the SSL VPN which is configured on the firewall.
  • Port Forwarding
  • Threat Control
  • DMZ
  • Remote access
  • User friendliness
  • Additional features similar to other competitor firewalls
  • Licensing cost compared to other vendor brands
The Cisco ASA firewalls is perfect for managing traffic on your network especially between your LAN and the Internet. As this is an integrated appliance, it also includes a host of other features such as advanced malware protection, application control, remote access and site to site VPN capability and much more. If you have multiple Cisco ASA firewalls, I would recommend you purchase Cisco Firepower Management Centre as it provides in-depth visibility and control over you network.
Depending on where the firewall is being deployed, I would select Cisco SmartNet support (24x7x4hours) onsite support should this be deployed within the data centre. For branch offices, you could maybe go with the Cisco SmartNet next business day support which can save a bit of costs if your business model supports this. With SmartNet, Cisco will resolve issues faster and mitigate risk
with 24 hour access to Cisco experts online or via the telephone.
Cisco firepower provides automatation for an organisations security operations to detect and stop the most advanced threats fast. It also assists in preventing attacks in using intelligence and innovative solutions.
Read Zakarieya Abderoef's full review
August 31, 2020
Zar Jerome Cajudo | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
The Cisco ASA 5500-X was used by our clients as a perimeter firewall. It addresses the problems of malware detection and potential attacks outside the organization.
  • Easy to connect remote access VPN
  • URL Filtering
  • With Cisco ASDM Dashboard
  • Upgrade paths
  • Firepower Threat Defense (FTD) platform has slow GUI
  • Firewalls require a complete refresh to transition.
It is well-suited in a work from home setup. If you have many employees working from home it can accommodate users depending on the license installed. It is less appropriate for small and medium enterprises because of the cost.
It is a good firewall for an enterprise organization.
Read Zar Jerome Cajudo's full review
April 06, 2020
Jason Lachowsky | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
While the business environment was very traditional in that most employees worked at the office and didn't need (or want) to use network resources from home, there was still a need for a firewall that was independently managed and deployed for use throughout the organization. The firewall served as the principal conduit to the internet as well as other government entities.
  • Well-regarded remote access VPN solution through AnyConnect. Your users will already likely have some familiarity with this product.
  • Reputation and category-based URL filtering enables web browsing to be tailored to your internet use policies.
  • Dashboards offer an easy way to gain visibility into the state of your network and generate relevant reports.
  • The transition from ASA (ASDM) software to the Firepower Threat Defense (FTD) software platform was awkward. Firewalls require a complete reflash to transition.
  • The FirePOWER services were originally baked-on rather than integrated into the project.
  • Java-based ASDM, which was replaced by the Firepower Threat Defense (FTD) platform, was functional but not pretty on the eyes.
Since the ASA platform is in the midst of a transition, it is best for new users. The Firepower Threat Defense (FTD) is straight-forward, helps you deploy key features easily, and is pleasing to the eye. The 5500-X line has a wide array of models that are suitably for environments both big and small. There are aspects of ASDM that are not yet available in the FTD platform, especially power-user features like a CLI. So this has left ASA junkies high and dry.
Cisco TAC support is as painful to deal with as most technical support situations. However, they do offer good online tools that prevent a phone call. When a replacement has been needed, Cisco has sent replacement equipment quickly and well within the service level agreement. Having your ducks in a row (registration, accounts) before you experience an issue can save you time.
  • Online training
Read Jason Lachowsky's full review
April 06, 2020
Dave Clark | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Cisco ASA, 5512, 5515, 5506, 5516, 5525, and 5585. Prior to that we used 5510 and 5540. We have started to use 2130 with ASA. We use them for typically hosting customer with 4- 8 networks, internet access, and a small network of VMs and storage. We supply customers with sportsbook and sports trading applications that we host in our data centres. We also use ASA on our internal site networks. We also use AnyConnect to support all our remote users and home workers. We have over 2000 site VPNs and a number of VPNs to AWS and Azure using VTI. We find these devices are easy to configure and offer very good performance and security features.
  • Remote Access with AnyConnect
  • Intuitive GUI
  • High performance
  • Well established product set with Cisco and this means good support
  • Easy to Manage and learn
  • Easy to deploy VPNs
  • GUI to be HTML5 rather than needed JAVA and ASDM
  • In relation to Firewall power, the Management console is rather lacking support.
  • Better 10 gig support
  • Cost is high compared to comparative providers of firewalls.
  • Better DNS object support / there are a number of shortfalls
  • Layer 4-7 firewall features
  • Better threat defense options
Cisco ASA 5500-X with FirePOWER is well suited for sites that will be using VPN and RAS. It is quick to set up and deploy and has good support from Cisco and the community at large. There is a product that meets any size of network.
Support is world-class but is very expensive compared to its competitors. Community support is very good with many people using ASA already.
Some features are hard to set up or hard to find.
Read Dave Clark's full review
March 24, 2020
Wouter Hindriks | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use the Cisco ASA 5500-X both in our data centers and on our ~300 remote locations as the primary firewall. These devices establish a site-site VPN between the data centers and the customer site and provide firewall security for all users and equipment.
  • IPSEC tunneling
  • OSI Layer3-7 security
  • Protocol inspection on OSI layer 4
  • Usage of Snort to detect and prevent intrusions
  • ASA software and firepower software are still disjointed
The Cisco ASA 5500-X covers the entire range from SMB locations with the 5506 to Datacenter/Internet edge with the 5585 models. As it's the same software/management tool being used you can keep using your skills.
Be aware that as soon as you get above 25 sites, you're going to have to pay for the management center software as well.
I haven't had to deal with support yet. Therefore I cannot comment of the quality of the support. I assume it's the same TAC support as for other Cisco products, and therefore I assume it's good.
Read Wouter Hindriks's full review

Feature Scorecard Summary

Identification Technologies (15)
Visualization Tools (12)
Content Inspection (16)
Policy-based Controls (16)
Active Directory and LDAP (15)
Firewall Management Console (16)
Reporting and Logging (16)
VPN (16)
High Availability (16)
Stateful Inspection (4)
Proxy Server (3)

What is Cisco ASA 5500-X with FirePOWER Services?

Cisco ASA 5500-X with FirePOWER Services is a security appliance solution designed to empower users to beat sophisticated cyber attacks. This solution is a threat-focused next-generation firewall.
Categories:  Firewall

Cisco ASA 5500-X with FirePOWER Services Features

Firewall Features

Has featureIdentification Technologies
Has featureVisualization Tools
Has featureContent Inspection
Has featurePolicy-based Controls
Has featureActive Directory and LDAP
Has featureFirewall Management Console
Has featureReporting and Logging
Has featureVPN
Has featureHigh Availability

Cisco ASA 5500-X with FirePOWER Services Downloadables

Cisco ASA 5500-X with FirePOWER Services Competitors

Cisco ASA 5500-X with FirePOWER Services Pricing

  • Does not have featureFree Trial Available?No
  • Does not have featureFree or Freemium Version Available?No
  • Does not have featurePremium Consulting/Integration Services Available?No
  • Entry-level set up fee?No

Cisco ASA 5500-X pricing starts at ~$400 and scales up to $20,000 for higher capacity appliances.

Cisco ASA 5500-X with FirePOWER Services Support Options

 Paid Version

Cisco ASA 5500-X with FirePOWER Services Technical Details

Deployment Types:On-premise
Operating Systems: Windows
Mobile Application:No

Frequently Asked Questions

What is Cisco ASA 5500-X with FirePOWER Services?

Cisco offers a threat-focused next-generation firewall (NGFW), the ASA 5500-X Series. The ASA 5500 Series platforms can run either the Cisco ASA Firewall or Cisco Firepower Threat Defense (FTD). The series features appliances in a variety of form factors, including standalone options for small and midsize businesses, ruggedized appliances for extreme environments, midsize appliances for security at the Internet edge, and high-performance appliances for enterprise data centers.

What is Cisco ASA 5500-X with FirePOWER Services's best feature?

Reviewers rate High Availability highest, with a score of 9.9.

Who uses Cisco ASA 5500-X with FirePOWER Services?

The most common users of Cisco ASA 5500-X with FirePOWER Services are from Mid-size Companies and the Information Technology & Services industry.