TrustRadius
Cisco ASA is a firewall option.https://dudodiprj2sv7.cloudfront.net/product-logos/40/Lo/7JR5GUS6C8VR.jpegCisco ASA - Solid contender, but don't use the ips!The Cisco ASA platform has become the standard which I use for most of my SOHO and enterprise setups. I most recently have used this as a buffer between an AWS environment and a production network, where it behaved flawlessly. A second use case was as a VPN concentrator to consolidate all client to site, and site to site VPN connectivity, where it again behaved admirably.,Top of the line crypto, and firepower inline makes threat management easy. easy to set up vpn, now including tunnel interfaces! SOLID infrastructure for client to site vpn with anyconnect,TCO is higher than most. firepower integration into the appliance is straightforward but weak. Units often times cannot process the amount of traffic thrown at them. Support can be painful to work with at times. Need more english speaking staff.,9,Most network engineers have worked with ASA, so there is no need for re-training when adding or turning over staff Current configs from older devices plug in easily, and are operational on larger devices if an upgrade is required Many support options available,Palo Alto Networks Next-Generation Firewalls - PA Series, Check Point 4000 Appliances and Untangle NG Firewall,Check Point 4000 Appliances, Fortinet FortiGate, Palo Alto Networks Next-Generation Firewalls - PA SeriesRobustness and quality above all!!We use it in several critical access and control points, both internal and external. With it we deploy the VPNs that interlace all our offices and authorized consultants for remote access.Together with other tools of the same brand, automated rules are established that allow a more effective control of cybersecurity inside and outside the company.,Excellent integration with several systems and equipment of other brands, as well as with the entire Cisco ecosystem. Very good support and attention from the company and its associates. Constant security updates and functionalities. Robust and reliable equipment, great flexibility in configurations and fully scalable in power and functionalities to the need of the company.,Well, the price is always an important factor with this brand, but I am witnessing that it is worth what it costs, although the ROI is generally not as good as the investors would like it to be. The virtual appliance still consumes too many resources compared to similar ones and I have to assign physical network cards to get an adequate performance when implementing it.,9,The ROI is generally not as good as the investors would like it to be. Very good support and attention from the company and its associates, which reduces the recovery time in case of an incident.,Fortinet FortiGate, SonicWall TZ, Cisco Meraki MX Firewalls, Juniper SRX, Palo Alto Networks WildFire, pfSense and Sophos UTM,Fortinet FortiGate, Sophos UTM, pfSense, Cisco Meraki MX Firewalls, SonicWall TZ, Palo Alto Networks WildFireASA, really means Awesome Security Appliance!!!We use Cisco ASA units for internal remote users to remain connected to our network for access to applications, file shares and corporate email. We also recommend and sell ASA units to customers for use in their networks. Lastly, we recommend and sell ASA units to customers that we host for various applications, so that they can have access to "cloud" based apps but also be as secure as possible in the access thereof.,ASA units provide firewall capabilities that would normally be found in much more expensive equipment ASA units provide POE capability for use with VOIP phones or other equipment. ASA units connect outside internet to inside networks and VPN's with very little overhead and no loss of signal speed. ASA units allow me to run a wireless access point in parallel so that both wired and wireless devices can share one DHCP scope which makes it easier to manage and maintain. ASA units make use of ASDM but also the Cisco standard CLI which makes it easier to train engineers to manage and have ease of deployment using config templates.,In the ASA5506, unlike its predecessor, there are no switched Ethernet ports. Adding that feature would be helpful and save the cost of the additional switch that must be purchased. The real time log viewer is not that great, it's not 100% reliable, its explanations are often a bit too technical, the filter could use some enhancement The ASDM interface as a whole being java is not good. Java has become a nightmare due to poor backwards compatibility and cliff-facing certificate requirements between versions, so java versions for administrators become a nightmare to manage for what should be simple changes,10,Deploying Cisco ASA allows us to offer firewall, LAN, WAN and Wifi to businesses, with low overhead costs, low maintenance and of course great TAC support Using ASA units keeps within the solid industry leading Cisco standards while keeping costs down We are able to use known tools for deployment and troubleshooting without the need for training on additional interfaces.,Palo Alto Panorama,Palo Alto Networks GlobalProtect Mobile Security Manager, Banyan, Palo Alto Networks Next-Generation Firewalls - PA SeriesCisco ASA met all our network firewall needs.Cisco ASA is our main firewall for our site. It is also the VPN termination point for our LAN to LAN VPNs and Remote Access VPNs. It has solved the problem of needing a firewall for cyber security. It has also solved the problem of employees needing remote access into the corporate network.,Cisco ASA is very configurable. Cisco ASA has a lot of features. Cisco ASA is robust. Failing almost never. Cisco ASA can integrate with many other Cisco security solutions.,There is a learning curve for Cisco ASA. A lot of what can be done, initially, needs to be done at the command line interface. Organizing all the firewall rules can be a little daunting with the current UI.,9,Cisco ASA has met all the compliance requirements we have for a network firewall which has had a positive impact on our business objectives. Cisco ASA allows all our users to remote access our network which has had a positive influence on meeting the business need to allow remote access. The integration features of the Cisco ASA has allowed us to continue to secure our network with state of the art security solutions.,Palo Alto Networks Next-Generation Firewalls - PA Series,Darktrace, Microsoft System Center Configuration Manager, Microsoft Office 2016Good classic firewall, but not a next gen winner.We deploy the CIsco ASA 5505 & 5506 on over 250 customers' sites to protect the local LAN and establish a site-to-site VPN to our datacenter from which we host the customer applications. On our datacenter, we use an HA pair of ASA 5585s to produce redundant internet access and NAT all traffic.,Easy to configure with a template and CLI. TACACS command authorization and accounting is must have for compliance. Good SNMP monitoring options. Well developed and very compatible firewall OS.,The 'Next Generation' options feel bolted on and the performance is underwhelming. Impact of enabling the Firepower Inspection is too big. Both response time and throughput suffered horribly.,8,Provided a solid performance on the LAN edges of both our customer sites and our datacenters. Hardly any hardware failures.,Cherwell Service Management
  3. Cisco ASA Reviews
Unspecified
Cisco ASA
131 Ratings
Score 8.4 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Cisco ASA Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
Cisco ASA
131 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.4 out of 101
Show Filters 
Hide Filters 
Filter 131 vetted Cisco ASA reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Show All Filters
More Filters 
Less Filters 

Reviews (1-25 of 38)

  Vendors can't alter or remove reviews. Here's why.
Larry Chisholm profile photo
October 18, 2018

Review: "Cisco ASA - Solid contender, but don't use the ips!"

Larry Chisholm
Score 9 out of 10
Vetted Review
Verified User
Review Source
The Cisco ASA platform has become the standard which I use for most of my SOHO and enterprise setups. I most recently have used this as a buffer between an AWS environment and a production network, where it behaved flawlessly. A second use case was as a VPN concentrator to consolidate all client to site, and site to site VPN connectivity, where it again behaved admirably.
  • Top of the line crypto, and firepower inline makes threat management easy.
  • easy to set up vpn, now including tunnel interfaces!
  • SOLID infrastructure for client to site vpn with anyconnect
  • TCO is higher than most.
  • firepower integration into the appliance is straightforward but weak. Units often times cannot process the amount of traffic thrown at them.
  • Support can be painful to work with at times. Need more english speaking staff.
Places where this product is well suited -
* VPN Functionality - Client to Site/Site to Site
* Internet Edge Gateway - NAT/PAT providing internet access to staff/production networks
* Interior firewall - Network segmentation
Read Larry Chisholm's full review
Carlos Daniel Casañas Bertolo ஃ profile photo
November 05, 2018

Cisco ASA Review: "Robustness and quality above all!!"

Carlos Daniel Casañas Bertolo ஃ
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use it in several critical access and control points, both internal and external. With it we deploy the VPNs that interlace all our offices and authorized consultants for remote access.Together with other tools of the same brand, automated rules are established that allow a more effective control of cybersecurity inside and outside the company.

  • Excellent integration with several systems and equipment of other brands, as well as with the entire Cisco ecosystem.
  • Very good support and attention from the company and its associates. Constant security updates and functionalities.
  • Robust and reliable equipment, great flexibility in configurations and fully scalable in power and functionalities to the need of the company.
  • Well, the price is always an important factor with this brand, but I am witnessing that it is worth what it costs, although the ROI is generally not as good as the investors would like it to be.
  • The virtual appliance still consumes too many resources compared to similar ones and I have to assign physical network cards to get an adequate performance when implementing it.
Implementing an ASA is not advisable for a small business with a tight budget for IT. To get the juice you must be willing to invest in licenses and maintain the support contract to continue receiving updates. In the medium term you will be satisfied, but in the meantime I am sure that the finance manager is not going to be your best friend. Now, if you are looking for stability, performance, redundancy in communications, security at all levels and you want to keep all your branches properly interconnected, ASA is your smartest choice.
Read Carlos Daniel Casañas Bertolo ஃ's full review
Richard Oberle profile photo
October 17, 2018

Cisco ASA Review: "ASA, really means Awesome Security Appliance!!!"

Richard Oberle
Score 10 out of 10
Vetted Review
Reseller
Review Source
We use Cisco ASA units for internal remote users to remain connected to our network for access to applications, file shares and corporate email. We also recommend and sell ASA units to customers for use in their networks. Lastly, we recommend and sell ASA units to customers that we host for various applications, so that they can have access to "cloud" based apps but also be as secure as possible in the access thereof.
  • ASA units provide firewall capabilities that would normally be found in much more expensive equipment
  • ASA units provide POE capability for use with VOIP phones or other equipment.
  • ASA units connect outside internet to inside networks and VPN's with very little overhead and no loss of signal speed.
  • ASA units allow me to run a wireless access point in parallel so that both wired and wireless devices can share one DHCP scope which makes it easier to manage and maintain.
  • ASA units make use of ASDM but also the Cisco standard CLI which makes it easier to train engineers to manage and have ease of deployment using config templates.
  • In the ASA5506, unlike its predecessor, there are no switched Ethernet ports. Adding that feature would be helpful and save the cost of the additional switch that must be purchased.
  • The real time log viewer is not that great, it's not 100% reliable, its explanations are often a bit too technical, the filter could use some enhancement
  • The ASDM interface as a whole being java is not good. Java has become a nightmare due to poor backwards compatibility and cliff-facing certificate requirements between versions, so java versions for administrators become a nightmare to manage for what should be simple changes
We appreciate that there are a variety of ASA units for different sized networks. It is particularly well suited for businesses that have multiple small to medium sites that need internet protection and VPN connections at the same time. The added capability of wireless access makes the ASA in our opinions a great one-stop shop for network, firewall, and VPN.
Read Richard Oberle's full review
Brandon Holbrook profile photo
October 17, 2018

Review: "Cisco ASA met all our network firewall needs."

Brandon Holbrook
Score 9 out of 10
Vetted Review
Verified User
Review Source
Cisco ASA is our main firewall for our site. It is also the VPN termination point for our LAN to LAN VPNs and Remote Access VPNs. It has solved the problem of needing a firewall for cyber security. It has also solved the problem of employees needing remote access into the corporate network.
  • Cisco ASA is very configurable.
  • Cisco ASA has a lot of features.
  • Cisco ASA is robust. Failing almost never.
  • Cisco ASA can integrate with many other Cisco security solutions.
  • There is a learning curve for Cisco ASA.
  • A lot of what can be done, initially, needs to be done at the command line interface.
  • Organizing all the firewall rules can be a little daunting with the current UI.
Cisco ASA - we have integrated it with Cisco Firepower. Our Cisco ASA is an important part of our network infrastructure. When we need to implement a new firewall rule or edit an existing one the Cisco ASA UI makes this task easy. The Cisco ASA is well suited for any network firewall need.
Read Brandon Holbrook's full review
Wouter Hindriks profile photo
February 04, 2019

Cisco ASA Review: "Good classic firewall, but not a next gen winner."

Wouter Hindriks
Score 8 out of 10
Vetted Review
Verified User
Review Source
We deploy the CIsco ASA 5505 & 5506 on over 250 customers' sites to protect the local LAN and establish a site-to-site VPN to our datacenter from which we host the customer applications. On our datacenter, we use an HA pair of ASA 5585s to produce redundant internet access and NAT all traffic.
  • Easy to configure with a template and CLI.
  • TACACS command authorization and accounting is must have for compliance.
  • Good SNMP monitoring options.
  • Well developed and very compatible firewall OS.
  • The 'Next Generation' options feel bolted on and the performance is underwhelming.
  • Impact of enabling the Firepower Inspection is too big. Both response time and throughput suffered horribly.
Excellent layer 1-4 firewall, HA works flawless, great performance for classic firewall.

For Next Gen features you had better look at the firepower threat defense devices, as the next generation features of ASA are not well integrated.
Read Wouter Hindriks's full review
No photo available
January 18, 2019

Review: "Our experiences with Cisco ASA firewalls."

Verified User
Score 8 out of 10
Vetted Review
Verified User
Review Source
We have about a dozen Cisco ASA models deployed from 5505-5545. We use them to separate traffic between internal organizations, for DMZ, and for VPN (both IPSEC and SSL). The problems these units address are two-fold: to protect our internal network from foreign networks that we have no control over, and to protect the foreign networks from the chance of getting infected by something on our internal network.
  • When sized appropriately, it can handle demanding traffic well.
  • Cisco is pretty good about putting out security-related updates so we can rest assured that the networks can be as safe as possible.
  • The hardware is very reliable and I don't recall any hardware related issues in the 5+ years of using them.
  • Software upgrades are smooth and I would recommend getting Cisco support assistance for them to review your current configuration and have them advise which stable and secure version you should move to. They may provide additional commands to enter prior to upgrading if you are moving from a very old version of the software.
  • Reporting, especially for VPN functionality, could use some improvements to be able to pinpoint when particular users log in/out.
  • The JAVA-based GUI could use some modernization. I currently have to use an older version of JAVA JRE to run the ASDM.
  • Some of the licensing structure could use some simplifying. You really have to size the appliance for growth before purchasing the initial license. The bare-bones license doesn't provide much flexibility.
DMZ firewall, general internet browsing, VPN (SSL and IPSEC). ASA can handle many firewall rules without slowing down. Some of them also offer PoE on the switchports of the firewall, which is convenient for small home office installations. One of the features is a high availability configuration in an active/standby mode. You can upgrade the software without any downtime.
Read this authenticated review
No photo available
November 08, 2018

Cisco ASA Review: "The Swiss Army Knife of Firewalls"

Verified User
Score 9 out of 10
Vetted Review
Verified User
Review Source
Cisco ASA provides many security and networking features. These include VPN (Virtual Private Network) capabilities, traffic prioritization, DHCP, Firewall protection of our network, routing, and many more. These allow our business to operate securely, give remote employees easy access to our on-network services, shape our traffic to allow critical services (such as VOIP) to operate at higher priority, and generally give us fine-tuned control over the operation and management of our network and how it interacts with the outside world.
  • Performance
  • Reliability
  • Security
  • Configurability/Customization
  • User Interface
  • Ease of use
  • Setup
You will want an IT expert who can assist with setup as well as day to day management. Certain VPN configurations may require additional licensing - make sure you know what your needs are and research costs accordingly. Licensing across the board should be researched carefully since it's not always clear with Cisco products. Ideally, have a Cisco expert research and quote a solution that meets your specific business needs.
Read this authenticated review
No photo available
October 18, 2018

Cisco ASA Review: "Decent Firewall at a decent price point."

Verified User
Score 9 out of 10
Vetted Review
Verified User
Review Source
We've deployed ASAs throughout our multiple datacenters and we also use them as onsite edge devices at many of our client sites. We're using them for NATing client devices as well as applying stringent ACLs to control what clients can access on our networks and what we can access on a clients network.
  • HA NAT
  • ACLS
  • FAILOVER
  • HA
  • VPN
  • Maybe this has changed, but our ASAs were/are limited ACLs based on Object-Groups/IPs/Ports versus our Palo Altos offer application layer inspection to make sure that traffic traversing the firewall on a specific well known port such as 22 is actually SSH traffic or that traffic on port 80/443 is actually HTTP/HTTPS.
They work fairly well for firewalling and tended to be lower cost than our Palo Altos. If you're looking for a decent firewall and cost is a concern I'd say ASAs are a decent option. If you'e looking for a more secure environment you might want to look at the Palo Altos in addition to or instead of the ASAs.
Read this authenticated review
No photo available
January 25, 2019

User Review: "Cisco ASA Rocks!"

Verified User
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Cisco ASA at the headquarters and the sites to build our cross-network and edge gateway. Like always, Cisco rocks with their hardware, no issues at all. Even better now with the Cloud services, Cisco pushes down updates to the ASA blocking potential threads.
  • Rock solid when it comes to VPN Site-to-Site.
  • Excellent Firewall functionalities.
  • HA capabilities, it never fails.
  • It would be better if Cisco continues improving the ASDM for new administrators starting their networking career.
  • It would be great if Cisco builds a management web interface like they do for small business products.
I don't know why an IT department would not consider a Cisco ASA.
Read this authenticated review
No photo available
October 19, 2018

Review: "Cisco ASA - Aging tech no longer a leader in the firewall market"

Verified User
Score 5 out of 10
Vetted Review
Verified User
Review Source
The Cisco ASA platform has a niche place in our infrastructure. It is a decent stateful firewall but lacks features and functionality for changes in network security, segmentation, and user-based access controls. It is a good SSL VPN technology but that is about the only feature on the ASA platform that is widely used. As technology advances, it appears that Cisco has forgotten about the ASA.
  • SSL VPN
  • Authentication tiering
  • User-based access control functionality
  • Better logging
  • User interface
The ASA platform really is only suitable for SSL VPN use cases that can't be solved by other means. Its time as an industry leading firewall has ended. Cisco missed the boat with updates to the ASA platform and has not kept up with firewall trends. They tried to add bolt on functionality but the ASA really is not a security appliance and is one of the last stateful firewalls left that only has vanilla functionality.
Read this authenticated review
No photo available
October 17, 2018

User Review: "Cisco ASA using VPN phones"

Verified User
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Cisco ASA for our remote phone VPN users. It’s being used primarily by our attorneys that sometimes work at home. It allows our users to have a home office and work with our clients and have them accessible for conferences and gives our users flexibility to conduct business outside the office.
  • Allows remote phones to VPN and connect to the phone system
  • It’s secure and allows TLS 1.2 encryption
  • It’s more reliable to use a physical phone than soft clients e.g. Jabber
  • Since we use it for VPN phones the devices need to be configured internally before we deploy them in the field. I have to be able to update the VPN profiles remotely.
We use ASA for CisVPNvpn phones and it handles that task well. For enterprise wide firewall we use Palo Alto equipment.
Read this authenticated review
No photo available
September 03, 2018

User Review: "Cisco ASA Provides Peace of Mind"

Verified User
Score 10 out of 10
Vetted Review
Verified User
Review Source
I use the ASA as our main firewall for all outward facing services utilizing the FirePower functionality as well.
  • Hardens the network
  • Advanced Malware Protection
  • IPS / IDS functionality
  • VPN Connectivity
  • Software upgrades can be somewhat challenging at times.
  • Pricing is a little high
The ASA has been a fantastic VPN device as well as firewall with integrated services. Protection features with Firepower provides advanced malware protection with an active license. I haven’t experienced any situations where the device is less appropriate.
Read this authenticated review
Jitu Mani Das profile photo
May 24, 2018

Review: "CISCO ASA: A SCALABLE & FUTURISTIC SCALABALE SECURE SOLUTION"

Jitu Mani Das
Score 10 out of 10
Vetted Review
Verified User
Review Source
Cisco ASA is our main Perimeter firewall across the globe, routing all the internet traffic in and out of our infrastructure. It gives the secured way of filtering traffic as per our need. The best part of ASA is the support and trust of loyalty in last 10 years we just never have to reboot the device once also. Its credibility is amazing.
  • How we can manage: ASDM the GUI is so much easier to manage it even for a new guy also.
  • Traffic handling capacity
  • More secure and the different features it gives.
  • Support from the TAC team or from the community manages to handle issues very efficiently.
  • I would say Cisco should concentrate more how they will move way the traditional IPS to a new sand-boxing kind of environment.
CISCO ASA is suitable for every organization from MID range to HIGH RANGE. However, for small customers, they can buy Cisco product but support cost will be the challenge. However nowadays one tool is never enough, but Cisco gives us a unified way of managing infra with there different solutions. I agree they are more stable products comparing any products which are available in the Market.
Read Jitu Mani Das's full review
Jesus Mata profile photo
June 19, 2018

Review: "Cisco ASA for Small to Medium Businesses"

Jesus Mata
Score 8 out of 10
Vetted Review
Verified User
Review Source
This device is being used across the entire organization. It is currently our firewall and what guards us from exterior attacks. It is also functioning as our VPN provider for users that need access outside of the company.
  • Great user management
  • Good usage of ACE and ACL rules that control the network
  • Decent power for a VPN that can be easily created
  • Not user friendly
  • The GUI is nice, but it doesn't tell you what it does
  • Sometimes, it's hard to track down exactly what is going on
  • Definitely well suited for a small to medium business where it can highlight the usage of its firewall and small amounts of VPN connectivity.
  • It might get overshadowed in a larger company.
Read Jesus Mata's full review
Michael Timms profile photo
May 10, 2018

Cisco ASA Review: "The Gold Standard in Enterprise Firewalls"

Michael Timms
Score 10 out of 10
Vetted Review
Verified User
Review Source
Cisco ASA is the industry standard for firewall software. I am not an expert on ASA by any means, but I have used several of the basic functions such as SSL VPN and configuring different VLANs for multiple devices. I only use the Command Line Interface, and never the ASDM which runs on a Java applet.
  • Customer support is Cisco's forte, and ASA is no exception. If you have issues, they are available 24/7 to help you resolve them.
  • Longevity. I still have a 5510 running that has been running for over 3 years without a reboot with zero issues.
  • URL filtering works great.
  • Get rid of the Java based ASDM
  • The licensing could be easier.
  • Packet filtering could use some improvement.
The ideal situations that Cisco ASA is best suited for are large enterprises with tons of traffic and several thousand users that need to have certain URLs or IPs restricted for security or client compliance reasons. ASA, of course, can be configured and used for any size environment, but the example that I can give that it would not be well suited for would be a very small business with only a handful of employees where IP or URL restriction is not necessarily required. The cost is also a factor, as ASA is very expensive.
Read Michael Timms's full review
Brian Munn profile photo
May 01, 2018

Review: "From Small Business to Enterprise Level the Cisco ASA is a great Firewall for any Business"

Brian Munn
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use the Cisco ASA as our public ingress and egress entry points across our organization. We have been using Cisco ASA for many years securing our users when accessing the internet and securing our network from users on the internet accessing websites we host. We also use Cisco ASA for VPN access. We have multiple site to site VPNs along with Cisco AnyConnect VPN for users accessing corporate resources when out of the office.
  • The Cisco AnyConnect VPN is used by our users and is a very easy and secure method for employees to access corporate resources.
  • The Cisco ASA 5585 can be configured in a cluster for larger throughput and high availability.
  • When purchased with FirePOWER the Cisco ASA can be configured to inspect the application layer of the packets for better threat detection.
  • The Cisco ASA can be configured via command line and with a GUI interface. The GUI interface needs work. It uses Java and depending on Java version you can have issues launching the application.
  • The Cisco ASA needs better logging for troubleshooting. When trying to narrow down an issue the logging needs more information.
  • Licensing can be difficult to understand and there are many options. Make sure you fully understand your needs before ordering.
For companies that want more granular security when it comes to internet access both external and internal the Cisco ASA can be configured in many ways. The AnyConnect VPN client is rock solid and very easy for users to initiate a VPN session.

For smaller companies the Cisco ASA may not be good fit as someone with network experience needs to administer the ASA. Other firewalls can be setup for use out of box.
Read Brian Munn's full review
Eric Krueger profile photo
April 11, 2018

User Review: "Jump in with Cisco ASA and feel secure"

Eric Krueger
Score 10 out of 10
Vetted Review
Verified User
Review Source
We currently use Cisco ASAs both as our primary firewalls and for VPN. It has made our job in IT easier and with less stress knowing that we are more secure by using this product.
  • Filtering of traffic is made easier and we are able to better control our environment.
  • VPN is secure and easy to manage through our ASAs.
  • As part of our overall security strategy, Cisco ASAs help keep our perimeter more secure through their ability to customize to our company's needs.
  • More training on customization would be great.
  • Cisco could provide better Best practice reviews of our environment once set up.
  • More reporting features for Execs would help.
As an all in one security device, firewall, VPN, and IPS this system does it all. The ROI in itself is worth the initial cost for what Cisco brings to the table. Monitoring and reporting are easy to use and setup/configuring is a snap.
Read Eric Krueger's full review
Amit Gumber profile photo
July 18, 2018

User Review: "Cisco ASA"

Amit Gumber
Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using Cisco ASA to connect our remote sites using IPsec VPN feature in secured manner.Also using it as for SSL VPN to connect our web services.
  • Cisco ASA is very robust device that keeps our network secure from threats
  • Cisco ASA is very in intelligent device and full of multiple features such as load balancing , quality of service and many more
  • Cisco ASA have enough licensing options which any customer can choose it from.
  • Cisco ASA is limited to UTM features such as malware and antivirus
  • Cisco ASA is less modular in terms of adding / removing modules
  • Cisco ASA don't have AC/DC combined power options
Cisco ASA is well suited in scenarios such as IPsec VPN , SSL VPN and L2 VPN requirement.
Cisco ASA is not well suited in scenarios where we need excessive routing of data traffic
Read Amit Gumber's full review
Sergei Chernooki profile photo
January 25, 2018

Cisco ASA Review: "Great solution heading in right direction."

Sergei Chernooki
Score 9 out of 10
Vetted Review
Reseller
Review Source
Cisco ASA is used as a border firewall at the network edge and also between critical network segments and other parts of the network. With Cisco ASA we achieved remote access connectivity and event logging. Next-gen features are used at network edge with regard to performance. By using Cisco ASA awe created reliable network edge gateways with minimal Open.
  • Stateful inspection is perfectly implemented, reliable and has a very good performance.
  • NAT is feature-reach, perfectly implemented, reliable and has a very good performance.
  • VPN is feature-reach, perfectly implemented, reliable and has a very good performance (hardware limited).
  • I am not quite happy with 5500 series NGFW performance, this was fixed starting from 2100 series on.
  • HTTP inspection performance also is a bottleneck, it should not be used without clear need.
  • Licensing costs may triple the appliance price.
It does it's best when minimal OpEx is required. Initial setup may be complex for inexperienced engineers. Network visibility may be incomplete without additional tools. Performance of next-gen features may be low on cheap models.
Read Sergei Chernooki's full review
Brian Taylor profile photo
January 18, 2018

Cisco ASA Review: "Gold Standard in Enterprise Security"

Brian Taylor
Score 10 out of 10
Vetted Review
Verified User
Review Source
My organization switched to the ASA from the PIX close to 8 years ago. We were looking for a solution that provided added security, better redundancy, integrated well with our existing Cisco infrastructure and was easy to manage and use. The ASA addressed all of those concerns and has been a critical component in our network stacks since.
  • Consistent commands. A lot of the general commands used on other Cisco switches and routers also work here, making it easy script common tasks and changes across multiple devices without having to switch command structure.
  • Processing power. The ASA is incredibly fast and doesn't introduce much if any latency.
  • The Java based ASDM can botch commands and isn't compatible on some more locked down systems.
  • Monitoring. Really the same complaint as above, the monitoring available through the ASDM is crappy at best. A much better solution is to send the logs and mirror packets to a SEIM, but that can create issues of its own when looking for realtime analysis.
  • Compatibility across other ASA models. ASA 5520s don't play well with 5525X which don't play well with older 5510s. Each is great on it's own, but it's next to impossible to logically stack them or have them as layers of firewalls in an infrastructure.
  • Lack of cloud based management. The Cisco Meraki security devices do this well, but the ASAs are still behind in this regard.
The ASA is the gold standard of adaptive security devices in a Cisco environment. If your organization predominately uses Cisco hardware, then the ASA is the firewall of choice as it plays nicely with other routers and switches. If your infrastructure uses a mix of hardware vendors or open network hardware, there can sometimes be issues communicating between those devices, but workarounds are easy enough and issues well documented.
Read Brian Taylor's full review
Del Murphy profile photo
December 20, 2017

Review: "The Cisco ASA Platform is faster for VPN deployment than nearly any other VPN platform"

Del Murphy
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use the Cisco ASA platform as an edge firewall, DMZ Firewall, Partner firewall, and a VPN endpoint. We have thousands of connections through the ASA Platform and it is constantly performing above our needs.
  • With the Cisco ASA as a VPN endpoint, we can build a new VPN in about 2 minutes once the information exchange is completed to confirm the requirements. We have a number of Client on a number of other VPN endpoints and we can have our side built in some case days before they complete their side on a non-Cisco platform
  • I would say that the biggest problem the Cisco ASA has is for people that have never used one before. These platforms have lots of capabilities with that comes lots of configuration options. For a new person to the ASA, this can be overwhelming. But Cisco has a lot of good documentation to overcome this issue.
Edge firewall and VPN endpoint
Read Del Murphy's full review
No photo available
November 09, 2017

Review: "Cisco ASA : Let me stand next to your Fire(wall)"

Verified User
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Cisco ASA as our Premise firewall solution. We also take advantage of inter company VPN tunnels between Cisco ASA devices between our locations across the globe. The greatest thing about standardizing on the ASA platform is the ease of use and the ability for each site to offer support to each other remotely. We use the AnyConnect VPN Client to extend our LAN to authorized users across the web. With the intrusion detection we feel a sense of security.
  • Cisco has long been the gold standard in premise equipment and the ASA platform delivers that for less gold.
  • The Cisco ASA UI and CLI are both simple and robust.
  • For what the product is I see little room for improvement.
This is a difficult thing to determine where it is useful and where it is not. I would say that anyone needing a firewall can find an appropriately sized ASA and start rolling.
Read this authenticated review
No photo available
December 20, 2017

Review: "Cisco ASA Increases Security Effectiveness"

Verified User
Score 7 out of 10
Vetted Review
Verified User
Review Source
We currently are using CISCO ASA as our main firewall and security platform across the whole organization... about business problems maybe the cost of the appliance and maintenance.
  • Great interconnection across offices and site integration
  • Great complementary dashboard management systems
  • Minimize security risks at a lowest level
  • Cost
  • Certification to manage software
  • Problems during installation, the management without other type of appliances maybe complicated
It is well suited using only Cisco ASA.
Read this authenticated review
No photo available
October 27, 2017

Cisco ASA Review: "Great for a Cisco Admin to use on the external layer."

Verified User
Score 6 out of 10
Vetted Review
Verified User
Review Source
We are currently using the CIsco ASA to NAT external traffic and inspect both inbound and outbound traffic.
  • Handles traffic efficiently
  • High availability
  • Command line similar to other Cisco Devices
  • Centralized Management
  • Licensing way too much trouble
  • Consistency between model numbers.
They are a good product for using as an external firewall, as the size grows so does the price then the Support on top of that is where it gets really expensive.
Read this authenticated review
Fahad Ahmad profile photo
April 26, 2017

Cisco ASA Review: "Cisco Next Generation Firewalling"

Fahad Ahmad
Score 6 out of 10
Vetted Review
Verified User
Review Source
We have managed customers who use Cisco ASA as their primary firewall and I manage it for them. It is used by our customers for their environment and it secures customer environments against unauthorized access. It addresses issues in terms of security of the environment where there are online threats including DDOS, DOS, viruses, malware, hacking etc.
  • Cisco ASA sends logs to a syslog server either in the same location or remotely which helps admin for audit and security events across all networks devices.
  • Syslog traffic should be encrypted.
  • Cisco ASA provides multiple security contexts (require a licence). It's a good thing (like virtualized firewalls). It can be used as a transparent (Layer 2) firewall or routed (Layer 3).
  • Cisco ASA provides IPS module or SCS module.
  • Cisco ASA can inspect Layer 2-7 protocol inspection and also IP connection limits.
  • New feature is added for Memory Threshold Notifications where it eliminates low-memory (CPU etc) on firewall and it generate SNMP notification when memory pool buffer is used to a level where service performance issues can arise.
  • Ths feature is available in Cisco ASA 8.4 and onwards
  • It should have room for a confirm configuration or a config checker (pattern) instead of directly applied on CLI and it would become operational straightaway.
  • It should have some option to roll back the configuration if applied in error or something else is disturbed by the new config implementation.
  • There should be some time limit (day and time duration) option where a configuration is applied and pulled off.

Cisco ASA is well suited where a customer environment requires low latency traffic or a mixed-traffic environment that has many SSL/IPSec VPNs. The latest Cisco ASA 5580 has a throughput of 20 gigabits per second (Gbps) and a 10,000 user remote access concentrator for a secure sockets layer (SSL) and IP security site-to-site (IPsec)-based virtual private networks (VPN).


It is not appropriate in a service provider or enterprise development environment where configuration changes are required quite often. You cannot use VPN services such as remote access or site-to-site VPNs, or dynamic routing protocols. With multiple context mode, Cisco ASA 5580 has limitations as well as it is designed as a firewall and VPN only and cannot use other security features such as IDS or IPS. Like other firewall vendors Cisco ASA does not receive real-time updates from Cisco. So it's not suitable where sensitive data such as government department etc., can be compromised as security requires real-time updates from the vendor.

Read Fahad Ahmad's full review

Cisco ASA Scorecard Summary

Likelihood to Recommend (131)
8.4
Likelihood to Renew (1)
9.0
Support (1)
10.0

About Cisco ASA

Cisco ASA is a firewall option.
Categories:  Firewall

Cisco ASA Technical Details

Operating Systems: Unspecified
Mobile Application:No