Filter Ratings and Reviews
Filter 165 vetted Cisco ASA reviews and ratings
Reviews (1-25 of 53)
February 12, 2020
Cisco ASA - Well suited to a Cisco-heavy environment
We use a pair of Cisco ASAs in an active/standy pair as our internal firewalls. To segment traffic between VLANs. It is used across the entire organisation. The main concern it addresses is of course security and only allowing users to get to resources that they are allowed to go to and have a reason for going to.
- HA Failover - very fast and no downtime.
- Documentation.
- GUI - Dated and requires specific java versions to run.
- Missing out on layer 7 inspection.
Cisco ASA was used at the organization I was employed in. Also, I deployed it to several companies as a VAR. Cisco ASA was deployed as a standalone product, as well as in an HA environment for reliability. Cisco ASA was used as an edge firewall for organizations in all environments; it was deployed.
- Cisco ASA has a variety of features including NextGen to protect corporate networks.
- Cisco ASA is easy to deploy and manage.
- Multi-WAN routing could use improvement. Currently, Cisco routers are needed in front of the ASA to accommodate.
- NextGen features such as FirePOWER can be difficult to deploy.
January 09, 2020
YES to ASA for your business
Our Cisco ASA's act as our perimeter gateways for our corporate offices. We also have our two largest sites outside of our headquarters using the devices to connect via a VPN. This allows for access to corporate information housed on storage area networks based in the corporate data centers
- Fits into Cisco's ecosystem seamlessly.
- Advanced features to adapt to today's world.
- The GUI could use an update and is clumsy, still, after all this time.
- Network Access Control integration still needs to be improved.
December 02, 2019
A next generation firewall of high performance and quality.
Cisco ASA is a next generation firewall that I have used and managed for almost 2 years. It is robust equipment that is positioned on the edge to protect from virtual attack, and it also makes web content filtering to block access to undue pages from certain sectors in the company. Two units were purchased at each branch.
- Encryption and security
- Deep web content filtering and data analysis
- Antivirus, IPS and anti-spam
- Support is a little expensive
- Manuals are only in English
October 04, 2019
Cisco ASA FW in front of SDN
We are using a Cisco ASA firewall in front of our SDN data centre network to form first line protection against the Internet. We automate all our configurations to this platform with other Cisco tools and ASA fits fine to this zero touch day 2 operation model.
- Well suited to automated operation/configuration
- Well known technology
- Price
- Basic features ok, but NGFW features could be better
December 17, 2019
ASA is a good product, but there are better options for less money
ASA was being used as our perimeter firewall before being replaced by an NGFW. All traffic and client VPNs terminated at this device. It has addressed the most basic needs of firewalling and routing but does not address next-generation features.
- Routing.
- Port-based firewalling.
- I would ditch the ASA in favor of an NGFW like a Palo Alto. Port-based firewalling doesn't have a place in today's world.
- The interface is clunky.
January 10, 2020
Industry Standard and for Good Reasons
Our Cisco ASA's are the firewalls for our entire enterprise, so in a sense, they're used by the whole organization. However, only IT manages and monitors them, so it would also be fair to say it's used by one department in that sense. All businesses, no matter the size, need to have a firewall. Cyber attacks are a significant problem in the world, and a safe, secure, up-to-date firewall is a critical piece of securing a business's data.
- Security: The Cisco ASA does security well, with all the standard port blocking and filtering, as well as for analytics with the Firepower module.
- VPN: Cisco AnyConnect allows remote users an easy way to connect into the network securely. It also has site-to-site VPN capabilities that let us seamlessly link sites.
- Learning Curve: While there is ample documentation available, it takes a lot of time, training, and experience to understand and manage an Cisco ASA firewall.
- Cost: Cisco ASAs can get very expensive, most of that cost in support contracts rather than hardware. And since they don't support sales on the secondary market, there's little choice.
December 13, 2019
One of the best firewalls in the industry
We have multiple clustered and nonclustered ASA appliances with various models and configurations. It mostly used on the edge and for other internal purposes such as a transparent firewall. We also use firepower in this new -X ASAs as our primary IPS on the internet edge. This allows us to not have extra devices in line before or after the firewalls.
- Rules management.
- Failover cluster.
- Software bugs.
- Inconsistent TAC support.
July 19, 2019
Cisco ASA to Protect Your Networks
We use Cisco ASA across our whole enterprise network. We use them to protect our local LANs to support PCI compliance and to protect any internet-facing circuits.
- Cisco ASAs are simple to configure and manage.
- Cisco ASAs allow easy setup of VPNs.
- Cisco ASAs provide secure segmentation to offer compliance with PCI.
- The CLI commands of the ASA is a bit different than Cisco's IOS devices.
Cisco ASA is used internally by our organization's IT department to secure the perimeter edge. We also use Cisco ASA in our lab to do testings of multiple client scenarios. We sell Cisco ASA to customers and implement Cisco ASA as well for customers in a project environment. It addresses network security issues on the perimeter and sometimes even in the data centre, however, Cisco Firepower appliances are more well-suited to this implementation.
- SSL VPN.
- Site-to-Site VPN.
- Ease of use and configuration.
- Easy CLI.
- Robust.
- Easy to troubleshoot.
- ASDM ease-of-use could be improved.
- Upgrade/migration from previous versions and the way objects are named.
- Bring in more support contexts in the default licensing.
- Bring in more support for SSL VPN connections in the default licensing.
Cisco ASA is being used in a department addressing the protection of several critical aspects. It is being used along with firepower in order to streamline the level of security needed.
- Zero downtime upgrades.
- Consistent API interface.
- Rich feature set.
- The GUI (ASDM) should get rid of Java.
- API specifications and commands lack proper documentation.
- Deeper regression testing on later releases.
We use the ASA as a firewall, intrusion prevention, and VPN in the whole organization. Basically it's a proactive threat defense that stops attacks before they spread through the network.
- We Can use multiple contexts or also known as Firewall multimode.
- Ability to use dynamic routing protocols.
- The complex way of connecting external connectivity.
- Would like more SLA and event manager functionality.
- GUI interface is lacking. The interface is java specific.
We use our Cisco ASA as a traditional firewall, inspecting and routing traffic. We also have Firepower running on it, which allows us to use it for content filtering.
- The ASA has been around forever, and has been proven to be a great firewall solution.
- ASAs are very versatile, running everything from VPNs and ACLs to content filtering.
- Running them in tangent with other Cisco routing solutions allows for a very diverse and secure setup.
- There are two types of technologists: ones who speak Cisco, and ones who don't. The ASA is no different from any Cisco device, in that it comes with a learning curve.
- These aren't consumer products, and they come with an enterprise price tag.
- Like many vendors, Cisco uses a java based admin consoles. This is its own special form of torture.
July 09, 2019
Decent Firewall at a decent price point.
We've deployed ASAs throughout our multiple datacenters and we also use them as onsite edge devices at many of our client sites. We're using them for NATing client devices as well as applying stringent ACLs to control what clients can access on our networks and what we can access on a clients network.
- HA NAT
- ACLS
- FAILOVER
- HA
- VPN
- Maybe this has changed, but our ASAs were/are limited ACLs based on Object-Groups/IPs/Ports versus our Palo Altos offer application layer inspection to make sure that traffic traversing the firewall on a specific well known port such as 22 is actually SSH traffic or that traffic on port 80/443 is actually HTTP/HTTPS.
June 12, 2019
Cisco ASA Inside The Datacenter
Cisco ASA is used to filter access to very specific networks that need isolation from the rest of the information system. Our requirements were to have a good level of security, along with enough flexibility so that we could address unpredictable changes in the feature set that the admins of those networks may demand in the future.
- Manageability.
- Deployment.
- Security.
- Set of features apart from simple stateful filtering.
- Performance.
- Clustering.
- Scalability once setup if you don't go for clustering.
October 18, 2018
Cisco ASA - Solid contender, but don't use the ips!
The Cisco ASA platform has become the standard which I use for most of my SOHO and enterprise setups. I most recently have used this as a buffer between an AWS environment and a production network, where it behaved flawlessly. A second use case was as a VPN concentrator to consolidate all client to site, and site to site VPN connectivity, where it again behaved admirably.
- Top of the line crypto, and firepower inline makes threat management easy.
- easy to set up vpn, now including tunnel interfaces!
- SOLID infrastructure for client to site vpn with anyconnect
- TCO is higher than most.
- firepower integration into the appliance is straightforward but weak. Units often times cannot process the amount of traffic thrown at them.
- Support can be painful to work with at times. Need more english speaking staff.
November 05, 2018
Robustness and quality above all!!
We use it in several critical access and control points, both internal and external. With it we deploy the VPNs that interlace all our offices and authorized consultants for remote access.Together with other tools of the same brand, automated rules are established that allow a more effective control of cybersecurity inside and outside the company.
- Excellent integration with several systems and equipment of other brands, as well as with the entire Cisco ecosystem.
- Very good support and attention from the company and its associates. Constant security updates and functionalities.
- Robust and reliable equipment, great flexibility in configurations and fully scalable in power and functionalities to the need of the company.
- Well, the price is always an important factor with this brand, but I am witnessing that it is worth what it costs, although the ROI is generally not as good as the investors would like it to be.
- The virtual appliance still consumes too many resources compared to similar ones and I have to assign physical network cards to get an adequate performance when implementing it.
October 17, 2018
ASA, really means Awesome Security Appliance!!!
We use Cisco ASA units for internal remote users to remain connected to our network for access to applications, file shares and corporate email. We also recommend and sell ASA units to customers for use in their networks. Lastly, we recommend and sell ASA units to customers that we host for various applications, so that they can have access to "cloud" based apps but also be as secure as possible in the access thereof.
- ASA units provide firewall capabilities that would normally be found in much more expensive equipment
- ASA units provide POE capability for use with VOIP phones or other equipment.
- ASA units connect outside internet to inside networks and VPN's with very little overhead and no loss of signal speed.
- ASA units allow me to run a wireless access point in parallel so that both wired and wireless devices can share one DHCP scope which makes it easier to manage and maintain.
- ASA units make use of ASDM but also the Cisco standard CLI which makes it easier to train engineers to manage and have ease of deployment using config templates.
- In the ASA5506, unlike its predecessor, there are no switched Ethernet ports. Adding that feature would be helpful and save the cost of the additional switch that must be purchased.
- The real time log viewer is not that great, it's not 100% reliable, its explanations are often a bit too technical, the filter could use some enhancement
- The ASDM interface as a whole being java is not good. Java has become a nightmare due to poor backwards compatibility and cliff-facing certificate requirements between versions, so java versions for administrators become a nightmare to manage for what should be simple changes
October 17, 2018
Cisco ASA met all our network firewall needs.
Cisco ASA is our main firewall for our site. It is also the VPN termination point for our LAN to LAN VPNs and Remote Access VPNs. It has solved the problem of needing a firewall for cyber security. It has also solved the problem of employees needing remote access into the corporate network.
- Cisco ASA is very configurable.
- Cisco ASA has a lot of features.
- Cisco ASA is robust. Failing almost never.
- Cisco ASA can integrate with many other Cisco security solutions.
- There is a learning curve for Cisco ASA.
- A lot of what can be done, initially, needs to be done at the command line interface.
- Organizing all the firewall rules can be a little daunting with the current UI.
February 04, 2019
Good classic firewall, but not a next gen winner.
We deploy the CIsco ASA 5505 & 5506 on over 250 customers' sites to protect the local LAN and establish a site-to-site VPN to our datacenter from which we host the customer applications. On our datacenter, we use an HA pair of ASA 5585s to produce redundant internet access and NAT all traffic.
- Easy to configure with a template and CLI.
- TACACS command authorization and accounting is must have for compliance.
- Good SNMP monitoring options.
- Well developed and very compatible firewall OS.
- The 'Next Generation' options feel bolted on and the performance is underwhelming.
- Impact of enabling the Firepower Inspection is too big. Both response time and throughput suffered horribly.
January 18, 2019
Our experiences with Cisco ASA firewalls.
We have about a dozen Cisco ASA models deployed from 5505-5545. We use them to separate traffic between internal organizations, for DMZ, and for VPN (both IPSEC and SSL). The problems these units address are two-fold: to protect our internal network from foreign networks that we have no control over, and to protect the foreign networks from the chance of getting infected by something on our internal network.
- When sized appropriately, it can handle demanding traffic well.
- Cisco is pretty good about putting out security-related updates so we can rest assured that the networks can be as safe as possible.
- The hardware is very reliable and I don't recall any hardware related issues in the 5+ years of using them.
- Software upgrades are smooth and I would recommend getting Cisco support assistance for them to review your current configuration and have them advise which stable and secure version you should move to. They may provide additional commands to enter prior to upgrading if you are moving from a very old version of the software.
- Reporting, especially for VPN functionality, could use some improvements to be able to pinpoint when particular users log in/out.
- The JAVA-based GUI could use some modernization. I currently have to use an older version of JAVA JRE to run the ASDM.
- Some of the licensing structure could use some simplifying. You really have to size the appliance for growth before purchasing the initial license. The bare-bones license doesn't provide much flexibility.
November 08, 2018
The Swiss Army Knife of Firewalls
Cisco ASA provides many security and networking features. These include VPN (Virtual Private Network) capabilities, traffic prioritization, DHCP, Firewall protection of our network, routing, and many more. These allow our business to operate securely, give remote employees easy access to our on-network services, shape our traffic to allow critical services (such as VOIP) to operate at higher priority, and generally give us fine-tuned control over the operation and management of our network and how it interacts with the outside world.
- Performance
- Reliability
- Security
- Configurability/Customization
- User Interface
- Ease of use
- Setup
We use Cisco ASA at the headquarters and the sites to build our cross-network and edge gateway. Like always, Cisco rocks with their hardware, no issues at all. Even better now with the Cloud services, Cisco pushes down updates to the ASA blocking potential threads.
- Rock solid when it comes to VPN Site-to-Site.
- Excellent Firewall functionalities.
- HA capabilities, it never fails.
- It would be better if Cisco continues improving the ASDM for new administrators starting their networking career.
- It would be great if Cisco builds a management web interface like they do for small business products.
October 19, 2018
Cisco ASA - Aging tech no longer a leader in the firewall market
The Cisco ASA platform has a niche place in our infrastructure. It is a decent stateful firewall but lacks features and functionality for changes in network security, segmentation, and user-based access controls. It is a good SSL VPN technology but that is about the only feature on the ASA platform that is widely used. As technology advances, it appears that Cisco has forgotten about the ASA.
- SSL VPN
- Authentication tiering
- User-based access control functionality
- Better logging
- User interface
We use Cisco ASA for our remote phone VPN users. It’s being used primarily by our attorneys that sometimes work at home. It allows our users to have a home office and work with our clients and have them accessible for conferences and gives our users flexibility to conduct business outside the office.
- Allows remote phones to VPN and connect to the phone system
- It’s secure and allows TLS 1.2 encryption
- It’s more reliable to use a physical phone than soft clients e.g. Jabber
- Since we use it for VPN phones the devices need to be configured internally before we deploy them in the field. I have to be able to update the VPN profiles remotely.
Cisco ASA Scorecard Summary
Feature Scorecard Summary
About Cisco ASA
Cisco Adaptive Security Appliance (ASA) software is the core operating software for Cisco’s ASA suite. It supports a variety of specialized network security and firewall options, allowing users to modularize to their business needs. It is scaled for enterprises through “clustering” ASAs, enabling 128 Gbps processing load and 50 million concurrent connections.
Cisco ASA provides a robust VPN setup process and integrates with other Cisco security offerings, including Cloud Web security and Trustsec. CWS provides cloud-based systems security across public and private clouds, and Trustsec is a software-defined segmentation product that mitigates the scope of network threats and data breaches. The platform also supports IPv4 and IPv6, enabling a smoother evolution in Internet Protocols for users.
Categories: Firewall
Cisco ASA Technical Details
| Operating Systems: | Unspecified |
|---|---|
| Mobile Application: | No |