TrustRadius
Cisco Adaptive Security Appliance (ASA) software is the core OS for the ASA suite. It provides firewall functionality, as well as integration with context-specific Cisco security modules. It is scaled for enterprise-level traffic and connections.https://media.trustradius.com/product-logos/40/Lo/7JR5GUS6C8VR.jpegCisco ASA to Protect Your NetworksWe use Cisco ASA across our whole enterprise network. We use them to protect our local LANs to support PCI compliance and to protect any internet-facing circuits.,Cisco ASAs are simple to configure and manage. Cisco ASAs allow easy setup of VPNs. Cisco ASAs provide secure segmentation to offer compliance with PCI.,The CLI commands of the ASA is a bit different than Cisco's IOS devices.,9,With the explosion of data breaches, the ROI is easily justified, as breaches can reach into the millions of dollars.,Palo Alto Networks Next-Generation Firewalls - PA Series,PRTG Network Monitor, Scrutinizer, Cisco Wireless LAN Controllers, Cisco 4000 Series Integrated Services Routers (ISR 4000)Cisco ASA ReviewCisco ASA is used internally by our organization's IT department to secure the perimeter edge. We also use Cisco ASA in our lab to do testings of multiple client scenarios. We sell Cisco ASA to customers and implement Cisco ASA as well for customers in a project environment. It addresses network security issues on the perimeter and sometimes even in the data centre, however, Cisco Firepower appliances are more well-suited to this implementation.,SSL VPN. Site-to-Site VPN. Ease of use and configuration. Easy CLI. Robust. Easy to troubleshoot.,ASDM ease-of-use could be improved. Upgrade/migration from previous versions and the way objects are named. Bring in more support contexts in the default licensing. Bring in more support for SSL VPN connections in the default licensing.,10,Customers experience very good and quick ROI after the initial installation and investment. It has provided the required solution. The customer experience has been excellent.,Fortinet FortiGate and Palo Alto Networks Next-Generation Firewalls - PA Series,Cisco IronPort Web Security Appliance, Cisco 5520 Wireless Controller, Cisco 4000 Series Integrated Services Routers (ISR 4000)Cisco ASA reviewCisco ASA is being used in a department addressing the protection of several critical aspects. It is being used along with firepower in order to streamline the level of security needed.,Zero downtime upgrades. Consistent API interface. Rich feature set.,The GUI (ASDM) should get rid of Java. API specifications and commands lack proper documentation. Deeper regression testing on later releases.,8,ROI is fast due to good renewal offerings. Consistency while upgrading. Has spread knowledge of configuration.,Fortinet FortiGate,Fortinet FortiGateCisco ASA ReviewWe use the ASA as a firewall, intrusion prevention, and VPN in the whole organization. Basically it's a proactive threat defense that stops attacks before they spread through the network.,We Can use multiple contexts or also known as Firewall multimode. Ability to use dynamic routing protocols.,The complex way of connecting external connectivity. Would like more SLA and event manager functionality. GUI interface is lacking. The interface is java specific.,9,Positive - VPN functionality with the ease of setup and security. Being a Cisco shop, this proved to be more cost effective with less need of multiple expertise in house. Negative - the inability to use VPN while in multimode. Would prefer a single entry point with load balancing.,,Check Point Full Disk Encryption Software Blade, Check Point Firewall Software Blade, F-Secure Rapid Detection ServiceThe ASA will do almost anything you ask of it, if you know how to askWe use our Cisco ASA as a traditional firewall, inspecting and routing traffic. We also have Firepower running on it, which allows us to use it for content filtering.,The ASA has been around forever, and has been proven to be a great firewall solution. ASAs are very versatile, running everything from VPNs and ACLs to content filtering. Running them in tangent with other Cisco routing solutions allows for a very diverse and secure setup.,There are two types of technologists: ones who speak Cisco, and ones who don't. The ASA is no different from any Cisco device, in that it comes with a learning curve. These aren't consumer products, and they come with an enterprise price tag. Like many vendors, Cisco uses a java based admin consoles. This is its own special form of torture.,9,The most positive effect the ASA has had on our org is the reliability and flexibility from adding Firepower. The main negative (besides cost) is occasionally needing a consultant to wrap our head around getting the ASA to do what we want. But this is more Cisco than the ASA, and we have a uniquely complex environment.,Cisco Unified Computing System Manager, Ansible, AvamarDecent Firewall at a decent price point.We've deployed ASAs throughout our multiple datacenters and we also use them as onsite edge devices at many of our client sites. We're using them for NATing client devices as well as applying stringent ACLs to control what clients can access on our networks and what we can access on a clients network.,HA NAT ACLS FAILOVER HA VPN,Maybe this has changed, but our ASAs were/are limited ACLs based on Object-Groups/IPs/Ports versus our Palo Altos offer application layer inspection to make sure that traffic traversing the firewall on a specific well known port such as 22 is actually SSH traffic or that traffic on port 80/443 is actually HTTP/HTTPS.,8,Allow us to keep our clients and our business secure. Allow us to use NAT IPs for client side devices so that we're not having to do as much crazy routing or validating that clients aren't using overlapping address space. HA/Failover has been fairly flawless which helps us continue to meet our SLAs.,Palo Alto Networks Next-Generation Firewalls - PA Series and Juniper SRX,Palo Alto Panorama, Palo Alto Networks URL Filtering PAN-DB, Palo Alto Networks Next-Generation Firewalls - PA Series, Ansible, GitHub, PyCharm, Kubernetes, Docker, Mellanox Switches, Cisco Application Centric Infrastructure, Cisco Nexus, Cisco Catalyst Switches, Cisco Routers, Cisco SSL VPN, F5 BIG-IP, Citrix NetScaler, HAProxyCisco ASA Inside The DatacenterCisco ASA is used to filter access to very specific networks that need isolation from the rest of the information system. Our requirements were to have a good level of security, along with enough flexibility so that we could address unpredictable changes in the feature set that the admins of those networks may demand in the future.,Manageability. Deployment. Security. Set of features apart from simple stateful filtering.,Performance. Clustering. Scalability once setup if you don't go for clustering.,7,Less time debugging. Ownership of the network security is made easier. Debugging between multiple teams is made easier.,Elasticsearch, Splunk EnterpriseCisco ASA - Solid contender, but don't use the ips!The Cisco ASA platform has become the standard which I use for most of my SOHO and enterprise setups. I most recently have used this as a buffer between an AWS environment and a production network, where it behaved flawlessly. A second use case was as a VPN concentrator to consolidate all client to site, and site to site VPN connectivity, where it again behaved admirably.,Top of the line crypto, and firepower inline makes threat management easy. easy to set up vpn, now including tunnel interfaces! SOLID infrastructure for client to site vpn with anyconnect,TCO is higher than most. firepower integration into the appliance is straightforward but weak. Units often times cannot process the amount of traffic thrown at them. Support can be painful to work with at times. Need more english speaking staff.,9,Most network engineers have worked with ASA, so there is no need for re-training when adding or turning over staff Current configs from older devices plug in easily, and are operational on larger devices if an upgrade is required Many support options available,Palo Alto Networks Next-Generation Firewalls - PA Series, Check Point 4000 Appliances and Untangle NG Firewall,Check Point 4000 Appliances, Fortinet FortiGate, Palo Alto Networks Next-Generation Firewalls - PA SeriesRobustness and quality above all!!We use it in several critical access and control points, both internal and external. With it we deploy the VPNs that interlace all our offices and authorized consultants for remote access.Together with other tools of the same brand, automated rules are established that allow a more effective control of cybersecurity inside and outside the company.,Excellent integration with several systems and equipment of other brands, as well as with the entire Cisco ecosystem. Very good support and attention from the company and its associates. Constant security updates and functionalities. Robust and reliable equipment, great flexibility in configurations and fully scalable in power and functionalities to the need of the company.,Well, the price is always an important factor with this brand, but I am witnessing that it is worth what it costs, although the ROI is generally not as good as the investors would like it to be. The virtual appliance still consumes too many resources compared to similar ones and I have to assign physical network cards to get an adequate performance when implementing it.,9,The ROI is generally not as good as the investors would like it to be. Very good support and attention from the company and its associates, which reduces the recovery time in case of an incident.,Fortinet FortiGate, SonicWall TZ, Cisco Meraki MX Firewalls, Juniper SRX, Palo Alto Networks WildFire, pfSense and Sophos UTM,Fortinet FortiGate, Sophos UTM, pfSense, Cisco Meraki MX Firewalls, SonicWall TZ, Palo Alto Networks WildFireASA, really means Awesome Security Appliance!!!We use Cisco ASA units for internal remote users to remain connected to our network for access to applications, file shares and corporate email. We also recommend and sell ASA units to customers for use in their networks. Lastly, we recommend and sell ASA units to customers that we host for various applications, so that they can have access to "cloud" based apps but also be as secure as possible in the access thereof.,ASA units provide firewall capabilities that would normally be found in much more expensive equipment ASA units provide POE capability for use with VOIP phones or other equipment. ASA units connect outside internet to inside networks and VPN's with very little overhead and no loss of signal speed. ASA units allow me to run a wireless access point in parallel so that both wired and wireless devices can share one DHCP scope which makes it easier to manage and maintain. ASA units make use of ASDM but also the Cisco standard CLI which makes it easier to train engineers to manage and have ease of deployment using config templates.,In the ASA5506, unlike its predecessor, there are no switched Ethernet ports. Adding that feature would be helpful and save the cost of the additional switch that must be purchased. The real time log viewer is not that great, it's not 100% reliable, its explanations are often a bit too technical, the filter could use some enhancement The ASDM interface as a whole being java is not good. Java has become a nightmare due to poor backwards compatibility and cliff-facing certificate requirements between versions, so java versions for administrators become a nightmare to manage for what should be simple changes,10,Deploying Cisco ASA allows us to offer firewall, LAN, WAN and Wifi to businesses, with low overhead costs, low maintenance and of course great TAC support Using ASA units keeps within the solid industry leading Cisco standards while keeping costs down We are able to use known tools for deployment and troubleshooting without the need for training on additional interfaces.,Palo Alto Panorama,Palo Alto Networks GlobalProtect Mobile Security Manager, Banyan, Palo Alto Networks Next-Generation Firewalls - PA SeriesCisco ASA met all our network firewall needs.Cisco ASA is our main firewall for our site. It is also the VPN termination point for our LAN to LAN VPNs and Remote Access VPNs. It has solved the problem of needing a firewall for cyber security. It has also solved the problem of employees needing remote access into the corporate network.,Cisco ASA is very configurable. Cisco ASA has a lot of features. Cisco ASA is robust. Failing almost never. Cisco ASA can integrate with many other Cisco security solutions.,There is a learning curve for Cisco ASA. A lot of what can be done, initially, needs to be done at the command line interface. Organizing all the firewall rules can be a little daunting with the current UI.,9,Cisco ASA has met all the compliance requirements we have for a network firewall which has had a positive impact on our business objectives. Cisco ASA allows all our users to remote access our network which has had a positive influence on meeting the business need to allow remote access. The integration features of the Cisco ASA has allowed us to continue to secure our network with state of the art security solutions.,Palo Alto Networks Next-Generation Firewalls - PA Series,Darktrace, Microsoft System Center Configuration Manager, Microsoft Office 2016Good classic firewall, but not a next gen winner.We deploy the CIsco ASA 5505 & 5506 on over 250 customers' sites to protect the local LAN and establish a site-to-site VPN to our datacenter from which we host the customer applications. On our datacenter, we use an HA pair of ASA 5585s to produce redundant internet access and NAT all traffic.,Easy to configure with a template and CLI. TACACS command authorization and accounting is must have for compliance. Good SNMP monitoring options. Well developed and very compatible firewall OS.,The 'Next Generation' options feel bolted on and the performance is underwhelming. Impact of enabling the Firepower Inspection is too big. Both response time and throughput suffered horribly.,8,Provided a solid performance on the LAN edges of both our customer sites and our datacenters. Hardly any hardware failures.,Cherwell Service ManagementOur experiences with Cisco ASA firewalls.We have about a dozen Cisco ASA models deployed from 5505-5545. We use them to separate traffic between internal organizations, for DMZ, and for VPN (both IPSEC and SSL). The problems these units address are two-fold: to protect our internal network from foreign networks that we have no control over, and to protect the foreign networks from the chance of getting infected by something on our internal network.,When sized appropriately, it can handle demanding traffic well. Cisco is pretty good about putting out security-related updates so we can rest assured that the networks can be as safe as possible. The hardware is very reliable and I don't recall any hardware related issues in the 5+ years of using them. Software upgrades are smooth and I would recommend getting Cisco support assistance for them to review your current configuration and have them advise which stable and secure version you should move to. They may provide additional commands to enter prior to upgrading if you are moving from a very old version of the software.,Reporting, especially for VPN functionality, could use some improvements to be able to pinpoint when particular users log in/out. The JAVA-based GUI could use some modernization. I currently have to use an older version of JAVA JRE to run the ASDM. Some of the licensing structure could use some simplifying. You really have to size the appliance for growth before purchasing the initial license. The bare-bones license doesn't provide much flexibility.,8,The ASAs have helped us meet compliance regulations in terms of security so that saved us from getting fined/decertified. The flexibility of ASAs have allowed us to standardize on a common platform for the various use cases we have. This allowed us to not have to get other brands which the administrators would have to become familiar with. The long support cycle with timely software updates to address security threats has also been positive on ROI.,,Proofpoint Email Security and Protection, Microsoft Exchange, CentOSThe Swiss Army Knife of FirewallsCisco ASA provides many security and networking features. These include VPN (Virtual Private Network) capabilities, traffic prioritization, DHCP, Firewall protection of our network, routing, and many more. These allow our business to operate securely, give remote employees easy access to our on-network services, shape our traffic to allow critical services (such as VOIP) to operate at higher priority, and generally give us fine-tuned control over the operation and management of our network and how it interacts with the outside world.,Performance Reliability Security Configurability/Customization,User Interface Ease of use Setup,9,Improved efficiency for remote work Improved security - much lower risk in day-to-day operations Increased management cost of network/infrastructure,SonicWall TZ,Ubuntu Linux, MySQLCisco ASA Rocks!We use Cisco ASA at the headquarters and the sites to build our cross-network and edge gateway. Like always, Cisco rocks with their hardware, no issues at all. Even better now with the Cloud services, Cisco pushes down updates to the ASA blocking potential threads.,Rock solid when it comes to VPN Site-to-Site. Excellent Firewall functionalities. HA capabilities, it never fails.,It would be better if Cisco continues improving the ASDM for new administrators starting their networking career. It would be great if Cisco builds a management web interface like they do for small business products.,10,Overall, Cisco ASA rocks, it never fails. 100% up time.,Cisco ASA - Aging tech no longer a leader in the firewall marketThe Cisco ASA platform has a niche place in our infrastructure. It is a decent stateful firewall but lacks features and functionality for changes in network security, segmentation, and user-based access controls. It is a good SSL VPN technology but that is about the only feature on the ASA platform that is widely used. As technology advances, it appears that Cisco has forgotten about the ASA.,SSL VPN Authentication tiering,User-based access control functionality Better logging User interface,5,ASA has good ROI for SSL VPN Negative ROI as a firewall platform Negative ROI for logging,Palo Alto Networks Next-Generation Firewalls - PA Series and Fortinet FortiGateCisco ASA using VPN phonesWe use Cisco ASA for our remote phone VPN users. It’s being used primarily by our attorneys that sometimes work at home. It allows our users to have a home office and work with our clients and have them accessible for conferences and gives our users flexibility to conduct business outside the office.,Allows remote phones to VPN and connect to the phone system It’s secure and allows TLS 1.2 encryption It’s more reliable to use a physical phone than soft clients e.g. Jabber,Since we use it for VPN phones the devices need to be configured internally before we deploy them in the field. I have to be able to update the VPN profiles remotely.,10,We use ASA for VPN phones and it allows our attorneys the flexibility to work with our clients. The VPN phones give attorneys additional ways for clients to communicate with us [thus] increasing their billable hours.,Palo Alto Networks Next-Generation Firewalls - PA Series,Cisco Unified Communications Manager (Call Manager), Cisco Unified Border Element (CUBE)CISCO ASA: A SCALABLE & FUTURISTIC SCALABALE SECURE SOLUTIONCisco ASA is our main Perimeter firewall across the globe, routing all the internet traffic in and out of our infrastructure. It gives the secured way of filtering traffic as per our need. The best part of ASA is the support and trust of loyalty in last 10 years we just never have to reboot the device once also. Its credibility is amazing.,How we can manage: ASDM the GUI is so much easier to manage it even for a new guy also. Traffic handling capacity More secure and the different features it gives. Support from the TAC team or from the community manages to handle issues very efficiently.,I would say Cisco should concentrate more how they will move way the traditional IPS to a new sand-boxing kind of environment.,10,We already got most out of it. Whatever we invested it came with a +ve result. The reliability and the availability it gives is awesome.,Cisco ASA for Small to Medium BusinessesThis device is being used across the entire organization. It is currently our firewall and what guards us from exterior attacks. It is also functioning as our VPN provider for users that need access outside of the company.,Great user management Good usage of ACE and ACL rules that control the network Decent power for a VPN that can be easily created,Not user friendly The GUI is nice, but it doesn't tell you what it does Sometimes, it's hard to track down exactly what is going on,8,We've had a good job managing our network with this Making use of the VPN has helped out tremendously,D-Link Ethernet Switches,Quick BaseThe Gold Standard in Enterprise FirewallsCisco ASA is the industry standard for firewall software. I am not an expert on ASA by any means, but I have used several of the basic functions such as SSL VPN and configuring different VLANs for multiple devices. I only use the Command Line Interface, and never the ASDM which runs on a Java applet.,Customer support is Cisco's forte, and ASA is no exception. If you have issues, they are available 24/7 to help you resolve them. Longevity. I still have a 5510 running that has been running for over 3 years without a reboot with zero issues. URL filtering works great.,Get rid of the Java based ASDM The licensing could be easier. Packet filtering could use some improvement.,10,Asa protects my enterprise from dangerous traffic. It provides SSL VPN. ASA gives me what I call the Cisco peace of mind i.e., if something happens, I know that help is just a phone call away.,Palo Alto Networks Threat Protection and Cisco IronPort Web Security Appliance,Cisco SSL VPN, Cisco Enterprise Network Security, Lantronix XPress-Pro SW, Lantronix XPress-Pro SW, Tripp Lite SmartPro, Ubiquiti Networks UniFi, Ubiquiti Wireless WAN, Ubiquiti WLAN, Dell Asset Recovery ServicesFrom Small Business to Enterprise Level the Cisco ASA is a great Firewall for any BusinessWe use the Cisco ASA as our public ingress and egress entry points across our organization. We have been using Cisco ASA for many years securing our users when accessing the internet and securing our network from users on the internet accessing websites we host. We also use Cisco ASA for VPN access. We have multiple site to site VPNs along with Cisco AnyConnect VPN for users accessing corporate resources when out of the office.,The Cisco AnyConnect VPN is used by our users and is a very easy and secure method for employees to access corporate resources. The Cisco ASA 5585 can be configured in a cluster for larger throughput and high availability. When purchased with FirePOWER the Cisco ASA can be configured to inspect the application layer of the packets for better threat detection.,The Cisco ASA can be configured via command line and with a GUI interface. The GUI interface needs work. It uses Java and depending on Java version you can have issues launching the application. The Cisco ASA needs better logging for troubleshooting. When trying to narrow down an issue the logging needs more information. Licensing can be difficult to understand and there are many options. Make sure you fully understand your needs before ordering.,8,Once fully configured and implemented the product is very solid and provides great security. Little administration is needed unless changes are needed. Tech support is the best in the industry with great response times. Client VPN access is the best in the industry making it very easy with little to no IT involvement.,Palo Alto Networks Next-Generation Firewalls - PA SeriesJump in with Cisco ASA and feel secureWe currently use Cisco ASAs both as our primary firewalls and for VPN. It has made our job in IT easier and with less stress knowing that we are more secure by using this product.,Filtering of traffic is made easier and we are able to better control our environment. VPN is secure and easy to manage through our ASAs. As part of our overall security strategy, Cisco ASAs help keep our perimeter more secure through their ability to customize to our company's needs.,More training on customization would be great. Cisco could provide better Best practice reviews of our environment once set up. More reporting features for Execs would help.,10,In terms of ROI having a device that can do multiple security roles is a must. Budgeting is reduced without sacrificing Security. Multiple options make it easier for IT to manage our environment and have needed scalability.,Palo Alto Networks Next-Generation Firewalls - PA Series,SysAid, Forcepoint Web Security Suite, Symantec Endpoint Protection,Yes,10,No,Cisco pointed out an issue with our ASAs that needed to be corrected immediately. Their staff worked tirelessly to get our problem resolved as quick as possible.Cisco ASAWe are using Cisco ASA to connect our remote sites using IPsec VPN feature in secured manner.Also using it as for SSL VPN to connect our web services.,Cisco ASA is very robust device that keeps our network secure from threats Cisco ASA is very in intelligent device and full of multiple features such as load balancing , quality of service and many more Cisco ASA have enough licensing options which any customer can choose it from.,Cisco ASA is limited to UTM features such as malware and antivirus Cisco ASA is less modular in terms of adding / removing modules Cisco ASA don't have AC/DC combined power options,10,Cisco ASA is good in terms of operational cost Cisco ASA is good in terms of administration propective Cisco ASA is good in terms of software upgrade,,Fortinet FortiGate, SonicWall TZ, Palo Alto Networks Next-Generation Firewalls - PA SeriesWhy I recommend Cisco / MerakiI use Cisco ASA routers in conjunction with Meraki Z1 & Z3 appliances to allow my remote teams to connect to the main office and for those traveling to easily be able to link back to the home network for easy access while on the road.,Site-2-site VPN tunnels. Monitoring network traffic using firepower VLANs,Better GUI interface More robust trouble shooting tools Clearer licensing agreements,9,We saved time and money on setting up remote offices because we were able to leverage our existing infrastructure with little cost,Linksys Ethernet Switches, NetGear ProSafe Managed Switches and Ubiquiti Networks UniFiCisco ASA Provides Peace of MindI use the ASA as our main firewall for all outward facing services utilizing the FirePower functionality as well.,Hardens the network Advanced Malware Protection IPS / IDS functionality VPN Connectivity,Software upgrades can be somewhat challenging at times. Pricing is a little high,10,With our specific Cisco discount as a global customer, the ASA has allowed us to provide first in class hardware at a very reasonable price. Utilizing an HA configuration allows us to ensure we don’t have a single point of failure. The VPN functionality has improved the security of our network while providing our users multiple hardware options for accessing sensitive network resources with less risk.,SolarWinds IPAM, SolarWinds Network Configuration Manager, Concur Expense
Unspecified
Cisco ASA
155 Ratings
Score 8.4 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>TRScore

Cisco ASA Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
Cisco ASA
155 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.4 out of 101

Do you work for this company?

TrustRadius Top Rated for 2019
Show Filters 
Hide Filters 
Showing 45 of 155 Cisco ASA ratings and reviews.
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-25 of 45)

Companies can't remove reviews or game the system. Here's why.
Steven Van Jaarsveld profile photo
May 21, 2019

Cisco ASA Review

Score 10 out of 10
Vetted Review
Reseller
Review Source

Pros and Cons

  • SSL VPN.
  • Site-to-Site VPN.
  • Ease of use and configuration.
  • Easy CLI.
  • Robust.
  • Easy to troubleshoot.
  • ASDM ease-of-use could be improved.
  • Upgrade/migration from previous versions and the way objects are named.
  • Bring in more support contexts in the default licensing.
  • Bring in more support for SSL VPN connections in the default licensing.
Read Steven Van Jaarsveld's full review
George Venianakis profile photo
May 13, 2019

Cisco ASA review

Score 8 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Zero downtime upgrades.
  • Consistent API interface.
  • Rich feature set.
  • The GUI (ASDM) should get rid of Java.
  • API specifications and commands lack proper documentation.
  • Deeper regression testing on later releases.
Read George Venianakis's full review
Dalibor Cvetanovic profile photo
May 09, 2019

Cisco ASA Review

Score 9 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • We Can use multiple contexts or also known as Firewall multimode.
  • Ability to use dynamic routing protocols.
  • The complex way of connecting external connectivity.
  • Would like more SLA and event manager functionality.
  • GUI interface is lacking. The interface is java specific.
Read Dalibor Cvetanovic's full review
Tom Erdman profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • The ASA has been around forever, and has been proven to be a great firewall solution.
  • ASAs are very versatile, running everything from VPNs and ACLs to content filtering.
  • Running them in tangent with other Cisco routing solutions allows for a very diverse and secure setup.
  • There are two types of technologists: ones who speak Cisco, and ones who don't. The ASA is no different from any Cisco device, in that it comes with a learning curve.
  • These aren't consumer products, and they come with an enterprise price tag.
  • Like many vendors, Cisco uses a java based admin consoles. This is its own special form of torture.
Read Tom Erdman's full review
No photo available
Score 8 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • HA NAT
  • ACLS
  • FAILOVER
  • HA
  • VPN
  • Maybe this has changed, but our ASAs were/are limited ACLs based on Object-Groups/IPs/Ports versus our Palo Altos offer application layer inspection to make sure that traffic traversing the firewall on a specific well known port such as 22 is actually SSH traffic or that traffic on port 80/443 is actually HTTP/HTTPS.
Read this authenticated review
No photo available
Score 7 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Manageability.
  • Deployment.
  • Security.
  • Set of features apart from simple stateful filtering.
  • Performance.
  • Clustering.
  • Scalability once setup if you don't go for clustering.
Read this authenticated review
Larry Chisholm profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Top of the line crypto, and firepower inline makes threat management easy.
  • easy to set up vpn, now including tunnel interfaces!
  • SOLID infrastructure for client to site vpn with anyconnect
  • TCO is higher than most.
  • firepower integration into the appliance is straightforward but weak. Units often times cannot process the amount of traffic thrown at them.
  • Support can be painful to work with at times. Need more english speaking staff.
Read Larry Chisholm's full review
Carlos Daniel Casañas Bertolo ஃ profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Excellent integration with several systems and equipment of other brands, as well as with the entire Cisco ecosystem.
  • Very good support and attention from the company and its associates. Constant security updates and functionalities.
  • Robust and reliable equipment, great flexibility in configurations and fully scalable in power and functionalities to the need of the company.
  • Well, the price is always an important factor with this brand, but I am witnessing that it is worth what it costs, although the ROI is generally not as good as the investors would like it to be.
  • The virtual appliance still consumes too many resources compared to similar ones and I have to assign physical network cards to get an adequate performance when implementing it.
Read Carlos Daniel Casañas Bertolo ஃ's full review
Richard Oberle profile photo
Score 10 out of 10
Vetted Review
Reseller
Review Source

Pros and Cons

  • ASA units provide firewall capabilities that would normally be found in much more expensive equipment
  • ASA units provide POE capability for use with VOIP phones or other equipment.
  • ASA units connect outside internet to inside networks and VPN's with very little overhead and no loss of signal speed.
  • ASA units allow me to run a wireless access point in parallel so that both wired and wireless devices can share one DHCP scope which makes it easier to manage and maintain.
  • ASA units make use of ASDM but also the Cisco standard CLI which makes it easier to train engineers to manage and have ease of deployment using config templates.
  • In the ASA5506, unlike its predecessor, there are no switched Ethernet ports. Adding that feature would be helpful and save the cost of the additional switch that must be purchased.
  • The real time log viewer is not that great, it's not 100% reliable, its explanations are often a bit too technical, the filter could use some enhancement
  • The ASDM interface as a whole being java is not good. Java has become a nightmare due to poor backwards compatibility and cliff-facing certificate requirements between versions, so java versions for administrators become a nightmare to manage for what should be simple changes
Read Richard Oberle's full review
Brandon Holbrook profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Cisco ASA is very configurable.
  • Cisco ASA has a lot of features.
  • Cisco ASA is robust. Failing almost never.
  • Cisco ASA can integrate with many other Cisco security solutions.
  • There is a learning curve for Cisco ASA.
  • A lot of what can be done, initially, needs to be done at the command line interface.
  • Organizing all the firewall rules can be a little daunting with the current UI.
Read Brandon Holbrook's full review
Wouter Hindriks profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Easy to configure with a template and CLI.
  • TACACS command authorization and accounting is must have for compliance.
  • Good SNMP monitoring options.
  • Well developed and very compatible firewall OS.
  • The 'Next Generation' options feel bolted on and the performance is underwhelming.
  • Impact of enabling the Firepower Inspection is too big. Both response time and throughput suffered horribly.
Read Wouter Hindriks's full review
No photo available
Score 8 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • When sized appropriately, it can handle demanding traffic well.
  • Cisco is pretty good about putting out security-related updates so we can rest assured that the networks can be as safe as possible.
  • The hardware is very reliable and I don't recall any hardware related issues in the 5+ years of using them.
  • Software upgrades are smooth and I would recommend getting Cisco support assistance for them to review your current configuration and have them advise which stable and secure version you should move to. They may provide additional commands to enter prior to upgrading if you are moving from a very old version of the software.
  • Reporting, especially for VPN functionality, could use some improvements to be able to pinpoint when particular users log in/out.
  • The JAVA-based GUI could use some modernization. I currently have to use an older version of JAVA JRE to run the ASDM.
  • Some of the licensing structure could use some simplifying. You really have to size the appliance for growth before purchasing the initial license. The bare-bones license doesn't provide much flexibility.
Read this authenticated review
No photo available
January 25, 2019

Cisco ASA Rocks!

Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Rock solid when it comes to VPN Site-to-Site.
  • Excellent Firewall functionalities.
  • HA capabilities, it never fails.
  • It would be better if Cisco continues improving the ASDM for new administrators starting their networking career.
  • It would be great if Cisco builds a management web interface like they do for small business products.
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Allows remote phones to VPN and connect to the phone system
  • It’s secure and allows TLS 1.2 encryption
  • It’s more reliable to use a physical phone than soft clients e.g. Jabber
  • Since we use it for VPN phones the devices need to be configured internally before we deploy them in the field. I have to be able to update the VPN profiles remotely.
Read this authenticated review
Jitu Mani Das profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • How we can manage: ASDM the GUI is so much easier to manage it even for a new guy also.
  • Traffic handling capacity
  • More secure and the different features it gives.
  • Support from the TAC team or from the community manages to handle issues very efficiently.
  • I would say Cisco should concentrate more how they will move way the traditional IPS to a new sand-boxing kind of environment.
Read Jitu Mani Das's full review
Michael Timms profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Customer support is Cisco's forte, and ASA is no exception. If you have issues, they are available 24/7 to help you resolve them.
  • Longevity. I still have a 5510 running that has been running for over 3 years without a reboot with zero issues.
  • URL filtering works great.
  • Get rid of the Java based ASDM
  • The licensing could be easier.
  • Packet filtering could use some improvement.
Read Michael Timms's full review
Brian Munn profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • The Cisco AnyConnect VPN is used by our users and is a very easy and secure method for employees to access corporate resources.
  • The Cisco ASA 5585 can be configured in a cluster for larger throughput and high availability.
  • When purchased with FirePOWER the Cisco ASA can be configured to inspect the application layer of the packets for better threat detection.
  • The Cisco ASA can be configured via command line and with a GUI interface. The GUI interface needs work. It uses Java and depending on Java version you can have issues launching the application.
  • The Cisco ASA needs better logging for troubleshooting. When trying to narrow down an issue the logging needs more information.
  • Licensing can be difficult to understand and there are many options. Make sure you fully understand your needs before ordering.
Read Brian Munn's full review
Eric Krueger profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Filtering of traffic is made easier and we are able to better control our environment.
  • VPN is secure and easy to manage through our ASAs.
  • As part of our overall security strategy, Cisco ASAs help keep our perimeter more secure through their ability to customize to our company's needs.
  • More training on customization would be great.
  • Cisco could provide better Best practice reviews of our environment once set up.
  • More reporting features for Execs would help.
Read Eric Krueger's full review
Amit Gumber profile photo
July 18, 2018

Cisco ASA

Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Cisco ASA is very robust device that keeps our network secure from threats
  • Cisco ASA is very in intelligent device and full of multiple features such as load balancing , quality of service and many more
  • Cisco ASA have enough licensing options which any customer can choose it from.
  • Cisco ASA is limited to UTM features such as malware and antivirus
  • Cisco ASA is less modular in terms of adding / removing modules
  • Cisco ASA don't have AC/DC combined power options
Read Amit Gumber's full review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Hardens the network
  • Advanced Malware Protection
  • IPS / IDS functionality
  • VPN Connectivity
  • Software upgrades can be somewhat challenging at times.
  • Pricing is a little high
Read this authenticated review

Feature Scorecard Summary

Identification Technologies (5)
7.3
Visualization Tools (4)
6.7
Content Inspection (5)
6.5
Policy-based Controls (5)
8.2
Active Directory and LDAP (5)
7.6
Firewall Management Console (5)
7.5
Reporting and Logging (5)
8.0
VPN (5)
8.0
High Availability (5)
8.1
Stateful Inspection (5)
8.6
Proxy Server (3)
8.1

About Cisco ASA

Cisco Adaptive Security Appliance (ASA) software is the core operating software for Cisco’s ASA suite. It supports a variety of specialized network security and firewall options, allowing users to modularize to their business needs. It is scaled for enterprises through “clustering” ASAs, enabling 128 Gbps processing load and 50 million concurrent connections.

Cisco ASA provides a robust VPN setup process and integrates with other Cisco security offerings, including Cloud Web security and Trustsec. CWS provides cloud-based systems security across public and private clouds, and Trustsec is a software-defined segmentation product that mitigates the scope of network threats and data breaches. The platform also supports IPv4 and IPv6, enabling a smoother evolution in Internet Protocols for users.

Categories:  Firewall

Cisco ASA Technical Details

Operating Systems: Unspecified
Mobile Application:No