Cisco Firepower 1000 Series

Cisco Firepower 1000 Series

Customer Verified
TRUE
About TrustRadius Scoring
Score 6.9 out of 100
TRUE
Cisco Firepower 1000 Series

Overview

Recent Reviews

RA

9 out of 10
April 22, 2021
Cisco Firepower 1000 Series is being used across the entire company, which is being used as the Internet firewall. It controls access to …
Continue reading
Read all reviews

Popular Features

View all 10 features

High Availability (30)

8.4
84%

Policy-based Controls (31)

8.2
82%

Firewall Management Console (30)

7.3
73%

Reporting and Logging (31)

7.0
70%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Cisco Firepower 1000 Series, and make your voice heard!

Pricing

View all pricing

Firepower 1000

1,000-5,000

On Premise
per appliance

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.cisco.com/c/en/us/solutions…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

Firewall

7.8
78%

Product Details

What is Cisco Firepower 1000 Series?

Cisco Firepower 1000 Series is built to allow users to simplify security. With 1000 Series firewalls and Cisco Defense Orchestrator, the vendor states that users get class-leading security while saving time on firewall administration while Defense Orchestrator upgrades firewalls with one tough, automatically de-conflicts overlapping security policies and centralizes the management of AWS VPC image security rules.

Cisco Firepower 1000 Series Features

Firewall Features

  • Supported: Identification Technologies
  • Supported: Visualization Tools
  • Supported: Content Inspection
  • Supported: Policy-based Controls
  • Supported: Active Directory and LDAP
  • Supported: Firewall Management Console
  • Supported: Reporting and Logging
  • Supported: VPN
  • Supported: High Availability
  • Supported: Stateful Inspection

Cisco Firepower 1000 Series Video

Watch NGFW Demo

Cisco Firepower 1000 Series Downloadables

Cisco Firepower 1000 Series Competitors

Cisco Firepower 1000 Series Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo

Frequently Asked Questions

The Cisco Firepower® 1000 Series for small to medium-size businesses and branch offices is a family of four threat-focused Next-Generation Firewall (NGFW) security platforms designed to deliver business resiliency through superior threat defense. The vendor provides that they offers exceptional sustained performance when advanced threat functions are enabled. The 1000 Series’ throughput range addresses use cases from the small office, home office, remote branch office to the Internet edge. The 1000 Series platforms run Cisco Firepower Threat Defense (FTD) and Cisco® Adaptive Security Appliance (ASA) software.

Reviewers rate VPN highest, with a score of 8.6.

The most common users of Cisco Firepower 1000 Series are from Enterprises (1,001+ employees) and the Information Technology & Services industry.

Comparisons

View all alternatives

Compare with

Reviews

(1-25 of 31)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
Review Source
Migration of current ASA 5505, ASA5540 firewall fleet. The migration steps are to migrate to an new platform recommending Firepower Threat Defense.
  • Simplicity of functionality
  • Throughput of traffic
  • Ease of implimentation
  • Real time logging to FMC
  • Option for web interface for real time logging even if you are FMC controlled
Small business implementation where IT support are not as well verse in firewall technology.
There is alot of room for improvement which they are working on.
There are certain features i would like to see on the FDM management that does not require full FMC
Score 2 out of 10
Vetted Review
Verified User
Review Source
Use for our main firewalls and used to segment certain VLANs off further.
  • Single object multi site management.
  • Multi site deployment
  • ACLS in gui are PIA cant see object details
  • Objects in ACLs dont show IP addresses
  • Have to renames every object to name+ip to make acl GUI useable
  • Speed to data can use improvement.
  • Health warnings should allow you to resolve you have to dig n search in some cases.
Forced GUI mode makes using the product at least 3 times slower than normal deployment is easily 100 times slower than old ASA vs current FTD. Save deploys ok. That's how many times u click to deploy a change now wait 5 min for change to hopefully work config rollback is not a rollback its a wipe n restore INSANE. You got a 2 because of single object multi-site deployment otherwise it would be a Fortinet recommend.
Support is great always.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Very good Firewall for small to mid-size offices. We upgraded from ASA to Cisco Firepower 1000 Series. Great support from Cisco made us choose Cisco Firepower 1000 Series. We use it for VPN, IPS, and URL Filtering. Great product for these services. Previously it was buggy now Cisco has improved its security products and slowly becoming the Market leader. Stable and great support are the two words for it.
  • VPN
  • IPS
  • URL Filtering
  • Costly
  • GUI
It's great for small to mid-size branches to manage loads. One of the best Firewalls in the market in this space with all basic features such as VPN, IPS adding it with URL Filtering. TALOS is also a great solution. Moreover, Cisco support is way above competitors with instant support and a huge partner base from which you can get help instantly.
Cisco provides the best support in the market. Their 24X7 TAC is really the market leader. You can easily get the engineer on call in minutes during Severity 1 or 2 incidents. We have used other vendors as well and getting the right guy on call was very difficult. But with Cisco things get resolved very easily
Score 8 out of 10
Vetted Review
Verified User
Review Source
Cisco Firepower 1000 is an entry NGFW for small/medium and branch offices that are designed to deliver excellent security solutions at a budget price with ease of administration.
  • Cisco IPS
  • Cisco Malware Defense for Networks
  • URL filtering
  • The GUI management could be better
  • Lack of reporting features
I highly recommended Cisco Firepower 1000 Series for small branch offices that have less than 50 users and are not hosting any applications serving traffic. Vice versa, I do not recommend it for larger offices. Additionally, if you are considering fronting your application server with Firepower 1000 then it is definitely a no-go, as its throughput may be insufficient to serve a large amount of user traffic and requests.
Score 8 out of 10
Vetted Review
Verified User
Review Source
Cisco Firepower is an excellent solution that works in tandem with our EDR solution. Talos is an industry leading organization that integrates seamlessly with the CF1000 and provides really solid firewall management and administration, reducing the time it takes to upgrade, organize rules, or perform weekly change management duties on our current security infrastructure.
  • Firewall Administration
  • Network Security
  • AWS VPC Rules
  • Azure Integration
Provides incredible value to an open security architecture, with minimal downsides. It integrates very well with our current AWS solutions, but has work to do before we use it with any production Azure environment. I have personally used it weekly since implementation and the learning required to become fluent with its intricacies was minimal.
Blessing and a curse, but I do not have a whole lot of information regarding Cisco support, mostly because it's rarely ever needed with this product.
Rajesh Singh | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Cisco Firepower 1000 Series is a true next-generation firewall designed for more visibility, more control, and protection of layer 7 attacks on your organization. This is one of the best firewalls providing all the advanced features like advanced malware protection, URL filtering, advanced IPS, threat prevention, etc. I have been managing the Cisco Firepower 1000 Series for the last 2 years. It gives me more visibility of my network and more control on layers 3 and 4. It also allows me to control the incoming and outgoing network traffic of my organizations.
  • More visibility on network traffic
  • Advanced malware protection
  • Advanced IPS
  • URL filtering
  • Threat prevention
  • It can prevent any DNS attack
  • Site-to-site VPN
  • Cisco AnyConnect remote VPN
  • SSL encryption
  • Access list
  • NAT
  • Sandbox
  • Centralized management
  • Anti-spam
  • It can stop any phishing attack
  • Easy to generate the report and logs
  • It takes time to push the policy through ASDM
Cisco Firepower 1000 Series is a next-generation firewall that is designed to detect and prevent any cyber attack on your organization. It is well suited for every organization that needs deep packet scanning. You can sandbox scan every packet and remove any malware. Cisco Firepower provides advanced malware protection by keeping an eye on incoming and outgoing traffic then blocking any suspicious activity.
Cisco Firepower provides 24/7, 365 customer support. We can raise a ticket through the phone or portal. Cisco always follows the SLA and provides a solution within it.
Basant Gupta | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
[Cisco Firepower 1000 Series is] specially designed for layer 7 security. It provides all advanced features like advanced malware protection, advanced Intrusion Prevention Systems, URL filtering, etc. We can control users' incoming and outgoing traffic and we will get more visibility of traffic. We are using this series firewall on one of my sites and it is fully secure and protected from any cyber-attacks. We are very happy with all the features and Cisco support.
  • IPSEC site to site VPN
  • Advanced malware protection
  • Intrusion Prevention Systems
  • SSL Cisco AnyConnect remote VPN
  • URL filtering
  • Sandbox
  • Email security
  • Anti-spam
  • Phishing control
  • ASDM is not user friendly
Cisco Firepower 1000 Series is best and required for every organization. It will give you more control [over] incoming and outgoing traffic and more visibility on user traffic. Sandbox is one of the best features [that] provides you [with] deep-level packet scans and gives you multilayered security. It can stop any malware attack on your organization. The support of Cisco is very fast and lots of documentation are available on the Cisco website.
Cisco is best for customer support. Last year, I faced some URL issues and I raised [a] ticket. I [received a] call with in SLA and got [a] solution very quickly.
September 30, 2021

Ideal for small business

Score 9 out of 10
Vetted Review
Verified User
Review Source
Used by [the] networking team.
  • Intrustion prevention and detection
  • Access control policy
  • LDAP and radius integration
  • The GUI management could be improved
  • Features are missing in on box management compared to management center
  • Reporting could be improved
Comparatively, it provides [a] better experience and security than other vendor devices.
Cisco support is [the] best.
Ryan Dettmer, CCNA, CCNPc | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Quick deployment for Covid testing sites to VPN back to hospitals. This creates a VPN and split tunnels for hospital wifi and local guest network to allow a patient to stay connected as well as clinicians.
  • Easy of use and training
  • Support is readily available
  • Deployment is quick
  • Lightweight with big power behind it
  • When searching through some menus there are times where a search bar could be implemented to assist.
  • VPN log files are cumbersome. Streamlining those when getting into details of 1 site to site is difficult but overall not a deal-breaker.
SOHO, remote clinics, small branch offices, if the price were cheap anywhere a firewall is warranted for consumers as well as small businesses.
I have had troubles with Firepower Management Center and the FTD's in the past. Sticking to a Gold Star image and upgrading when the "bugs" are fixed is great. That still doesn't mean you are left vulnerable though. The extra features are just not enabled yet. Great product and calling support is readily available for any issue.
sitaram gurjar | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Cisco Firepower 1000 Series is a next-generation firewall series designed to protect your organization from external threats and cyber-attacks. Cisco Firepower is mainly focused on Layer 3 and 4 security control and Layer 7 application visibility and security, to control advanced threats and cyber attacks. I am handling the Cisco Firepower Series for one of my clients. It provides a bundle of security features to prevent any type of cyber-attack.
  • Advanced malware protection
  • Advanced IPS
  • Sandbox
  • ACL
  • QOS
  • Application control
  • URL filtering
  • Content filtering
  • Sometimes there is slowness on ASDM
If you want to protect your organization from Layer 7 attacks and want more control on Layer 4 and Layer 5, then this firewall is best for your organization. [Cisco Firepower 1000 Series] is well suited for all organization sizes. The cost of this firewall is much less compared to other vendors and you will get a lot of advanced features like advanced malware protection, IPS, etc.
Cisco is best for their customer support. Last year I raised a ticket and received a response within SLA. Then they provided my solution within SLA. A lot of documentation is also available on the Cisco website.
sandeep kamboj | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using Cisco Firepower 1000 Series for the Malware detection & Intrusion prevention System. We have also configured the logging & reporting feature on it so that we can easily monitor the traffic & take action accordingly. We have also configured remote VPN for remote users' easy accessibility. Cisco Firepower 1000 Series help us to prevent unnecessary traffic & keep up the infrastructure secure.
  • Malware detection & Analysis
  • Blocking Unnecessary traffic according to the Geo locations
  • Application filtering & Content filtering
  • IPS/IDS Feature
  • Management Console UI needs to be improve
  • Need to make a reboot after every config change
Cisco Firepower 1000 Series is well suited for Medium & Large Scale infrastructure having a data center environment & multiple applications. It provides advanced security features such as sandboxing & application filtering that keep the infrastructure secure from bad actors. It also provides easy integration features with Active Directory & LDAP.
Cisco Support is one of the best support we can say in terms of availability & SLA. Cisco Support helps us to configure & maintain the hardware device. They also help us in firmware upgrade activities as well as Quarterly Maintenance activities.
Score 10 out of 10
Vetted Review
Verified User
Review Source
It has been used by our organization as a network edge security platform. It also has the purpose of offering protection and visibility of layer 7 traffic. We have rules and acls in place to provide greater protection for the internal network and to prevent attacks by external attackers. In total there are two Firepower 1150 appliances and the second is to have a redundancy only where it is on standby. Along with the appliances, malware protection licenses and url filters were purchased.
  • Full network protection with ngfw licenses
  • Ssl vpn allowing the home office and access to network folders.
  • Protection against ransomware.
  • Web content filter and proxy for certain users and times.
  • Firewall is overloaded a lot when activating all licenses available at certain times.
  • Lack of documentation in Portuguese.
The firewall not only offers protection to our network, but also the possibility of making a home office and connecting with an ipsec or ssl vpn from home. The network is protected against malware, hackers and data attacks. URL filtering features help reduce viruses and protect against inappropriate websites. It is recommended for smaller scenarios and with few users. For scenarios with a higher density of people, the Firepower 2100 line is better.
The guarantee is very important and fundamental in technology equipment. And in that, Cisco is one step ahead as it has excellent technical support and a very good SLA level. When we used it, we were served quickly and optimally. For hardware failures, Cisco sends new equipment to the address.
Score 7 out of 10
Vetted Review
Verified User
Review Source
I implemented Cisco Firepower 1000 Series firewalls on more than 10 clients all over France. It's used generally for small and medium businesses as an edge firewall for uses like internet surfing, routing, traffic filtering, VPN hub, etc. Generally, it's used by the whole organization if it's well sized for it.
  • Application filtering
  • IDS/IPS
  • Remote access VPN based on AnyConnect
  • Management console
  • Commit deployment success ratio
  • Hit count
The Cisco Firepower 1000 Series is suited for small to medium businesses with basic security needs. It's less appropriate for bigger companies with advanced technologies and needs like multicast networking, SDWAN, etc. In fact, SDWAN is not yet possible to configure (in this case, you need Meraki as another Cisco product), and for multicast I recommend FortiGate.
Cisco support is acceptable, but we still need to ask case escalation to get real advanced technicians handling support. the positive point is that you can call Cisco support by phone immediately after opening a ticket and get real level 2-3 support. But sometimes you need to wait a lot on hold to get someone with a really advanced technical level.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use the Cisco firepower 1000 for routing, firewall functions, and security intelligence features. We replaced our older ASAs which had been failing with these. They offer better throughput and more security than the old ASAs. We provide website hosting and remote access for clients. Utilizing 2 incoming lines for dedicated fiber line with SLA and standard coble line for browsing. The Cisco with all the additional port offerings allows us to configure everything we need.
  • Routing
  • Firewall functions
  • Additional security features
  • These devices don't always take changes without a reboot, which can be hard in a production device.
  • Cisco is no always clear in how to configure things.
  • Routing features can be confusing, we even had a consultant a bit confused over setup.
This device is great for an SMB to secure its perimeter and allow the function of the business. With all the ports available and all the configurations, we are able to be flexible in our delivery of services to our clients. The security features are a big plus as everyone in today's world is being constantly attacked.
We have not directly used support for these devices yet, but from past experience, Cicso has always been available and able to help us resolve the few issues we had. During this upgrade, our consult from CDW worked with Cisco on some situations that came up and we were able to move forward at the next meeting but we could have done it in real-time if we wanted.
April 22, 2021

RA

Score 9 out of 10
Vetted Review
Reseller
Review Source
Cisco Firepower 1000 Series is being used across the entire company, which is being used as the Internet firewall. It controls access to the Internet and provides content filtering for all corporate users. Guest users also have managed access through the firewall. It is also being utilized for VPN tunneling between branches and other remote sites.
  • My organization is all Cisco and wants to stay in the Cisco life cycle, Firepower 1000 series is great for small to medium-size office.
  • Very robust enterprise-grade security solution with updated threat features to handle any current and upcoming threats. The solution is backed by Cisco to ensure constant security updates. Integrated AnyConnect remote client VPN is a big plus to allow for secure remote workers access. Easier to set up a site to site VPN due to the large user base and case studies published on integrating to other manufacturer solutions.
  • We have a few remote sites that connect via a metro-E link that needed a way back to the network via a more secure route than we were using before. Using the Cisco Firepower 1120 and 1140 we were able to successfully get those sites back onto the network over a VPN link with a much better/safer protocol and connection type.
  • We user the Cisco Firepower 1120 in a variety of use cases across our division. We typically use it in a high-availability configuration, both in the same room together and separated via some distance. The Cisco Firepower 1000 Series has been a nice upgrade from our previous models of Cisco Firewalls.
[Cisco Firepower 1000 Series] helps our client to who is a small scale NGO. Firepower acts as primary security along with the ASA firewall. This is highly compatible with a small industry or a branch just like our client for who we are providing network and security support. It performs really well in load balancing the firewall environment.
Cisco Firepower is being used across the entire organization.
Score 8 out of 10
Vetted Review
Verified User
Review Source
It fills in the gap as Cisco Anyconnect remote access solution.
  • Single pane of glass management using FMC
  • Great as remote access VPN Solution
  • Saves a lot of headaches with URL and FQDN based policies
  • It is stable now, and Cisco TAC is great at troubleshooting if any issues occur
  • Great product but at this price point there is a lot of competition
  • Some implementations maxed out NGIPS throughput and Strained CPU
If your organisation is all Cisco and wants to stay in the Cisco life cycle, Firepower 1000 series is great for small to medium-size office.
There is still room for improvement. It would be great to see some of the features to mix between firepower and SD WAN. Any kind of dynamic tunneling support such as dmvpn will be great since it sits on the edge.
Score 10 out of 10
Vetted Review
Verified User
Review Source
We user the Cisco Firepower 1120 in a variety of use cases across our division. We typically use it in a high-availability configuration, both in the same room together and separated via some distance. The Cisco Firepower 1000 Series has been a nice upgrade from our previous models of Cisco Firewalls.
  • Reliability
  • Rulesets
  • Cost performance
  • GUI
  • Licensing ease
  • Central management
The Cisco Firepower 1000 Series is well suited to simplified firewall solutions where you want to get reliable performance for a great price point. We use this Cisco Firepower 1000 Series platform for small VPN sites as well as for guest firewalls, among other solutions that you can use this product for.
We have had only good experiences with support when it comes to the Cisco Firepower 1000 Series family of firewalls. Cisco TAC is always completely responsive and able to provide any technical assistance. For times when we don't go directly to Cisco TAC, the Cisco Community also has a lot of resources that assist with questions.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We have a few remote sites that connect via a metro-E link that needed a way back to the network via a more secure route than we were using before. Using the Cisco Firepower 1120 and 1140 we were able to successfully get those sites back onto the network over a VPN link with a much better/safer protocol and connection type.
  • Uses the latest high security protocols
  • Lots of other great firewalling tools and abilities
  • Fairly priced for a NGFW
  • Good technical support
  • Must upgrade to the higher end models in the series to add sfp ports
  • Racking the smaller units can be difficult due to reduced size/non standard racking type
  • Price of an 1150 is almost comparable to the 2000 series
Getting Cisco into your network is never a bad proposition. If I was asked by a friend, then Cisco's name would always be in the top 5. Now if you're needing something that is going to cover more than just a small site, or handling your main internet connection, [then] going up a rung to the 2000 series would be my next recommendation.
Well Cisco TAC is known for their hard work and determination to fix your problem, and this has no[t] changed recently. Whether you're calling to get help on your fifty thousand dollar core switch, or you're calling about one of these 1000 series firewalls, you get the same great service. Very little to complain about in this department.
Score 8 out of 10
Vetted Review
Verified User
Review Source
[Cisco Firepower 1000 Series] is use as IPS and Firewall System. This help with the monitoring and log on use behavior
  • Geo-Blocking
  • Malware Detection
  • License model is a nightmare
  • For time to time is too complex to configure
  • Needs other tools to get the result you are looking
In a medium to large organization that needs IPS solutions, and has the budget to acquire the licenses need it to have those functionalities.
[Cisco Firepower 1000 Series] is not suitable for small organization that need IPS solution as the license can be expensive.
I used third party support as Cisco support is slow
Score 5 out of 10
Vetted Review
Verified User
Review Source
The licence price was costy using every year
  • Simple to manage
  • Highly security and filter malicious activity
  • High prformance
  • Defend against BOTs
  • easy to manage logs
Cisco Firepower 1000 series is for our medium organization's client is not selected because of complicated functionality to troubleshoot and also not easy to security engineer. For the financial sector, I would be recommended
my organization have much high skill firepower specialization, expert
Score 10 out of 10
Vetted Review
Reseller
Review Source
Cisco Firepower 1000 Series is being used across the entire company, which is being used as the Internet firewall. It controls access to the Internet and provides content filtering for all corporate users. Guest users also have managed access through the firewall. It is also being utilized for VPN tunneling between branches and other remote sites.
  • Secure high-end solution, protects the business
  • Updates threat licensing--constant updates allow ease of management
  • Cost of add-on features
  • Cost of Smartnet
  • Complexity of installation process

Pros

  • Small form factor
  • Threat mitigation
  • Threat licensing

Cons

  • Complexity of install
  • Cost of add-on features
  • Cost of Smartnet
Support is quite good. Cisco Smartnet and TAC are the best in the industry. Any calls into TAC are handled quickly with good resolution. I’ve not had to utilize Smartnet for any hardware issues but would expect a superior experience as this is a critical piece of the company’s network. Any calls are typically handled with urgency.
Very robust enterprise-grade security solution with updated threat features to handle any current and upcoming threats. The solution is backed by Cisco Talos to ensure constant security updates. Integrated AnyConnect remote client VPN is a big plus to allow for secure remote workers access. Easier to set up a site-to-site VPN due to the large user base and case studies published on integrating to other manufacturer solutions.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Purchased [Cisco] Firepower [1000 Series] appliances to replace legacy ASA 5500X series with [Cisco] Firepower modules. Used for AnyConnect employee RAS, IPSEC site to site VPNs and local internet access breakout from sites. Firepowers allowed us to scale from ~100 remote users a day to almost 1500 in response to COVID work from home restrictions.
  • Secure employee remote access in conjunction with AnyConnect client
  • Logging with high level of connection, application and user visibility
  • Reliable and secure as you would expect from Cisco
  • Cloud based Firepower Management Centre doesn't support stateful HA of multiple management consoles
  • Would be great to have embedded extensible objects for ever-changing Office 365 address ranges and CDN URLs
Good edge device for branch sites integrating firewall, application visibility & control, intrusion detection & prevention and remote access services with exceptional control and visibility. Not the cheapest option but do what they're supposed to reliably and consistently. Having Firepowers deployed on multiple sites allowed us to ramp up our AnyConnect RAS capacity from having ~ 100 AnyConnect VPN users a day to the entire company working remotely almost overnight in response to COVID restrictions this year.
We have direct enterprise support with Cisco and have had good response from support teams when it has been needed. No issues from a technical standpoint - Firepowers are secure, reliable and do what they say on the tin. Central management and configuration is easy and they fit in well with our existing Cisco infrastructure. These are not the cheapest available option for firewalls and we had to fight a bit with the accounting and finance teams to justify the initial cost outlay.
Firepowers are secure, reliable, central management and configuration is easy and they fit in well with our existing Cisco infrastructure. Good feature set and support. Good management and control with chassis manager and central control with additional Firepower Management Centre.
Kyle Bohnstedt | TrustRadius Reviewer
Score 4 out of 10
Vetted Review
Verified User
Review Source
The Cisco Firepower 1000 Series and other models are used by many clients managed and/or supported by my employer. It is used by many as a way of inspecting traffic to secure the network from threats and ensure only sanctioned traffic is traversing in any direction. Cisco's Firepower 1000 Series is a scalable IPS solution that helps many of our clients to segment the network into zones and mitigate and prevent threats.
  • Network segmentation by zones--allows trusted traffic to pass inspected or uninspected while non-trusted traffic is always inspected.
  • Scalable management--many different types of policies are available within Cisco Firepower 1000 Series management to ensure proper access, authorization, inspection, and threat response.
  • Redundancy--Cisco Firepower 1000 Series devices can be set up in High Availability in the event there are issues with one member.
  • Compatibility--Cisco Firepower 1000 Series devices can be used in tandem easily with other Cisco products or in a vendor-arbitrary environment.
  • Software bugs--Often bugs are encountered that may provide a threat to the network if exploited.
  • Log retention is often sub-par if not used with an external log management system.
  • Many upgrade failures are encountered with Cisco Firepower 1000 Series devices.
Cisco Firepower 1000 Series devices are well suited in an environment with ASA firewalls or other similar appliances that don't evaluate traffic to the application layer. If the environment is very small, Cisco's Firepower 1000 Series may not be necessary.As long as the network connectivity remains stable and there is on-site support in the event of a failure, Cisco Firepower 1000 Series devices scale well.
Cisco Firepower 1000 Series' problems most often involve issues with the software and hardware compatibility. Many devices fail to upgrade properly and either have to be replaced or there is an arduous investigation in order to reach a solution. As long as there is a support contract, the solution will be reached, but in many cases the troubleshooting can be tedious.
The Cisco Firepower 1000 Series is easy to administer, particularly for an engineer or consultant with experience. It can be imposing to set up if one is not very familiar, but it does provide a robust web user interface to configure, monitor, and troubleshoot. Comparatively it is also easy to configure the Cisco Firepower 1000 Series devices to secure the network and ensure traffic goes where it needs to and does not go where it should not. Deploying changes is easy and managing multiple units can be done all from the same web pane.
October 28, 2020

Cisco Firepower 1140

Score 10 out of 10
Vetted Review
Verified User
Review Source
We currently use a Cisco FirePower 1140 to segment networks to keep critical components safe. It is used by our plant and managed by IT. It provides protection from any unwanted traffic going from our business network to our manufacturing network. I chose the firepower for its ease of use and configuration.
  • Low learning curve--I was able to jump in and learn the interface in no time.
  • Easy to set up--it was racked and running with rules within an hour.
  • Only shows some traffic, but that may be my limited knowledge.
  • Doesn't make coffee.
The Cisco Firepower 1140 is well suited for a small to medium network like we are running. It can handle what we throw at it and more. I'm sure it can handle larger workloads, but our network doesn't call for it. I chose the Cisco Firepower 1140 because it solved our needs and allows growth, but was not too much or too little firewall for our needs.
The few times I have reached out to Cisco they have been very responsive and helpful, even with little issues such as navigating the management site. I have not had to call them for any major issues, but I am sure they would be addressed quickly as well.
I don't have to babysit the Cisco Firepower 1140. When I need to make a change or do an update it goes very smoothly. It didn't take me long to get used to the interface. If something is blocked the connection events tab breaks down what is being blocked very nicely. It works very well with my limited network experience.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Cisco Firepower 1000 Series is being used across my organization. We have a total of 15 branches, and they all use Firepower 1000 Series as the firewall. It elevates the cost of using MPLS. We just need a cheap internet line with decent speed to set up a VPN tunnel and it's good to go.
  • VPN tunnel is very easy to set up using Firepower Management Center.
  • Reusable Objects make things easier to configure and understand.
  • The Dashboard is not as diverse and customizable.
  • Lack of option to automatically backup FTD config
Cisco Firepower 1000 Series is a good overall firewall. It is well suited for a small or medium-sized company. Due to its small amount of RAM, I don't recommend it to be used as the Core Firewall. If there are too many NAT statements, or the NAT statements include broad range of IP addresses, the firewall will crash! I learned this the hard way.
Cisco TAC support is very helpful. Whenever I have a problem, they will make sure the problem is resolved before closing the ticket.