Cisco Secure Firewall

Score8.4 out of 10

295 Reviews and Ratings

What is Cisco Secure Firewall?

Cisco Secure Firewall delivers comprehensive threat protection for modern, distributed networks. Built to support hybrid workforces and multicloud environments, it enables Zero Trust access, application visibility, and secure remote connectivity. With integration across the Cisco Secure portfolio, including SecureX and Talos threat intelligence, the firewall powers organizations to detect and stop more sophisticated threats. Centralized management simplifies policy enforcement, orchestration, and automated response — reducing complexity while strengthening security across physical, virtual, and cloud-based deployments.

Categories & Use Cases

Media

Screenshot of Cisco Secure 1200 Series Firewall Family

Screenshot of Cisco Secure Firewall 1200 Stack Family

Screenshot of Cisco Secure Firewall 200 Series

Screenshot of Secure Firewall 1200 Series

Screenshot of Firewall Management - Network Discovery

Screenshot of Secure Firewall 3100 Series

Screenshot of Secure Firewall 6100 Series

1 / 21

Screenshot of Cisco Secure 1200 Series Firewall Family

High Availability
Built-in capacity to prevent exposure if primary firewall stops working
Category average: 8.7
Stateful Inspection
Stateful inspection analyzes packet headers and contents of packets
Category average: 8.4
VPN
VPN's implement encryption and anonymize IP addresses
Category average: 8.9

Visualization Tools
Visualization tools present administrators with data on applications traversing the network, who is using them, and the potential security impact.
Category average: 7.6
Proxy Server
A proxy server changes your IP address and masks the origin of your network traffic
Category average: 8
Reporting and Logging
Custom and summary reports, and log files enabling analysis of security incidents, application usage and traffic patterns
Category average: 7.5

#1 most frequent

Professional, Scientific, and Technical Services

21.9%

179 installations of 819

“Cisco played a key role in providing security to all types of networks by blocking malware or ransomware attacks.”
— Technical Specialist, Capgemini (501-1000 employees)

#2 most frequent

Manufacturing

13.1%

107 installations of 819

“build secure routed based vpn (virtual private network)”
— Senior Network Engineer, KFLEX (501-1000 employees)

#3 most frequent

Information

12.0%

98 installations of 819

“The problem that it addresses is pretty much Securing the office, and customer networks, provide VPN tunneling termination, and RA VPN for remote workers.”
— Network Administrator, Hringdu ehf (11-50 employees)

Charles Lund

Director of Network Services in Information Technology at Millersville University (201-500 employees employees)

Use Cases and Deployment Scope

We currently have 2 Cisco Secure Firewall Firepower 4215 FTD appliances, running in HA, and managed by a virtual FMC. This addresses our need for a redundant firewall solution with next-gen features like Snort, IDS/IPS, etc. We have over 8000 users, and approximately 20k devices on our network, with 100+ VLANs and 30 security zones.

Pros

Provides a very functional GUI
Usually integrates well with our other service, like ISE, Umbrella, wireless.
Provides timely patches and upgrades.
Policy configuration is intuitive.
Providing an AI assistant to evaluate configurations and recommend changes.

Cons

I think the flexconfig process is very confusing.
The passive ID integration with ISE doesn't work as designed, and TAC has not been able to figure it out.
I would like TAC to provide better support, particularly when it is a tier 1 problem.

Return on Investment

Given we are an higher Ed. organization, our reselling leveraged that and got us a significant discount on the appliances. We have our licensing rolled into an EA. I would say we save over $100k in adoption costs, and at least that much per year on licensing.
We combine event data from our Cisco Secure Firewall Firepowers with ISE, Umbrella, Catalyst Center and other utilities to assist us with troubleshooting and security issues. The event logs are a bit difficult to use, and don't always provide us with useful information, but we do use the to correlate events across the tools.

Alternatives Considered

Palo Alto Networks Advanced Threat Prevention, Fortinet FortiGate and Juniper Advanced Threat Prevention

Other Software Used

Cisco Identity Services Engine (ISE), Cisco Umbrella, Cisco Catalyst Center

Pilar Galindo

IT Manager in Information Technology at Coitiar (51-200 employees employees)

Use Cases and Deployment Scope

Working at Coitiar, where we support hundreds of Industrial Engineers, our IT team needed a reliable system to secure the network and provide consistent access to technical documentation, certification systems, and the PEGASSO platform. Previously, we experienced outages during critical submissions and latency issues when members were verifying installations. However, with the Cisco secure framework in place, we no longer face those problems. Our team no longer has to worry about perimeter security, allowing us to focus on keeping our engineers connected to the systems they rely on.

Pros

Cisco's firewall actually does its job of blocking what it is supposed to block. We had an old Firewall that led to slippages. Cisco catches 97% of malware and vulnerabilities during testing. For Coitiar, that means an engineer who clicks a link with malware is handled quickly.
We actually tested if failovers would affect running sessions. We pulled our primary unit during a certification submission period. The firewall just switched, and the connection kept running.
The AI assistant in policy management is excellent, and for our lean team, it makes the whole process easy and efficient. I don't have to audit 200 policies manually; the AI steps in and does its thing.

Cons

I feel the management interface feels slow and not that intuitive. Clicking policies and saving changes while waiting for deployments is not slow, but it is not snappy either.
For us, we run active standbys for resilience, and Cisco charges for both units, even if they sit unused. I feel like a fairer HA licensing model would be much better.
Learning about critical system vulnerabilities the hard way from Security outlets, not Cisco itself. This needs improvement.

Return on Investment

We saved roughly 200 hours across our three shared units last year. That's raw statistics: our engineers had time to improve members' services instead of wrestling with rule bases.
Our members submit installation documents to the Aragon Government on tight schedules. Our old firewall dropped sessions often while the engineers were in the middle of submissions; the results were pure frustration and a loss of trust. With Cisco, we estimate 85% boost in trust, reliability, and productivity.
The years we have used Cisco Secure Firewall have saved us thousands of dollars in costs we would have incurred in the event of a ransomware attack or other threat.

David Kagua

Cybersecurity Analyst in Information Technology at Maples ESM Technologies (MapOptis) (501-1000 employees employees)

Use Cases and Deployment Scope

For malware defense and URL filtering. Essential for detecting and blocking threats while keeping our network and all users safe.

Pros

Powerful protection for our network.
Safe remote access and secure connection for multiple office locations.
Great for controlling access.
Easy integration with other Cisco tools.

Cons

Some integrated with 3rd party tools require a complex setup.

Return on Investment

Keep our network secure and helps to detect potential threats effectively.
Enable remote employees to have a safe connection.

Other Software Used

Cisco Duo

Christian Wilson

Network Security Engineer in Engineering at Towne Bank (501-1000 employees employees)

Use Cases and Deployment Scope

Cisco Secure Firewalls are used as our edge security platform for network traffic as well as VPN access/connections.We have Cisco Secure Firewalls also in our Azure Environments aswell as to help secure our DMZ.

One issue we have is sometimes missing unified events for traffic. There will be time ranges set say for a month or a week and then it will only display information from the day or a couple hours

Another issue we're having currently is NAt reservations are failing to be un reserved for certain components of our network..

Pros

SSL Decrypt
Intrusion Blocks
VPN

Cons

Better THI interface
Better Upgrade process
Deeper file inspection and Malware feature

Return on Investment

Better seucirty
Better inspection
Better security insights

Alternatives Considered

Palo Alto Networks Advanced Threat Prevention

Other Software Used

Cisco Meraki Dashboard, Anthropic Claude, ChatGPT

Jason Smith

Network Architect in Information Technology at Wake Forest University (501-1000 employees employees)

Use Cases and Deployment Scope

Edge and data center firewalls protect our campus and on-prem assets as well as our connectivity to our cloud presence in AWS

Pros

Excellent management via the FMC
Smooth upgrade process for the Cisco Secure Firewall FTD firewalls
Good visibility into the traffic flows and IPS blocks via the FMC

Cons

EVE is a little buggy, and forced us to disable this due to causing random reboots of the active FTD

Return on Investment

FMC and FTD's are not cheap, but the value is in the security and performance
Talos Security intelligence feeds are a big win, and we block on all categories

Alternatives Considered

Palo Alto Networks Advanced Threat Prevention

Other Software Used

Cisco Identity Services Engine (ISE), Cisco Catalyst Center

Fortinet FortiGate

Juniper SRX

Palo Alto Networks Next-Generation Firewalls - PA Series

Check Point Quantum Firewalls and Security Gateways

Sophos Firewall

Cisco Secure Firewall

What is Cisco Secure Firewall?

Categories & Use Cases

Media