My ASA review
August 01, 2016

My ASA review

Jesus Alberto Chara Cervantes | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Cisco Adaptive Security Appliance (ASA) Software

We use different Cisco ASA products in different scenarios with good performance results:
- As a VPN endpoint concentrator for Site to Site and remote access VPNs.
- As a front end firewall with inspection policies and NAT.
- As a backend firewall in multiple context mode as firewall aggregator for high throughput multitenant scenarios - virtual datacenters.

Pros

  • Robust and powerful technology.
  • Multi context capabilities. (excellent to manage resources in multi-tenant scenarios)
  • High availability features (active standby, active active)
  • Aggregation capabilities (LACP)
  • Site to Site and SSL VPN
  • Flexible and easy to deploy changes.

Cons

  • It is not possible to configure an out of band interface in single mode.
  • Dynamic routing is not supported in context mode
  • VPN and Threat Detection are not supported in context mode.
  • There are not pre-defined policies templates for specific L7 applications.
  • Excellent support service with good response time. It is not perfect, however compared with other brands, it is the best.
  • Multi context mode permit virtualize multiple isolated logical Datacenters. Grants a lot of flexibility in growth scenarios, reducing infrastructure cost.
  • Mature technology with a lot of literature (CVD). Reduces a lot of concern in design and project management terms.
  • Palo Alto, F5, Fortinet and Dell Sonicwall
Cisco ASA has good performance and capabilities for the most of scenarios. However other brands are good only in specific capabilities. Cisco support is the best compared (in my open cases experience) compared with other brands support.
Two words describe Cisco ASA, Robust and Flexible. Cisco ASA fits in most scenarios with high performance and reliability. Also ASA offers solutions for multiple size scenarios since small business solutions with stateful inspection throughput requirements of 150Mb until big scale scenario with 40Gbps. I recommend ASA for most scenarios.

Comments

More Reviews of Cisco Adaptive Security Appliance (ASA) Software