My ASA review
August 01, 2016
My ASA review
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Cisco Adaptive Security Appliance (ASA) Software
We use different Cisco ASA products in different scenarios with good performance results:
- As a VPN endpoint concentrator for Site to Site and remote access VPNs.
- As a front end firewall with inspection policies and NAT.
- As a backend firewall in multiple context mode as firewall aggregator for high throughput multitenant scenarios - virtual datacenters.
- As a VPN endpoint concentrator for Site to Site and remote access VPNs.
- As a front end firewall with inspection policies and NAT.
- As a backend firewall in multiple context mode as firewall aggregator for high throughput multitenant scenarios - virtual datacenters.
- Robust and powerful technology.
- Multi context capabilities. (excellent to manage resources in multi-tenant scenarios)
- High availability features (active standby, active active)
- Aggregation capabilities (LACP)
- Site to Site and SSL VPN
- Flexible and easy to deploy changes.
- It is not possible to configure an out of band interface in single mode.
- Dynamic routing is not supported in context mode
- VPN and Threat Detection are not supported in context mode.
- There are not pre-defined policies templates for specific L7 applications.
- Excellent support service with good response time. It is not perfect, however compared with other brands, it is the best.
- Multi context mode permit virtualize multiple isolated logical Datacenters. Grants a lot of flexibility in growth scenarios, reducing infrastructure cost.
- Mature technology with a lot of literature (CVD). Reduces a lot of concern in design and project management terms.
- Palo Alto, F5, Fortinet and Dell Sonicwall
Cisco ASA has good performance and capabilities for the most of scenarios. However other brands are good only in specific capabilities. Cisco support is the best compared (in my open cases experience) compared with other brands support.