Cisco ASA - Solid contender, but don't use the ips!
October 18, 2018

Cisco ASA - Solid contender, but don't use the ips!

Larry Chisholm | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Cisco ASA

The Cisco ASA platform has become the standard which I use for most of my SOHO and enterprise setups. I most recently have used this as a buffer between an AWS environment and a production network, where it behaved flawlessly. A second use case was as a VPN concentrator to consolidate all client to site, and site to site VPN connectivity, where it again behaved admirably.

Pros

  • Top of the line crypto, and firepower inline makes threat management easy.
  • easy to set up vpn, now including tunnel interfaces!
  • SOLID infrastructure for client to site vpn with anyconnect

Cons

  • TCO is higher than most.
  • firepower integration into the appliance is straightforward but weak. Units often times cannot process the amount of traffic thrown at them.
  • Support can be painful to work with at times. Need more english speaking staff.
  • Most network engineers have worked with ASA, so there is no need for re-training when adding or turning over staff
  • Current configs from older devices plug in easily, and are operational on larger devices if an upgrade is required
  • Many support options available
Cisco made sense from the standpoint that my engineers already knew it and there was little learning curve. Personally, I prefer a purpose-built hardware solution. Untangle is not ready for the enterprise as a whole but works great to do web/application filtering . Checkpoint and Palo are VERY high cost and have few support options.
Places where this product is well suited -
* VPN Functionality - Client to Site/Site to Site
* Internet Edge Gateway - NAT/PAT providing internet access to staff/production networks
* Interior firewall - Network segmentation

Comments

  • David Kell | TrustRadius Reviewer
    Hi Larry, I lead customer advocacy for Cisco Security and have just read your review of ASAv - thanks for your submitting. Would you be interested in speaking further to one of the PMM team about your experiences as we are currently looking for customers to feature on webinars and case studies? Please email me directly at dakell@cisco.com if you would like more info. Thanks for your consideration.

More Reviews of Cisco Adaptive Security Appliance (ASA) Software