Overall Satisfaction with Cisco ASA
We deploy the CIsco ASA 5505 & 5506 on over 250 customers' sites to protect the local LAN and establish a site-to-site VPN to our datacenter from which we host the customer applications. On our datacenter, we use an HA pair of ASA 5585s to produce redundant internet access and NAT all traffic.
- Easy to configure with a template and CLI.
- TACACS command authorization and accounting is must have for compliance.
- Good SNMP monitoring options.
- Well developed and very compatible firewall OS.
- The 'Next Generation' options feel bolted on and the performance is underwhelming.
- Impact of enabling the Firepower Inspection is too big. Both response time and throughput suffered horribly.
- Provided a solid performance on the LAN edges of both our customer sites and our datacenters.
- Hardly any hardware failures.