Item: Cisco Adaptive Security Appliance (ASA) Software
Rating: 8
Author: Wouter Hindriks

Use Cases and Deployment Scope

We deploy the CIsco ASA 5505 & 5506 on over 250 customers' sites to protect the local LAN and establish a site-to-site VPN to our datacenter from which we host the customer applications. On our datacenter, we use an HA pair of ASA 5585s to produce redundant internet access and NAT all traffic.

Pros and Cons

Easy to configure with a template and CLI.
TACACS command authorization and accounting is must have for compliance.
Good SNMP monitoring options.
Well developed and very compatible firewall OS.

The 'Next Generation' options feel bolted on and the performance is underwhelming.
Impact of enabling the Firepower Inspection is too big. Both response time and throughput suffered horribly.

Return on Investment

Provided a solid performance on the LAN edges of both our customer sites and our datacenters.
Hardly any hardware failures.

Other Software Used

Cherwell Service Management

Likelihood to Recommend

Excellent layer 1-4 firewall, HA works flawless, great performance for classic firewall.

For Next Gen features you had better look at the firepower threat defense devices, as the next generation features of ASA are not well integrated.

Good classic firewall, but not a next gen winner.

Overall Satisfaction with Cisco ASA

Use Cases and Deployment Scope

Pros and Cons

Return on Investment

Other Software Used

Likelihood to Recommend