Good classic firewall, but not a next gen winner.
February 05, 2019

Good classic firewall, but not a next gen winner.

Wouter Hindriks | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Cisco ASA

We deploy the CIsco ASA 5505 & 5506 on over 250 customers' sites to protect the local LAN and establish a site-to-site VPN to our datacenter from which we host the customer applications. On our datacenter, we use an HA pair of ASA 5585s to produce redundant internet access and NAT all traffic.
  • Easy to configure with a template and CLI.
  • TACACS command authorization and accounting is must have for compliance.
  • Good SNMP monitoring options.
  • Well developed and very compatible firewall OS.
  • The 'Next Generation' options feel bolted on and the performance is underwhelming.
  • Impact of enabling the Firepower Inspection is too big. Both response time and throughput suffered horribly.
  • Provided a solid performance on the LAN edges of both our customer sites and our datacenters.
  • Hardly any hardware failures.
Excellent layer 1-4 firewall, HA works flawless, great performance for classic firewall.

For Next Gen features you had better look at the firepower threat defense devices, as the next generation features of ASA are not well integrated.