Firepower services on the Cisco ASA 5500-X make it very powerful.
May 13, 2021

Firepower services on the Cisco ASA 5500-X make it very powerful.

Flavio Pereira | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Cisco ASA 5500-X with FirePOWER Services

Our ASA 5500-X with FirePOWER Services is used on our network to protect our large branch from external threats such as hackers, ransomware, malware in general and denial of service attacks. The model in question is the Cisco ASA 5545-x with layer 7 protection features, web content filter, anti-virus, anti-spam and VPN. We have two units with the ultimate goal of creating a significant protection redundancy. The appliance allows us to access servers, internal services from a VPN client with a cryptographic tunnel.
  • Complete network protection against external attacks
  • Anti-malware solution
  • Anti-spam solution with AMP
  • IPS Solution
  • Url filter solution and application control
  • Ipsec and ssl VPN
  • The appliance overloads a lot and degrades performance by enabling all ASA Firepower services.
  • Warranty service with expensive value.
  • ASA gave us insight into the applications that consume the most bandwidth and with that we block certain applications for users.
  • Improved network security.
  • Allowed remote access to the internal network folders.
  • Application Control (AVC)
  • URL Filtering
  • Anyconnect VPN
  • AMP
Our Cisco ASA 5500-X with FirePOWER Services solution adds next-generation firewall features such as application control and visibility, allowing us to have visibility into all traffic on our network, create control policies, block applications, sub-applications, etc. With URL filtering we are also able to block sites by specific categories and prevent access to prohibited sites. We have integration with the VPN that allows us to work in the home office and access the internal network of the smartphone or home PC.
The solution is great, it has incredible features, but when activating all Firepower services on the appliance, the ASA suffers from a performance degradation and is slower to process the information and access the management settings. That is why it is important to correctly size the equipment to avoid this type of problem.
I would recommend the purchase of the Smartnet 24x7 service in the case of a unit and the Smartnet 8x5NBD in the case of only one appliance installed on site. This service is important to always have the latest firmware updates, corrective updates and especially the hardware warranty and maintenance service in case of problems. The service is done by phone or on the official Cisco website and I can say that it is very good and efficient.
It is good hardware with advanced security features known as Next Generation that can be purchased through license subscriptions. I recommend to use it in the edge scenario of the internet. It is great to offer protection to the internal network, servers, PCs, sensitive data and to offer the remote service to company users remotely from the use of an SLL VPN. It is important to measure the number of users and the speed of internet links to find the right Cisco ASA model for your scenario.

Cisco ASA 5500-X with FirePOWER Services Feature Ratings

Identification Technologies
10
Visualization Tools
9
Content Inspection
10
Policy-based Controls
9
Active Directory and LDAP
10
Firewall Management Console
9
Reporting and Logging
10
VPN
10
High Availability
10