Firepower from a multi-vendor MSSP engineer's perspective
November 17, 2020

Firepower from a multi-vendor MSSP engineer's perspective

Kyle Bohnstedt | TrustRadius Reviewer
Score 4 out of 10
Vetted Review
Verified User

Software Version

Firepower 1120

Overall Satisfaction with Cisco Firepower 1000 Series

The Cisco Firepower 1000 Series and other models are used by many clients managed and/or supported by my employer. It is used by many as a way of inspecting traffic to secure the network from threats and ensure only sanctioned traffic is traversing in any direction. Cisco's Firepower 1000 Series is a scalable IPS solution that helps many of our clients to segment the network into zones and mitigate and prevent threats.
  • Network segmentation by zones--allows trusted traffic to pass inspected or uninspected while non-trusted traffic is always inspected.
  • Scalable management--many different types of policies are available within Cisco Firepower 1000 Series management to ensure proper access, authorization, inspection, and threat response.
  • Redundancy--Cisco Firepower 1000 Series devices can be set up in High Availability in the event there are issues with one member.
  • Compatibility--Cisco Firepower 1000 Series devices can be used in tandem easily with other Cisco products or in a vendor-arbitrary environment.
  • Software bugs--Often bugs are encountered that may provide a threat to the network if exploited.
  • Log retention is often sub-par if not used with an external log management system.
  • Many upgrade failures are encountered with Cisco Firepower 1000 Series devices.
Cisco's Firepower 1000 Series is easy to manage and configure; however, for the inexperienced engineer it can be tricky or confusing. There are many policy layers to manage, which can be a double-edged sword. There is an intricate level of access and inspection--or lack thereof--that can be configured for non-trusted and trusted traffic, respectively. This ensures the device is operating at the maximum efficiency while retaining security for the network, but being familiar with the software is crucial to set it up properly.
Cisco Firepower 1000 Series' problems most often involve issues with the software and hardware compatibility. Many devices fail to upgrade properly and either have to be replaced or there is an arduous investigation in order to reach a solution. As long as there is a support contract, the solution will be reached, but in many cases the troubleshooting can be tedious.
I have had experience with many firewalls and firewall management solutions. Many companies choose to opt for the Cisco Firepower 1000 Series because the threat intelligence from Cisco and the ease of administration for intrusion prevention is very competitive. As far as comparison, it is mainly a choice of the business with a combination of financial and technical factors--what is most affordable and what is most supportable or preferred by the security team.

Do you think Cisco Firepower 1000 Series delivers good value for the price?

Not sure

Are you happy with Cisco Firepower 1000 Series's feature set?

Yes

Did Cisco Firepower 1000 Series live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Cisco Firepower 1000 Series go as expected?

Yes

Would you buy Cisco Firepower 1000 Series again?

No

The Cisco Firepower 1000 Series is easy to administer, particularly for an engineer or consultant with experience. It can be imposing to set up if one is not very familiar, but it does provide a robust web user interface to configure, monitor, and troubleshoot. Comparatively it is also easy to configure the Cisco Firepower 1000 Series devices to secure the network and ensure traffic goes where it needs to and does not go where it should not. Deploying changes is easy and managing multiple units can be done all from the same web pane.
Cisco Firepower 1000 Series devices are well suited in an environment with ASA firewalls or other similar appliances that don't evaluate traffic to the application layer. If the environment is very small, Cisco's Firepower 1000 Series may not be necessary.As long as the network connectivity remains stable and there is on-site support in the event of a failure, Cisco Firepower 1000 Series devices scale well.

Cisco Firepower 1000 Series Feature Ratings

Identification Technologies
7
Visualization Tools
7
Content Inspection
7
Policy-based Controls
5
Active Directory and LDAP
7
Firewall Management Console
8
Reporting and Logging
7
High Availability
8
Stateful Inspection
8