Overall Satisfaction with Cisco Firepower 1000 Series
The Cisco Firepower 1000 Series and other models are used by many clients managed and/or supported by my employer. It is used by many as a way of inspecting traffic to secure the network from threats and ensure only sanctioned traffic is traversing in any direction. Cisco's Firepower 1000 Series is a scalable IPS solution that helps many of our clients to segment the network into zones and mitigate and prevent threats.
- Network segmentation by zones--allows trusted traffic to pass inspected or uninspected while non-trusted traffic is always inspected.
- Scalable management--many different types of policies are available within Cisco Firepower 1000 Series management to ensure proper access, authorization, inspection, and threat response.
- Redundancy--Cisco Firepower 1000 Series devices can be set up in High Availability in the event there are issues with one member.
- Compatibility--Cisco Firepower 1000 Series devices can be used in tandem easily with other Cisco products or in a vendor-arbitrary environment.
- Software bugs--Often bugs are encountered that may provide a threat to the network if exploited.
- Log retention is often sub-par if not used with an external log management system.
- Many upgrade failures are encountered with Cisco Firepower 1000 Series devices.
Cisco's Firepower 1000 Series is easy to manage and configure; however, for the inexperienced engineer it can be tricky or confusing. There are many policy layers to manage, which can be a double-edged sword. There is an intricate level of access and inspection--or lack thereof--that can be configured for non-trusted and trusted traffic, respectively. This ensures the device is operating at the maximum efficiency while retaining security for the network, but being familiar with the software is crucial to set it up properly.
I have had experience with many firewalls and firewall management solutions. Many companies choose to opt for the Cisco Firepower 1000 Series because the threat intelligence from Cisco and the ease of administration for intrusion prevention is very competitive. As far as comparison, it is mainly a choice of the business with a combination of financial and technical factors--what is most affordable and what is most supportable or preferred by the security team.
Do you think Cisco Firepower 1000 Series delivers good value for the price?
Not sure
Are you happy with Cisco Firepower 1000 Series's feature set?
Yes
Did Cisco Firepower 1000 Series live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Cisco Firepower 1000 Series go as expected?
Yes
Would you buy Cisco Firepower 1000 Series again?
No