Cisco Secure Firewall review
June 12, 2025

Cisco Secure Firewall review

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Software Version

Firepower 1120

Overall Satisfaction with Cisco Secure Firewall

We use Cisco Secure Firewall as our primary network firewalling solution (the rest being Cisco ASA). All internet access is filtered/protected by Cisco Secure Firewall, and we also use them to segment sensitive portions of our network.

Pros

  • Deep packet inspection
  • Detailed logging
  • Centralized management through Firepower Management Center
  • Continuous updates from Cisco Talos

Cons

  • Software upgrades take a long time
  • Occasional minor bugs/glitches
  • Cisco Secure Firewall is the primary and most critical part of our network security. It keeps our patients' data secure by only allowing exactly the traffic we need.
I haven't seen any noticeable decrease in throughput when enabling advanced inspections and application ID on Cisco Secure Firewall, and the hardware is very well equipped to handle the task on all models. However, we have not enabled SSL Decryption so I can't comment on its performance impact.
Our experience with Cisco TAC support for Cisco Secure Firewall has been very good. The support engineers are knowledgeable about the product and have many tools available to them to work "under the hood" of the firewalls or management center. When we've had equipment failures, the RMA process has been simple and straightforward.
We use the logging features of Cisco Secure Firewall and the Firewall Management Center extensively. It is probably the single most important tool we have for troubleshooting issues or doing security investigations, and the management center can store logs for weeks or even months depending on the model. For the VPN, we've just started using it on Cisco Secure Firewall and I appreciate that it gives us visibility to customers' geographical locations, and we can still apply all the same policies to our VPN firewall as we do all our other firewalls.
We demoed a few Palo Alto firewalls as a comparison to Cisco Secure Firewall. The two are indeed similar, but for our environment, Cisco's solution won out. Palo Alto appeared to potentially be more expensive than Cisco and although it has many similar features, we found that they were either basically comparable or in some cases not as good as Cisco's, for example deployment times took longer on Palo Alto firewalls. We are also a heavy Cisco environment and it is very useful having Cisco Secure Firewall be able to integrate with other Cisco solutions (ISE, XDR, Umbrella, etc.).

Do you think Cisco Secure Firewall delivers good value for the price?

Yes

Are you happy with Cisco Secure Firewall's feature set?

Yes

Did Cisco Secure Firewall live up to sales and marketing promises?

Yes

Did implementation of Cisco Secure Firewall go as expected?

Yes

Would you buy Cisco Secure Firewall again?

Yes

Cisco Secure Firewall is good for filtering internet-based traffic due to its deep packet inspection and ability to identify applications based on fingerprinting. It also has a wide range of model sizes for different use cases and environments, so it can go in larger environments like data centers or smaller ones like closets/desks. It is also very useful for providing Cisco's remote VPN access to our end-users.

Cisco Secure Firewall Feature Ratings

Firewall
8.6
Identification Technologies
8
Visualization Tools
8
Content Inspection
9
Policy-based Controls
9
Active Directory and LDAP
5
Firewall Management Console
9
Reporting and Logging
9
VPN
9
High Availability
10
Stateful Inspection
10

Resilience and Reliability

Resilience is critical because if the firewall isn't available, it's either not providing security, or it's stopping traffic from flowing entirely.
Infrastructure equipment should ideally be high-availability (i.e. active/standby) solutions, or have geographically distributed nodes (if supported).
We've been happy with the effectiveness of the actual firewalling technologies of Cisco Secure Firewall, the pricing is fair, and it complements all the other existing Cisco technologies we use.
Our initial implementation was aided by Cisco's professional services and was excellent. The engineer was very knowledgeable and helped us work through issues while building out our new internet security edge Part of this involved tools to migrate the firewall configuration from old to new.
Cisco's firewall failover/availability is excellent. Failovers happen instantaneously and all connections and states are kept in sync between nodes. When we have a failover incident, our customers never notice.
We have successfully integrated Cisco Secure Firewall with our Cisco ISE environment using pxGrid to pull in user ID information. We've also successfully enabled the Cisco Umbrella integration that protects DNS traffic on Secure Firewall by routing it through Umbrella DNS. Lastly, we're also sending data from Cisco Secure Firewall to Cisco XDR for analysis/investigation.
  • "Transparent mode" allows us to place firewalls inline at parts of our network without needing to make any network changes.

Comments

More Reviews of Cisco Secure Firewall

  1. Home
  2. Firewall Software
  3. Cisco Secure Firewall Reviews
  4. User Review of Cisco Secure Firewall