Cisco Secure Firewall Reviews

We have all kinds of use cases. Our customers are large enterprises, and they need perimeter security. Zero trust, network access control, and network segmentation are quite important these days.

We are a partner and reseller. We implement, and we resell. As a Cisco Secure reseller, we have all the expertise. Our customers are usually overworked and have no time to learn how to implement these things and get some expertise. That's what we bring in. We help them select the right solution, select the proper design and architecture, and implement it. They basically lack the time and expertise, and we are a trusted advisor who helps them with their issues.

I'm working with security. It improves the security posture of our customers and protects them from threats. We recently saw a bunch of hacks in Germany and our customers are concerned. We help to protect our customers from that, and that's very important.

The analysis tools and encrypted traffic analysis save time. They help detect security threats and incidents that can cause outages for customers. It's a great improvement.

Application inspection, network segmentation, and encrypted traffic detection or encrypted traffic analysis (ETA) are valuable for our customers. I'm from Germany, and in Germany, people are very concerned about privacy. We have a bunch of public customers, and they have an issue with decrypting traffic, even if it's only for security analysis. They have some fears. So, they are quite interested in the capability to detect threats without decrypting traffic.

The usability of Cisco Firepower Threat Defense is an issue. The product is still under development, and the user interface is very difficult to deal with. That's one area where it should be improved. Another area for improvement, which is also related to the firewall, is stability. We are having stability issues, and we had some cases where customers had a network down situation for about one or two days, which is not great.

As a partner, I have been working here for about nine years, but we offered this solution all the time. The company has probably been doing that for at least 15 years.

Cisco Firepower Threat Defense has improved a lot over the last few years, but we sometimes still have really big issues.

Their support is pretty awesome. It doesn't really matter if you have a hardware issue or a software issue. If it's a hardware issue, you get a replacement quickly, and if you have a software issue, you get quick support. There are also some bad examples. I have one from wireless where after a problem was acknowledged, it needed about one year to get fixed. It depends a little bit on how complex the issue is, but in general, it's quite okay.

We are also selling Fortinet, Palo Alto, and Check Point. We sell all solutions, but I'm quite focused on Cisco. It's mostly because I have the most expertise and experience with it over the years. I've been working with Cisco security solutions for 15 to 20 years. That's where my expertise is, and with Cisco, you have a solution for everything. It's not always the best of breed, but in the overall solution frame, you have something for everything, and they interact nicely with each other, which is great.

The deployment model is totally customer dependent. The way we work, we look at the customer environment and develop a proper deployment model for them. Some of them are using enterprise agreements. It's becoming more and more common, so they can use several solutions at once or with some kind of added use price and other benefits.

I'm not always involved in the deployment. I work as an architect. I do not implement all the solutions I design, but I implement some of them. For me, it's important because, for one, I like it, and second thing is that I need to have some kind of hands-on experience to understand the solution so that I can make better designs.

If you do the initial setup for the first time, it's somewhat complex., but over time, you get the experience, and then it's more or less straightforward. 

Our clients rarely used the firewall migration tool. It gives you a starting point for the configuration, but usually, there are so many things you need to rework afterward. We use it sometimes, but it only does a part of the job.

It does require maintenance. The clients have maintenance contracts for that.

In our company in Germany, just for the security solutions, we have about 20 to 30 engineers. They are experienced in different areas. For the firewalls, we have 10 engineers.

Cisco was never a cheap solution. Compared to other vendors, it's more or less at the same level, except maybe Fortinet which is fairly cheap.

In terms of licensing, we still have issues with the subscription model. Many of our customers are used to buying a solution and owning it. It takes time to convince people to go for the subscription model. That's still an issue for us.

We have Cisco Firepower Threat Defense, email security, web security, and Cisco Umbrella. Most of the time, I am working with Identity Services Engine for identity-related things. That's the main product I work with all the time. I have almost no direct contact with Talos, but I know that below the hood, it just improves all their security solutions.

To those evaluating this solution, I would advise being a little bit careful with it. It interfaces well with other Cisco solutions, so it has value, but it's not always the best solution.

At the moment, I would rate it a six out of ten.

Our primary use case for Cisco Secure is through Cisco FMC, which we have automated using Cisco's Terraform provider for FMC. Our automation journey began with the Cisco ACI fabric, where we leveraged the Terraform provider for ACI. Eventually, we realized we could also automate firewalls and our HA clusters using the Terraform provider for FMC. This allowed us to create DMZ networks, specify IPS and IDS rules, and follow the infrastructure as a code concept. Our cross-common security team can review the repository in GitLab and approve it with a simple click of a button. This is the primary benefit we get from automation. Additionally, we can use the infrastructure as a code concept with the management center. Cisco FMC also has a great API, which makes it easy to integrate with our code, ACI, and other systems.

Cisco Security and Cisco Firewalls have been effective in protecting our organization from external threats, such as DDoS attacks.

We have several integrations. One of them is between Cisco ISE and FMC, which allows us to monitor and control our users. Additionally, we integrated Cisco ISE with FTDs to function as a remote VPN server and control the traffic and behavior in our VPN network. We also use ISE as a TACAC server and integrated it with Cisco ACI and all of our devices. Furthermore, we use NetBox as a source of truth for our ISE, which helps us track all of our devices from the network and ISE.

The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team. 

Cisco Secure Firewall could benefit from enhancements in its API, documentation, and automation tools. Additionally, we've noticed that the Terraform provider for FMC has only two stars, few contributors, and hasn't been updated in a year. It only has 15 to 20 resources, which limits our capabilities. We'd love to update it and add more resources. For example, we currently can't create sub-interfaces with the provider, so we have to add Python code to our Terraform provider and use local provisioners. Additionally, improvement in the API would be helpful so that we can create ACL on the GUI with a simple click, but at this time we cannot create requests via the API.

I have used Cisco Secure Firewall within the last 12 months.

Cisco TAC support is excellent. Having worked with other support companies in the past. Cisco TAC is much more helpful and friendly. They always seem eager to assist with any issues and are particularly responsive in urgent situations. For example, if there is a problem in my production zone, they are quick to reassure and assist. Overall, I have a great appreciation for their support.

I rate the support from Cisco Secure a ten out of ten.

Positive

In our business, we have implemented a number of Cisco Secure products in our network infrastructure, including Cisco ISE as a AAA server, Cisco FMC Management Center for our firewalls, and Cisco FTD for Firepower Threat Defenses. We also use a TACACS+ server for our hardware. Cisco products make up the entirety of our infrastructure, including Cisco Nexus Switches, Cisco ACI fabric for our data centers, Cisco ASR Routers, and Cisco Wireless Solutions, which include WLC controllers, access points, and other relevant hardware. In our organization, Cisco is strongly preferred.

There has been a positive return on investment observed with the implementation of Cisco Secure solutions. The use of these solutions as our primary security products has been beneficial in terms of cost and security measures.

In the past, I encountered several difficulties and misunderstandings with Cisco licensing, but now the situation has improved. The Cisco Smart Software portal is an excellent resource for keeping track of, upgrading, and researching information related to Smart Licensing and other relevant topics. It is extremely helpful. Unfortunately, since it is not my money and there is only one vendor, I am unable to provide any comments on the prices. Nevertheless, the system, along with its provision through the Cisco Smart Software portal, as well as the traditional license and subscription models, are excellent and highly beneficial.

I rate Cisco Secure a seven out of ten.

My rating of seven out of ten for the Cisco Secure is because it's not excellent, but not poor either. It was enjoyable and overall satisfactory.

This solution is a next-generation firewall. We use it to inspect our traffic going through the internet edges. This solution blocks Tor nodes or botnets that try to invade the system using various methods for intrusion. 

This solution helped us to identify the key areas where we need to focus to block traffic that is malicious to our organization. We can complete a layer 7 inspection and take a deep dive into the packets and block the traffic accordingly.

It took approximately six months to a year to realize the benefits of deploying this solution. It's an arduous process that is still ongoing.

This tool offers great value with regard to cyber security due to its integration with different tools like Splunk and other cloud-based solutions.

Within an application, you can block traffic at a granular level instead of relying on HTTPS traffic.

The application detection feature of this solution could be improved as well as its integration with other solutions. 

I have been using this solution for five years. 

There is room for improvement when it comes to stability. We have encountered a lot of bugs using this solution.

This is a scalable solution. 

I would rate the customer support for this solution an eight out of ten. 

Positive

We previously used Check Point. We had an option to connect all of our security products from the endpoint to the firewalls to SASE-based solutions. This is why we changed solutions.

The initial setup is straightforward because it is supported by good documentation. We did not experience many issues and deployment took a couple of months.

We first deployed the solution in monitoring mode before moving into protection mode. We required four or five engineers for this. It takes a lot of time to do any maintenance or upgrades. This is one of my key pain points for this product.

Maintenance requires two people; one to focus on the upgrade and one to monitor the traffic.

We have experienced a return on investment in terms of security that has added value. 

This solution offers smart licensing that is comparable to other solutions on the market. 

I would rate this solution a seven out of ten. 

There are multiple data planes that run within this solution. My advice is to unify those data planes into a single data plane, so that traffic is sectioned and can be handled effectively. If you need a next-generation firewall, this is a good product.

We are currently using this solution as a VPN and an internet firewall in some locations. In our data center, we are still using FortiGate as an internet firewall but we are evaluating other options.

If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly.

We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.

I have been using Cisco Firepower NGFW Firewall for approximately three years.

The solution is not stable. There seems to be always some issues. This is not ideal when you are running a system in a data center environment.

There is room for improvement in the scalability of this solution.

I was satisfied with the support we received.

When I did the installation three or four years ago it was challenging. 

This solution is expensive and other solutions, such as FortiGate, are cheaper.

I have evaluated FortiGate firewalls and when comparing with this solution there is no clear better solution, they each have their pros and cons.

I would recommend a Next-Generation firewall. FortiGate has a Next-Generation firewall but I have never used it. However, it would be similar to the Cisco Next-Generation FirePOWER, which has most of the capabilities, such as running all the BDP sessions and having security intelligence in one system. 

I would recommend everyone to use this solution.

I rate Cisco Firepower NGFW Firewall a six out of ten.

It is for defense, protecting workloads from a distributed type of an environment. On-premises, we are hosting several different distributed user session type environments. In our case, it is remote desktop services, which enable users to go out and browse the Internet, in some cases to do legitimate services, and in other cases, it is more of a personal browsing session. In this case, the primary purpose is to protect those user sessions when they are accessing the Internet. The secondary use case is to protect these services and applications from inbound threats, e.g., Internet scanning, Internet exploit attempts, any sort of attack, reconnaissance, or anything of that nature coming from the public Internet.

Firepower is an add-on to Cisco ASAs that enables intrusion prevention detection and some additional advanced functionalities. We have both.

We have two on-premise data centers where Firepower is deployed.

In terms of logging, that has been a big benefit because it is a fairly straightforward and easy process to log results. We stream through a folder and that information goes out to Splunk. It delivers immediate value. While Firepower reporting is generally pretty good, there is some delay, as far as when information shows up and updates the internal Firepower reporting mechanism. What we found is if this information is streamed into a SIEM, then it can immediately apply additional enrichment on top of it and build slightly more relevant, near real-time reporting, in comparison to doing it directly from Firepower. In terms of value for Firepower data, the ability to stream that out as a log, then characterize and enrich it within the SIEM that is where we gain the most value from a security perspective.

The solution’s ability to provide visibility into threats is good. Combined with Cisco's own trend intelligence characterization as well as the creation and application of that sort of tag into the stream of data that Firepower detects, that immediately tells us which threat type it is: 

• Does it belong to a threat group? 
• Is it an IP block list?
• Is it a URL block list? 
• Is it a known threat? 
• Which threat list does it belong to?

All this additional information is definitely useful. We treat it personally as set and forget because we are in the block mode - intrusion prevention mode. We don't let threats in. We err on the side of being overly protective. This is opposed to letting in threats, then detecting, identifying, and taking action on stuff that got through. Instead, we just block it. In our day-to-day operations, normally what was blocked is generally useful, but it's not operationally important.

It is set up to automatically apply the blocks and use the threat intelligence delivered by Talos as well as the intrusion prevention rules. All of that is entirely automated.

It has improved our organization's security posture dramatically. It has definitely given us modern protection and peace of mind in terms of attacks against our infrastructure from known or emerging threats, so we can be protected against them.

Intrusion prevention is its most valuable feature because of its effectiveness. Cisco is the largest security company and one of the largest threat intelligence services with Talos. Cisco can identify and immediately apply any new threat information into signature sets for their Intrusion Prevention tools, including endpoint. In our case, we are talking about Firepower. That scope is what results in is an almost immediate application of application prevention signatures against any upcoming network attacks. So, if there is a new vulnerability, some sort of high critical value globally, the Cisco team is typically able to identify and write corresponding detection or prevention signatures, then apply them across their toolset.

It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective.

We are using Cisco Cloud Email Security and DNS security from Cisco as well as endpoint protection. The integration between these products is pretty good. The benefit is the ability of all these disparate tools to talk to each other and be able to take action, sort of feeding each other with newly intelligent detection mechanisms and passing that information on to the next tool, then taking action on that next tool based on information identified on the first tool. That is really the biggest benefit of using the ecosystem. So, we've optimized it. We leveraged Cisco's tech response, which connects with each of these tools. We definitely find value every day.

It was very easy to integrate with the SIEM, which is really our primary use case. Besides the Cisco ecosystem, it is integrating with a standalone separate SIEM solution, which is Splunk in our case. This was an easy, simple approach to accomplish. We had no issues or problems with that.

Try to understand if there is a need, e.g., if there is a need to log this information, get these logs out, and forward to some sort of a SIEM technology or perhaps a data store that you could keep it for later. There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility.

In some cases, I could see how SIEM is not an option for certain companies, perhaps they either cannot afford it, or they do not have the resources to dedicate a security analyst/engineer who could deploy, then manage the SIEM. In most cases, Firepower is a useful tool that a network engineer can help set up and manage, as opposed to a security engineer. To make the solution more effective and appealing, Cisco could continue to improve some of the reporting that is generated within the Firepower Management Console. Overall, that would give a suitable alternative to a full-fledged SIEM, at least on a network detection side, application identification side, and endpoint identification and attribution side. Potentially, a security analyst or network engineer could then simply access the Firepower Management Console, giving them the visibility and data needed to understand what is going on in their environment. If Cisco continues to improve anything, then I would suggest continuing to improve the dashboarding and relevant operational metrics present within the platform, as opposed to taking those logs and shipping them elsewhere.

About four years.

Once it is deployed, not much staff is required as long as the intrusion rules are specifically configured to automatically update. That is the primary thing. Then, the continuous periodic updates from Cisco apply operating system patches just to make sure that critical vulnerabilities are patched and operating system optimization is applied routinely. Strategy-wise, I would patch quarterly unless there was a critical vulnerability that Cisco would discover, then apply a patch against it. At which point, we would then patch our appliance.

The stability is very good. As far as I can tell, we don't have any issues with availability or stability.

Cisco accounts for scalability by having different hardware recommendations, depending on what the throughput is, the required coverage is in terms of number of devices, the amount of traffic, etc. In our case, I don't see any issues. We are appropriately sized, but I could see how if someone's environment doubles, then someone should account for that by either procuring another appliance and separating some of the traffic flows or getting a bigger, more powerful system that can handle increase in throughput.

We try fitting to an ecosystem mentality. For example, we have four different Cisco products, which is technically a single ecosystem. If you were to think of it that way, then it is four different tools from Cisco. Then, there are two additional ones on the network, which makes six. There are additional two or three for an endpoint, plus another two or three for email, and another two or three for identities. So, I would say there are probably around 20 security solutions total.

The network team as well as the security team use it. Combined, that is approximately six people.

We are perfectly sized. I don't think there will be a need to increase the footprint or anything like that, at least for a while.

I know that people typically say TAC is hit or miss. In my case, it was always a good experience. Whether it was Firepower related for licensing questions or email, I have never had any issues with Cisco TAC.

Cisco Talos is very good. They are very well-regarded and well-known. I respect the team. They know what they are doing. They are one of the best overall. They are probably the best threat intelligence organization out there. Their visibility is unparalleled, because the data that Cisco has access to and the telemetry that it's able to gather are quite amazing.

Almost all networks globally in the world are built with the Cisco products. The telemetry that it generates gives Cisco unparalleled visibility, and Talos steps into that. They are able to apply their analytics over that data and identify emerging threats before practically anyone else, but Microsoft. From that perspective, my organization appreciates what Talos is able to do. Cisco's intelligence is delivered through Talos, applying it to other products that are not Cisco, but we haven't gone down that path yet.

We started with Firepower. It was one of the first products that helped secure our organization. We are close to sort of an advanced maturity, primarily compliance-driven. We are not there yet, but we are close to it. We are somewhere sort of in the high to middle area. We have sort of a high compliance-driven security and close to the compliance-driven area, but still slightly below it. We are still fine-tuning and implementing some security technologies. Then, within a year's time, these will be simply managed and audited.

In my current place, I did not help set it up, but I did set it up previously as a dedicated intrusion detection and prevention tool with another security engineer. Honestly, the setup was pretty straightforward. This was a couple of versions behind. It definitely has well-understood requirements from a virtual machine and resources required perspective. No questions that came up.

For the dedicated intrusion appliance, we needed to identify where the most benefit would come from, so we identified the network space. The sort of choke point where we could apply the Firepower appliance in order to inspect the most traffic. In terms of efficiencies, the primary goal was to identify how to maximize the visibility using Firepower. We deployed it in a choke point and ensured that most of the traffic for the company goes through this intrusion appliance and the initial deployment occurred in a visibility mode only - No blocking, intrusion detection only. Then, with time, as we got comfortable with all the traffic that was being seen with a signature application across the traffic and understood the chances for false positives were low to none. At that point, we put it into prevention.

If we needed to address something with Cisco directly regarding Firepower support, that was also addressed fairly quickly with no issues.

The automated policy application and enforcement saves us at least a third of an FTE per day. In terms of time, that is about 30 percent per day. By deploying the solution, we are saving $600 a week, which is significant.

In some cases, resources, like a security engineer, are actually hard to come by because they are expensive. Substituting some of that engineering time with an effective technology, like Firepower, is probably a good strategy.

I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs. 

I have used one of Cisco's competitors and am fairly familiar with it: Palo Alto. I am also familiar with the Barracuda solution. I would say Palo is comparable with Firepower to some degree. The Barracuda solutions that I've used are nowhere near as close in terms of capability, metrics, user interface, or anything like that to Cisco.

Palo Alto and Cisco are about the same in terms of application visibility, user assignments, and attributions. They are comparable. On the threat side is where I think Firepower is better. It's able to identify and characterize better. It's also able to deliver metrics around that information in a clearer fashion. As an example, it is easier to extract fields and values in the log. It seems that the design of the appliance was focused around security, which is evident in how that information is being presented, both in the Firepower Management Console as well as in the log.

On the IT infrastructure side, we are using Cisco hardware for the network. Then, as a security team, we are looking at adding Cisco's incident response solution, but we have not done it yet.

Firepower provides us with application visibility and control. We don't utilize it to the fullest extent. We rely on some additional tools like DNS, to identify applications being used across our endpoints. However, the Firepower deployment primarily protects the servers. So, on the servers, it is a controlled environment. Therefore, we do know the applications and services being used and deployed out of the servers.

Applying something like this to protect yourself from the Internet, which is where most of the threats come from, besides email. It guarantees that you are able to refocus your energy on internal processes: endpoints, people, etc. Intrusion Prevention is effective because it helps security teams refocus their efforts to build out other components, such as security pillars of the organization.

The solution is effective. My initial exposure to Cisco started through Firepower, since then I have understood that Cisco is moving towards an ecosystem approach. Basically, Firepower represents what I think Cisco stands for.

I would rate the solution as a nine (out of 10). 

It does what it needs to do and does it great with a good sense of confidence, allowing the team and me to focus on other things. If needed, we can always leverage that data to derive different values from it.

We have an offshore development center with around 1,400 users (in one location) where we have deployed this firewall.

The maturity of our organization’s security implementation is a four out of five (with five being high). We do have NOC and SOC environments along with in-built access to our systems. 

We use Acunetix as one of our major tools. We do have some open source. There are a couple of networks where we are using the Tenable tool. We have implemented an SIEM along with a Kaspersky at the cloud level. In the Cisco firewall, we installed Kaspersky in the firewall logs which upload to Kaspersky for us to review back.

Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.

The advance malware protection (AMP) is valuable because we didn't previously have this when we had an enterprise gateway. Depending on the end user, they could have EDR or antivirus. Now, we have enabled Cisco AMP, which give us more protection at the gateway level. 

The application visibility is also valuable. Previously, with each application, we would prepare and develop a report based on our knowledge. E.g., there are a couple business units using the SAS application, but we lacked visibility into the application layer and usage. We use to have to configure the IP or URL to give us information about usage. Now, we have visibility into concurrent SAS/Oracle sessions. This solution gives us more visibility into the inbound/outbound traffic being managed. This application visibility is something new for us and very effective because we are using Office 365 predominantly as our productivity tool. Therefore, when users are accessing any of the Office 365 apps, this is directly identified and we can see the usage pattern. It gives us more visibility into our operations, as I can see information in real-time on the dashboards.

The solution has positively affected our organization’s security posture. I would rate the effects as an eight (out of 10). There is still concern about the engagement between Cisco Firepower and Cisco ASA, which we have in other offices. We are missing the visibility between these two products.

We would like more application visibility and an anti-malware protection system, because we don't have this at the enterprise level.

The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team.

Nearly a year.

So far, it has been stable.

We have around 32 people for maintenance. Our NOC team works 24/7. They are the team who manages the solution.

Scalability is one of our major business requirements. We are seeing 20 percent growth year-over-year. The plan is to keep this product for another four years.

We contacted Cisco directly when issues happened during the implementation, e.g., the management console was hacked.

We used Fortinet and that product was coming to end of life. We had been using it continuously for seven years, then we started to experience maintenance issues.

Also, we previously struggled to determine who were all our active users, especially since many were VPN users. We would have to manually determine who was an inactive user, where now the process is more automated. It also had difficult handling our load.

The initial setup was complex. We engaged NTT Dimension Data as there were a couple things that needed to be done for our requirements and validation. This took time to get signed off on by quality team. However, the configuration/implementation of the system did not take much time. It was a vanilla implementation.

We did face performance issues with the console during implementation. The console was hacked and we needed to reinstall the console in the virtual environment. 

We were engaged with a local vendor, NTT Dimension Data, who is a Cisco partner. They were more involved on the implementation and migration of the firewall. Some channels were reconfigured, along with some URL filtering and other policies that we used for configuration or migration to the new server.

Our experience with NTT Dimension Data has been good. We have been using them these past four to five years.

We have seen ROI. Our productivity has increased.

The change to Cisco Firepower has reduced the time it takes for our network guy to generate our monthly report. It use to take him many hours where he can now have it done in an hour.

Cisco pricing is premium. However, they gave us a 50 to 60 percent discount.

There are additional implementation and validation costs.

We also evaluated Check Point, Palo Alto, Sophos, and Cisco ASA. In the beginning, we thought about going for Cisco ASA but were told that Firepower was the newest solution. We met with Cisco and they told us that they were giving more attention going forward to Firepower than the ASA product.

We did a small POC running in parallel with Fortinet. We evaluated reports, capability, and the people involved. Palo Alto was one of the closest competitors because they have threat intelligence report in their dashboard. However, we decided not to go with Palo Alto because of the price and support.

We are using Cisco at a global level. We have internally integrated this solution with Cisco Unified Communications Manager in a master and slave type of environment that we built. It uses a country code for each extension. Also, there is Jabber, which our laptop users utilize when connecting from home. They call through Jabber to connect with customers. Another tool that we use is Cisco Meraki. This is our all time favorite product for the office WiFi environment. However, we are not currently integrating our entire stack because then we would have to change everything. We may integrate the Cisco stack in the future. It should not be difficult to integrate since everything is a Cisco product. The only issue may be compliance since we have offices in the US and Europe.

We are now using a NGFW which helps us deep dive versus using a normal firewall.

Overall, I would rate Cisco Firepower as an eight (out of 10).

I use the solution in my company for some internal testing purposes, so I don't use it in a real environment. I use it in my dummy lab environment.

The product's user interface is an area with certain shortcomings where improvements are required.

From an improvement perspective, the product's price needs to be lowered.

I have been using Cisco Secure Firewall for three years. I am a customer of Cisco.

I have faced no issues with the stability of the product. Stability-wise, I rate the solution an eight out of ten.

The product offers good scalability.

I rate the technical support a nine out of ten.

Positive

I have experience with Sophos.

The product's initial setup phase is a little difficult.

The product's deployment phase is a good and easy process.

The solution is deployed on the cloud.

The product is expensive.

I can't describe a particular scenario where the product has improved security, but I can say that the devices from Cisco are much more trustworthy and reliable compared to other devices in the market.

The most effective feature of the product for threat prevention stems from the granularity of the control that the devices from Cisco provide to its users.

The product offers great integration capabilities.

For our company's daily operations, the user interface provided by Sophos is much better and interactive compared to the one offered by Cisco.

You can choose Sophos if you want a low-budget or budget-friendly product. You can choose Cisco if you want a high-end and highly scalable tool with great integration capabilities, especially if budget is not an issue.

I rate the overall tool an eight out of ten.

Our customers for the most part use this solution in data centers. 

The feature my customers find the most valuable is the exportability. They also appreciate that the IPS features are easily migrated from Cisco SA to FTDs. 

We have seen some bugs come up with Cisco Secure Firewall in terms of high availability. The solution should be improved to avoid these bugs. 

We have been using Cisco Secure Firewall for almost a decade. 

Cisco's support is much better than other vendors' support. In my opinion, this is a big advantage for Cisco. The support Cisco offers is upper-level. 

Positive

We previously sold Fortinet devices. However, many of our clients switched over to Cisco because of the price as they are quite cheap. 

We are in the middle of a migration plan to Cisco right now in our company. I am not directly involved. We are working with a Cisco partner but I have been communicating our needs to them. However, I believe the migration process will be smooth for our company. It is crucial to have a solid migration plan in place because we are a core data center, so we have to be careful. 

We are deploying with the help of a partner. 

We do see a lot of ROI from Cisco Secure Firewall. We are in the process of migrating a lot of end-of-support devices with some new ones and the return on investment is there.

Price is a big selling point for Cisco Secure Firewall. They are quite affordable and many clients chose them precisely for this reason. 

This solution helped my clients save money and time. My clients save 50% on time thanks to automation and processing brought on by this solution. 

I have only good things to say about Cisco Talos. It has been quite helpful to our customers.