Cisco ASA Firewall Review

Automated policies save us time

What is our primary use case?

Some are being used as edge firewalls and others are for our server-farm/data center. So some are being used as transparent firewalls and others are used as a break between the LAN and WAN.

In addition to the firewalls, we have Mimecast for email security as we're using Office 365. We're also using IBM's QRadar for SIEM. For antivirus we're just using Microsoft Windows Defender. We also have an internet proxy for content and for that we're using NetScaler.

How has it helped my organization?

Automated policies definitely save us time. I would estimate on the order of two hours per day.

What is most valuable?

On the network side, where you create your rules for allowing traffic — what can come inside and what can go out — that works perfectly, if you know what you want to achieve. It protects you. Once you get all your rules in place, done correctly, you have some sort of security in terms of who can have access to your network and who has access to what, even internally. You're secure and your authorization is in place for who can access what. If someone who is trying to penetrate your network from the outside, you know what you've blocked and what you've allowed.

It's not so difficult to pull out reports for what we need.

It comes with IPS, the Intrusion Prevention System, and we're also using that.

For how long have I used the solution?

I've been using Cisco ASA NGFW for five years.

What do I think about the stability of the solution?

The stability is quite good. We haven't had issues. I've used them for five years now and I haven't seen any hardware failures or software issues. They've been running well. I would recommend them for their reliability.

What do I think about the scalability of the solution?

You can extend your network. They are cool. They are good for scalability.

How are customer service and technical support?

We have a Cisco partner we're working with. But if they're struggling to assist us then they can log a ticket for us. Our partner is always a 10 out of 10.

What was our ROI?

Given that we have been upgrading with Cisco firewalls, I would say that our company has seen a return on investment with Cisco. We would have changed to a different product if we were not happy.

The response time from the tech and the support we get from our partner is quite good. We have never struggled with anything along those lines, even hardware RMAs. Cisco is always there to support its customers.

What's my experience with pricing, setup cost, and licensing?

The pricing is quite fair for what you get. If you're comparing with other products, Cisco is expensive, but you do get benefits for the price.

Which other solutions did I evaluate?

The firewall that I was exposed to before was Check Point.

What other advice do I have?

It's very good to get partner support if you're not very familiar with how Cisco works. Cisco Certified Partner support is a priority.

For application visibility and control we're using a WAN optimizer called Silver Peak.

To replace the firewalls within our data center we're planning to put in FMCs and FTDs. With the new FMCs what I like is that you don't need to log in to the firewalls directly. Whatever changes you do are done on your FMCs. That is a much needed improvement over the old ASAs. You can log in to the management center to make any configuration changes. 

There are two of us managing the ASAs in our company, myself and a colleague, and we are both network specialists. We plan to increase usage. We're a company of 650 employees and we also have consultants who are coming from outside to gain access to certain services on our network. We need to make provisions on the firewall for them.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Cisco ASA Firewall reviews from users
...who work at a Financial Services Firm
...who compared it with Fortinet FortiGate
Add a Comment