Cisco ASA Firewall Review

We decided to go with Cisco because stability and reliability were major concerns for us.

What is most valuable?

Outstanding NGFW capabilities, Site to site VPNs and High Availability. Also the integration of FirePOWER services (Web Filtering/IPS/Malware Protection) are a huge step forwards for an already great platform.

How has it helped my organization?

We purchased a pair of ASAs to handle all perimeter traffic in and out of our network. This devices enabled us to secure all our perimeter traffic, WAN connections, Internet connectivity and Internet facing services. FirePOWER services enabled better control and visibility over the traffic traversing our perimeter. High Avalability helped us greatly improve the availability of the services by reducing downtime caused by both Incidents and planned maintenance operations.

What needs improvement?

Only problem in my opinion is ease of use. You really need to know your way around the CLI and complex feature set to get things working. The ASDM GUI is good for some things but for the most part you'll need to stick to the CLI which is a bit difficult specially if you don't have a lot of experience around Cisco equipment.

For how long have I used the solution?

We've operated this firewalls for around 2 years now.

What was my experience with deployment of the solution?

ASAs are as complex as they are powerful. Configuration and administration are not as straightforward as other solutions and will take some time and studying to get used to them.

What do I think about the stability of the solution?

In my experience with various Firewall solutions, the stability and reliability of Cisco ASAs is unparalleled.

What do I think about the scalability of the solution?


How are customer service and technical support?

Customer Service:

Cisco offers great customer service.

Technical Support:

The best I have worked with.

Which solution did I use previously and why did I switch?

We used to have a SonicWall and an older ASA 5510 platform. Both were replaced by a Cisco ASA cluster using a pair of 5525x.

What's my experience with pricing, setup cost, and licensing?

ASAs are expensive. The initial cost is high compared to other similar solutions, and chances are the personnel that will operate them will require some training. But if you're aiming for stability and reliability, this is the best solution you will find.

Which other solutions did I evaluate?

We evaluated Fortinet and SonicWall, both great UTM vendors. Although those platforms are cheaper, we decided to go with Cisco because stability and reliability were mayor concerns for us, also the support is much better in my experience.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Cisco ASA Firewall reviews from users
...who work at a Financial Services Firm
...who compared it with Fortinet FortiGate
Add a Comment

author avatarOrlee Gillis

Alberto, thanks for your review.

Can you elaborate on what differentiates Cisco ASA in terms of its Firewall's stability and scalability?

author avatarAlberto E. Luna Rodriguez
Top 10Real User

I refer to the problems caused by failures of the platform itself. In my experience, Other firewalls, specifically UTMs like FortiGate and SonicWall, are more susceptible failures due to platform bugs and errors that affect services.

Since we implemented our ASA cluster, problems caused by failure of the Firewalls have been practically nonexistent. Even software upgrades on the ASAs are done without disrupting operations. Before that, we were used to dealing with issues were the other firewalls would fail under normal conditions, requiring, in some cases, device reboots and emergency patches.

author avatarOrlee Gillis

Great to know, sounds like you've really had a great experience with ASA. How do you expect these enhancements to help your productivity and/or security in the long term?