Cisco ASA NGFW Review

You can extend your visibility in network infrastructure for monitoring.


What is most valuable?

The Advanced Malware Protection and Security Group Tag (SGT) are valuable features. You are able to integrate all the networks by using SGT with the pxGrid service. This is built-in technology in Cisco devices and services.

How has it helped my organization?

You can extend your visibility in network infrastructure for monitoring. You can absolutely give your users a better experience. When you use .1X for user authentication:

  • Users login just one time
  • You can control all user access to the internet, data center resources, and across the network.

What needs improvement?

After Firepower V6.1, Cisco added bandwidth shaping on the FTD product. This feature is a little bit weak. You cannot have customized shaping in different projects.

For how long have I used the solution?

I have used this product, as well as Cisco Firepower Threat Defense, for about two years.

What do I think about the stability of the solution?

I have heard about some bugs, but I have never encountered any.

What do I think about the scalability of the solution?

This product is very scalable in our experience.

How was the initial setup?

It is easy to initialize. For advanced configurations, it is sometimes complicated.

What's my experience with pricing, setup cost, and licensing?

The base license is delivered with the device. This license includes IPS and user authentication. You should buy a license for an IPS update. You should also buy another license for AMP and URL filtering.

These are the important licenses: BASE, IPS, AMP, and URL filtering. Apart from the base license, the other licenses are subscription based for one, three, or five years.

Which other solutions did I evaluate?

I evaluated many products, such as CheckPoint, Palo Alto, Fortinet Firewall, Sophos, and Cyberoam Firewall.

What other advice do I have?

This product is very usable when you need integrity in your network. This product is very functional when you use a Cisco Identity Services engine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Free Trial

Start your two week free trial.

Add a Comment
Guest

Sign Up with Email