Cisco ASA NGFW Review

The best features are NAT, transport-layer inspections, and VPN


What is most valuable?

Cisco ASAs are great network firewalls and they can work for years after being configured. The best features are NAT, transport-layer inspections, and VPN.

How has it helped my organization?

With ASAs, we can keep operational expenses as low as possible. Disaster risks should be observed as usual, but this is definitely not the weak point.

What needs improvement?

I would like to see new SW versions being more stable and HW performance increase. However, the new 2000 series has high performance, but it is not shipped widely so far.

For how long have I used the solution?

I started using Cisco firewalls when old PIX models were produced. I then observed all model changes. This makes about 10 years of continuous experience.

What do I think about the stability of the solution?

There are no real stability issues, if upgrades are done carefully.

What do I think about the scalability of the solution?

I believe scalability issues are caused by poor design.

How is customer service and technical support?

Cisco technical support makes a good impression most of the time.

Which solutions did we use previously?

Some of my customers switched from ZyXel to Cisco and this is an obvious decision for me. It will be much harder to imagine a customer replacing Check Point or Fortinet with Cisco.

How was the initial setup?

The initial setup should not be left to the customer. The best way to do this is to make a basic setup and integration along with cabling and power-up, then verifying requirements and adjusting the configuration.

What's my experience with pricing, setup cost, and licensing?

Basic features and IPs can work without subscriptions. All next-generation features require per-year payments. Enterprise customers usually agree with price and license fees, so I don't see any painful issues with pricing and licensing.

Which other solutions did I evaluate?

I compared Cisco with Fortinet, Checkpoint, and DIY solutions.

What other advice do I have?

All you need to succeed is careful design, professional setup, and a support contract.

Disclosure: My company has a business relationship with this vendor other than being a customer: We have been Cisco channel partners for over 15 years.
Add a Comment
Guest
Sign Up with Email