Cisco ASA NGFW Review

The throughput and reliability of the product improve the network stability of our organization.


What is most valuable?

VPN (site to site VPN and remote access ), NAT policies, modular policy framework, detailed troubleshooting methods.

How has it helped my organization?

The throughput and reliability of the product improve the network stability of our organization.

What needs improvement?

Area : URL filtering and content filtering.

When Cisco ASA is presented as an enterprise firewall, that should be capable doing IPS/IDS, firewalling, VPN concentrator, application filtering, URL filtering and content filtering.

Of course, the last three technologies can do by a proxy. But nowadays, all next generation firewalls like Fortinet, Check Point, and Palo Alto are each bundling the UTM features into a single box with multiple separate content processors (hardware) to do these jobs.

This would enable single pane glass for management. No need to look at different devices for change management and troubleshooting.

I would say Cisco ASA is the best except for its URL and content filtering module. And these modules in ASA are not straightforward, rather complex in managing the device.

What was my experience with deployment of the solution?

I've been using this solution since 2007.

What do I think about the stability of the solution?

No.

What do I think about the scalability of the solution?

All product-based firewalls will encounter scalability issues. The firewall sizing is important during the sizing.

How is customer service and technical support?

Good.

Which solutions did we use previously?

I used to work with most of the hardware firewalls, Cisco ASA is reliable and few technologies are good enough to compete for the market (VPN, Modular policy framework, NAT, etc.).

How was the initial setup?

Straightforward -- console or via the interface.

What's my experience with pricing, setup cost, and licensing?

Expensive when compared to other products.

Which other solutions did I evaluate?

Yes, all.

What other advice do I have?

If you are looking into implementing VPN or advanced features, I recommend using this product. URL or content filtering is not good as much as the NGFWs are.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest

Sign Up with Email