Cisco Sourcefire Firewalls Review

Centralized policy creation simplifies matters more than previously. URL, Malware and IPS built-in has been a great help.


What is most valuable?

Centralized policy creation for URL, application, IPS, etc. It simplifies matters more than previously.

How has it helped my organization?

It provides centralized management. I would also add that URL, Malware and IPS built-in has been a great help as well. Where we used to need several products for all these features, we now only need the ASAs with the additional licensing. So now, it is more a matter of license management over hardware and licensing management.

What needs improvement?

More centralization and simplification of product lines would help most engineers, but I think licensing is the key here. Most organizations won’t pay the money to have ELA licensing, so all the individual licenses for these products can be overwhelming. Plus, they never really synch for expiration time.

This is mainly due to reliance on other Cisco products and licensing. For example, Palo Alto includes several features in one whereas Cisco requires multiples. However, I still think Cisco offers great products but to get a "10" they might consolidate devices or simplify licensing.

For how long have I used the solution?

I have used this for two years, but company has used Cisco solutions for many years.

What do I think about the stability of the solution?

We did somewhat have stability problems. Upgrading the ASA, ASDM, and SFR can be a pain if you have as many firewalls as we do (21). Once you can get them to fall under FPMC management it can be a little easier, but it is a battle to get to that point.

What do I think about the scalability of the solution?

There have been no scalability issues from my point of view. I was handed the solution, so some of the initial work was done.

How is customer service and technical support?

I rate support 10/10. TAC has always done a great job with answering my questions and providing remote support when needed.

Which solutions did we use previously?

Previously, I used ASAs without FirePower; and unsure what my company used prior to that.

How was the initial setup?

For me, setup was half-and-half. In one update run I missed the step that discusses how the ASA and ASDM need to be on a specific patch prior to upgrading the SFR. FPMC attempted to push the new update to the devices regardless of this mismatch that caused FPMC to loose communication. I had to downgrade the SFR all the way back to v5.4.1 before I could install the latest version. You also have to step through several updates before you are done, so that can be tedious as well.

What's my experience with pricing, setup cost, and licensing?

Read everything and track all your licenses. Research all options and maybe pick a few to PoC. It doesn’t hurt to trial others. Maybe they are a better fit for your environment.

Which other solutions did I evaluate?

We are moving forward with ELA 5.0 for all Cisco security devices. Prior to that decision, we did a PoC with Palo Alto 3020 and 220 firewalls and Panorama. Those are some great products, but we are so Cisco centric that the cost of ELA isn’t much more than we are spending now.

What other advice do I have?

Do research. FPMC is great for us but it requires a lot of time and attention.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest

Sign Up with Email