We just raised a $30M Series A: Read our story
Imad Awwad
Group IT Manager at a manufacturing company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Behind in technology with lots of hidden costs

Pros and Cons

  • "Unfortunately in Cisco, only the hardware was good."
  • "In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline."

What is our primary use case?

The primary use case is to have full visibility over our Web & Application behavior on the local network and over the internet. On the other hand, reporting is one of the main needs so that we can monitor and evaluate our consumption and according to that, build up our policies and security.

How has it helped my organization?

Cisco NGFW had the needs that were required by us but unfortunately, was very primitive.

There was no added value and every feature requires license thus extra HIDDEN cost despite a large number of renewals. Paying that much compared to what other vendors can give is out of the negotiation. For this reason we dropped it.

What is most valuable?

Unfortunately in Cisco, only the hardware was good. As for the features and services it was less than the others. Having all of the features means higher specs of hardware and intelligence processing so that it can handle all the logs proactively. Now, what is needed from the Information security, is to be proactively aware of any threat that might expose our data and at the same time have full visibility over our information sharing endpoints.

What needs improvement?

In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline. Nowadays IoT, Big Data, AI, Robotics, etc. are all evolving and shifting from automatic to intelligent. All brands that do not follow will be extinct.

For how long have I used the solution?

I have been using this solution for three years.

How are customer service and technical support?

good

Which solution did I use previously and why did I switch?

I was using a different solution prior to this one. I shifted because I found that it can heal my pain at least partially. By the end, it did the job and more.

How was the initial setup?

Not that simple, but anyone who have the knowledge can configure it.

What about the implementation team?

Through a vendor and they have good tech

What's my experience with pricing, setup cost, and licensing?

Always look for the history of the products and their evolution, as this will reflect their prices. As for the licenses, be smart and choose the ones you are going to use AS PER YOUR NEED.

More features=More Licenses=More work time=Increase in Cost.

Always consider what you might need to reduce your wasted time and invest it in other solutions (i.e. "If it takes you three hours to do an analysis report and the solution you are getting has this feature to reduce your time to five minutes then you can consider this license. But, if there is a feature where you can have access to the machine from the cloud and you are always connected to the company by VPN, there is no need to buy this license").

Which other solutions did I evaluate?

Whenever I go for a new solution, I test many leaders "NOT RELYING ON GARTNER", yet going for sites that are related to technical evaluations and real case studies. The vendors were Sophos Cyberoam, Barracuda, FortiGate, Websense, & Check Point.

What other advice do I have?

Think before you buy, as this solution can be your success or failure. Always work with professionals and not promoters.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Phosika Sithisane
Executive Director at ict training and development center
Real User
Top 20
Good at blocking threats and pretty reliable but needs a better user interface such as web interface for easier create policy

Pros and Cons

  • "It's pretty reliable and allows for isolation capabilities within the network."
  • "The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use."

What is our primary use case?

We primarily use the solution for basic firewall configurations such as NAT, FORWARD PORT and Block TCP-UDP Port.

   

How has it helped my organization?

My company is very small just built last year, i now am using cisco asa 5510 for NAT and Port Forward and limit users access directly from internet only via Remote-VPN.

What is most valuable?

The ability to block threats is its most valuable aspect.

Most clients in Laos use the basic setup, which works quite well. It ensures that nothing can get onto the local network.

It's pretty reliable and allows for isolation capabilities within the network.

The ADSM is very good.

I like that I can use the command line. I use a lot of Cisco and often work with this. If you are comfortable with the command line, it's quite good.

What needs improvement?

The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use.

Cisco does not have a lot of web management. We have to use ASTM server management to make up for it.

For how long have I used the solution?

I've been using the solution, give or take, for around five years at this point.

What do I think about the scalability of the solution?


How are customer service and technical support?

When we need assistance from technical support, we typically deal with the team in China. They've been very good. Whenever I have a problem, they can resolve it. They are knowledgeable and responsive. We're satisfied with the level of support we get.

Which solution did I use previously and why did I switch?

We typically offer clients a few different solutions. For example, we may recommend Fortinet.

How was the initial setup?

For a new user, the initial setup may be a bit difficult. For me, since I am comfortable with Cisco, it's pretty straightforward. A new connection has its own complexities. It may be a different thing on Java SDK. There may be some programs that may not be able to access it.

What's my experience with pricing, setup cost, and licensing?

In Laos, clients don't have much wiggle room when it comes to cost. The economy right now isn't very good. Most just choose the basic solution in order to avoid pricey licensing fees.

Which other solutions did I evaluate?

subscription payment  

What other advice do I have?

We're just customers. We use it in our office and suggest it to clients. However, we don't have a business relationship with Cisco.

We try to adhere to our client's needs, and therefore, if they specify hardware they want to use, like Fortinet, we tend to accommodate them.

That said, if they ask my opinion, I usually recommend Cisco ASA.

I know a lot about the product and I'm good at controlling everything. I have a lot of knowledge and understanding after working with it so closely. That's why I tend to favor it when my customers ask for advice.

Overall, I would rate the solution seven out of ten. If the user interface were a bit better, I'd rate it higher.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Cisco ASA Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,823 professionals have used our research since 2012.
Suebsak Komjezsda
Senior MIS Manager at a tech company with 201-500 employees
Real User
Top 20
Stable with great security and good scalability

Pros and Cons

  • "The solution is excellent for enterprise-level networks."
  • "If the implementation was easier, it would be a lot better for us."

What is our primary use case?

We tend to use the solution as it's forced on us by corporate. Our company wants us to use it.

What is most valuable?

The solution is stable. We haven't had any issues in that sense.

The security of the hardware is excellent. Cisco is very serious in its approach to security.

We have a high level of trust in Cisco and its products.

The solution is excellent for enterprise-level networks.

What needs improvement?

The solution is difficult to use. There's more required than a typical firewall. It's different than, for example, Palo Alto and Fortinet, which we find are easier to set up. 

If the implementation was easier, it would be a lot better for us.

It would be such a great product for us if it was easier to manage.

For how long have I used the solution?

I've been working with the solution for more than ten years. It's been a long time. It's been over a decade at this point.

What do I think about the stability of the solution?

The solution is quite stable. We have no problems with bugs or glitches. It doesn't crash or freeze. It's good.

What do I think about the scalability of the solution?

We've found the solution to be scalable. A company shouldn't have any issues with expanding it if it needs to.

We have about 300 users on the solution currently. We do plan to continue to use Cisco in the future.

How are customer service and technical support?

We use third-party technical support that's offered and we're quite satisfied with the level of attention we receive.

Which solution did I use previously and why did I switch?

I have knowledge of Palo Alto and Fortinet.

While those two are easier to set up and control, nothing compares to Cisco in terms of security. They're very strong in that regard. We also find Cisco to be more stable.

However, we only use Cisco firewalls in our organization. We don't use anything else.

How was the initial setup?

The implementation is not so straightforward. It's rather complex and we have a lot of trouble with it.

The implementation took us about one month.

We plan to implement an updated version next month as well.

We need three to eight people to handle the setup.

What about the implementation team?

I did not handle the implementation by myself. Rather, it's done by another team including the original support from Singapore and with license support from headquarters in Japan.

However, our team does handle the implementation in-house, and we can handle the setup for clients as well.

What's my experience with pricing, setup cost, and licensing?

We do need to purchase licenses. Those come from headquarters in Japan. They handle the details in terms of pricing. I'm not sure of the overall costs.

What other advice do I have?

We're both a customer of Cisco and a reseller.

This month we plan to upgrade from our existing hardware.

Overall, we've been happy with the results we've gotten. I would rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Pardeep Sharma
Network security engineer at a tech services company with 1,001-5,000 employees
Real User
Top 5
A simple and reliable firewall with best support and very good netting, routing, and VPN functionalities

Pros and Cons

  • "Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA. The biggest advantage of Cisco products is technical support. They provide the best technical support."
  • "Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this."

What is our primary use case?

I am using Cisco ASA 5525 for netting, routing, and site-to-site VPN. We have two sites. I am using Cisco ASA Firewall on one site and Check Point Next-Generation Firewall on another site.

How has it helped my organization?

We have integrated it with Cisco Anyconnect. This feature has been very good for us during the lockdown.

What is most valuable?

Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA.

The biggest advantage of Cisco products is technical support. They provide the best technical support.

What needs improvement?

Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this.

For how long have I used the solution?

We have been using this solution for one and a half years.

What do I think about the stability of the solution?

It is stable and reliable. If you are looking for security from Layer 1 to Layer 4, Cisco ASA is good, but if you are looking for Layer 7 security, deep security, and malware detection, this is not the right product. You have to use some other product.

What do I think about the scalability of the solution?

We have more than 400 employees. We are currently not thinking of increasing its usage because we need more security, and Cisco ASA is not good for Layer 5 to Layer 7 security.

How are customer service and technical support?

The biggest advantage of a Cisco product is technical support. They provide 24/7 support on 365 days. Their technical support is one of the best. I would rate them a ten out of ten.

How was the initial setup?

Cisco ASA is very not complex. It is a very simple firewall. If you are configuring it through CLI, it is easy. If you configuring it through ASDM, it will be more difficult for a beginner engineer.

It takes around two to three days to cover all the parameters. It is very easy to deploy in an existing network, which is one of the main advantages of Cisco ASA.

What's my experience with pricing, setup cost, and licensing?

We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS.

Which other solutions did I evaluate?

I considered pfSense, but when I checked the reviews, pfSense's reviews were really bad, so we purchased Cisco ASA.

What other advice do I have?

I am very happy with this product in terms of netting, routing, and VPN functionalities. If you are a small organization with around 100 people and you are not thinking of Layer 7 security, deep security, and malware detection, Cisco ASA would be very useful and cost-effective for you.

I would rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
TH
President at a tech vendor with 11-50 employees
Real User
Top 20
Great diagnostics combined with a high-security VPN

Pros and Cons

  • "I like them mostly because they don't break and they have great diagnostics."
  • "They should improve their interface."

What is most valuable?

I like them mostly because they don't break and they have great diagnostics. If something is awry, you can generally figure it out. And of course, everybody has a VPN, but I like the security of their VPN.

What needs improvement?

They should improve their interface and ensure that people actually know what they're doing before they start programming; that would make me happy. But that's never going to happen — it's a total pipe dream.

Some of the next-generation stuff that Cisco is doing now allows you to add web filtering and provides more security inside the device. That's why we were looking at the Next-Generation Firewall.

For how long have I used the solution?

I have been using this solution since they developed it.

What do I think about the stability of the solution?

I've had a couple of issues. Way back, they had a power supply that had to be changed out. They also had some issues with the 5500 series. Other than that, they're pretty rock-solid.

What do I think about the scalability of the solution?

Within their limitations, yes, they're scalable. You don't want to put a 5506 in when you need a 5525 — you'll never get it there. If properly sized, they're scalable, but you can't make a 5506 a 5525 — there're different processors and everything. You have to know where you're going. You have to know your customer first.

How are customer service and technical support?

The tech support is good. The documentation is verbose almost to the point of being confusing if you don't know what it is you're looking for.

It's only confusing if you have somebody who is not familiar with it. They give you every option in great detail, so you can spend time searching through a manual that you might not otherwise. Here's an example: take Sophos or SonicWall — let's say the manual for SonicWall is 25 to 30 pages; that same Cisco documentation is going to be three times that size or more.

It's not that it needs to be simplified, the people using it need to be knowledgeable. It is not a novice box, we'll put it that way.

Which solution did I use previously and why did I switch?

We've been with Cisco for a long time. We've used their routers and gadgets for years and years.

How was the initial setup?

The initial setup is quite straightforward.

What's my experience with pricing, setup cost, and licensing?

I would guess that the market value of Cisco is going to be towards the higher-end. I don't know that it's the highest, but feature for feature, I'd say it's probably well-priced.

What other advice do I have?

Cisco ASA Firewall Is not as much of a plug and play solution as some of the others. You just need to make sure that you do your research.

On a scale from one to ten, I would give Cisco ASA Firewall a rating of nine.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
MR
Network Security Engineer at a tech services company with 201-500 employees
Real User
Top 5Leaderboard
Good UI but too expensive and not very stable

Pros and Cons

  • "The user interface, the UI, is excellent on the solution."
  • "The stability is not the best."

What is our primary use case?

I primarily use the solution for the IPsec only. 

What is most valuable?

The user interface, the UI, is excellent on the solution. Let's say you want to check the real-time locker - you can create it by the UI using ADSM.

What needs improvement?

The VPN portion of the solution isn't the greatest.

The stability is not the best.

The solution is far too expensive.

For how long have I used the solution?

I've been working with the solution for about six months, or maybe a little bit less than that.

What do I think about the stability of the solution?

I haven't found the stability to be very good. The IPsec stability leaves a lot to be desired. They really need to work on the solution's stability capabilities.

In ASA, I built the IPsec between ASA and Fortigate due to the fact that most of the time I have to restart the timer to flow the data.

What do I think about the scalability of the solution?

We only have two to three users who directly deal with the solution within our company. Overall, we have between 100-200 employees. We haven't really scaled it.

I personally would prefer not to use ASA going forward. However, I don't know if the company itself has any plans to increase usage or not.

How are customer service and technical support?

While I've dealt with Cisco technical support in the past on other solutions, I have not contacted them in regards to this specific product.

That said, my past experience with Cisco technical support has been very positive and I found them to be very helpful in general. I just can't speak to this specific product.

How was the initial setup?

I was pretty junior when the solution was initially implemented in the organization. For that reason, I did not take an active role in implementing the solution. I wouldn't be able to really discuss the setup specifics or the level of difficulty.

I'm not exactly sure who handles maintenance, if any, within our organization.

What's my experience with pricing, setup cost, and licensing?

The licensing is quite expensive. I don't have the exact amount, however, it's my understanding that it's a very pricey solution. There's a lot of competition out there, including from Fortigate, which offers just as good, if not better products.

What other advice do I have?

I'm not overly familiar with ASA. I only work with it on an administration level.

I work with the latest version and I use the ASDM version server.

I wouldn't recommend that an organization choose ASA as a solution. They should look into other options.

Overall, I would rate the solution at a six out of ten. We haven't had the greatest experience.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sergio Díaz
Owner/CTO at FS NETWORKS
Real User
Top 20
Good solution that is easy to implement

Pros and Cons

  • "The initial setup is easy."
  • "In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."

What is our primary use case?

Our primary use case is for perimeter security.

We are using the enterprise version. Cisco has many versions. Maybe we are using the old version of ASA because it needs to be the freeware. In each freeware, there are different types of things. Maybe it is the standard version because the other version cost a lot. I need to combine it with another solution like an open source standard solution of the ASA firewall from Cisco.

What is most valuable?

Firewalls are about blocking. ASA is for blocking, but it does not have the intelligence like Fortinet to detect attacks. If I could use ASA to detect attacks, maybe we could buy another service from Cisco although it's very expensive. I would choose Fortinet, but my clients like ASA support. I prefer Fortinet because Fortinet has a UTM and it's a good firewall.

What needs improvement?

In terms of what could be improved, the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all.

I would like to see all the features like Fortinet has. If I buy ASA, I would like to see a Fortinet-like interface.

It would be good if Cisco could improve their web interface to configure the equipment. Cisco is very reliable and very secure, but has to compete with Fortinet which is very hard.

On a scale of one to ten, I would give Cisco ASA Firewall a nine.

For how long have I used the solution?

I have been using Cisco ASA Firewall for about 15 years.

What do I think about the scalability of the solution?

We have maybe 100 - 200 end users using the solution.

How are customer service and technical support?

I would give their technical support an eight out of ten because of their response time.

Let me give an example. When I have a problem, and I contact support, maybe there is a guy from India or from another country answering me. This is very slow. The people look at the ticket and increase the time for response.

How was the initial setup?

The initial setup is easy. Firewalls are like programming. If you know programming, you know every language. Firewalls are the same. If you know the security and blocking the perimeter, it's the same for all the firewalls. The difference with the different firewalls are the functionalities. Learn the functionalities in every brand.

What other advice do I have?

My advice to anyone considering Cisco ASA Firewall is that you need a lot of money to implement the Cisco solution. But it's a good solution. If you want to go to Cisco, you need a lot of money.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
FB
Sr Network Administrator at Orient Petroleum Inc
Real User
Top 20
Reliable and user-friendly with good technical support

Pros and Cons

  • "The user interface is easy to navigate."
  • "The annual subscription cost is a bit high. They should try to make it comparable to other offerings. We have a number of Chinese products here in Pakistan, which are already, very cheap and have less annual maintenance costs compared to Cisco."

What is our primary use case?

We are primarily using the solution to protect our network.

What is most valuable?

The security the solution offers is very good. Security-wise, it's the top in the world.

The product has excellent technical support.

The user interface is easy to navigate.

Everything is user friendly.

What needs improvement?

The annual subscription cost is a bit high. They should try to make it comparable to other offerings. We have a number of Chinese products here in Pakistan, which are already very cheap and have less annual maintenance costs compared to Cisco.

For how long have I used the solution?

I've been using the solution for a few years now.

What do I think about the stability of the solution?

The solution is reliable. We have been using it for more than a couple of years and we haven't had any problems. There's been no downtime and no hardware failures. It's pretty stable.

What do I think about the scalability of the solution?

We've never tried to scale. We have a pretty small set up in our country. It's unlikely we will have to scale.

Currently, we have between 200 and 300 people on the solution.

How are customer service and technical support?

The technical support has been very good. They are helpful and knowledgeable. We're quite satisfied with their level of service.

Which solution did I use previously and why did I switch?

This is the first product of this nature that we have implemented. We didn't previously use a different solution.

How was the initial setup?

Initially, the preliminary set up took us some time. However, we did have some local expertise in Pakistan. Once, when we were stuck on something, we could manage to get help from Cisco online. It wasn't that tricky or complex. In the end, it was straightforward.

What about the implementation team?

We had some assistance with a local expert as well as Cisco.

What's my experience with pricing, setup cost, and licensing?

There's an annual subscription. It's not cheap. It's quite pricey if you compare it to other competitors in Pakistan. There aren't any extra costs beyond the yearly licensing.

We pay about $200 yearly and we have two firewalls.

What other advice do I have?

We are the customer. We are in the oil and gas business. We don't have a business relationship with Cisco.

I'd recommend the solution to others straight away. It's more or less a very standard option here in Pakistan.

Overall, on a scale from one to ten, I'd rate the solution at an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Firewalls
Buyer's Guide
Download our free Cisco ASA Firewall Report and get advice and tips from experienced pros sharing their opinions.