We just raised a $30M Series A: Read our story
MM
Lead Network Engineer at a tech services company with 51-200 employees
Real User
Top 20
A recommended firewall solution that is straightforward, stable, and reliable

Pros and Cons

  • "We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution."
  • "We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls."

What is our primary use case?

We mostly use it for remote access. We also use this firewall between different segments of our enterprise network.

We have legacy models of this solution. We are using models 5510 and 5520.

What is most valuable?

We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution.

What needs improvement?

We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls.

For how long have I used the solution?

We have been using Cisco ASA Firewall for around one hour and a half years.

What do I think about the stability of the solution?

It is quite stable. We didn't have any issues or crashes, so we find it to be a solid solution.

How are customer service and technical support?

We don't have Cisco support because these models are excellent.

How was the initial setup?

It has moderate complexity. I didn't have any prior experience in configuring these firewalls. That's why I found its initial setup to be of moderate complexity, but now, I have got used to using and maintaining these devices.

What's my experience with pricing, setup cost, and licensing?

We're using the smart license for this firewall. The models that we have require licensing for remote access.

What other advice do I have?

I would absolutely recommend this solution. It is a very straightforward and reliable solution. I would definitely like to propose and offer this solution to other colleagues.

Cisco doesn't have any plans to develop this kind of solution more. Cisco ASA Firewall will not be developed in the future. The next-generation firewall is the next step in the development of the Cisco firewall. For this reason, we are investigating the possibility of migrating to another product.

I would rate Cisco ASA Firewall a nine out of ten. We are very happy with this solution. It is very straightforward and reliable, but it is quite a legacy solution and lacks performance. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
VG
Network Security Engineer at a tech services company with 51-200 employees
Real User
Top 20
A proactive threat defense solution with a good Inline Mode configuration

Pros and Cons

  • "The Inline Mode configuration works really well, and ASA works very impressively."
  • "I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall."

What is our primary use case?

I use it for VPNs, remote-access VPNs, environment issues, and failover issues. I also use the
content mode, NAT, and PAT in this firewall. We always use ASA for VPN sites and firewall sites. We use the edge for internet access for data center servers or company customers' internet access.

How has it helped my organization?

We always use ASA for integration another companies  and branches easily. 

What is most valuable?

The Inline Mode configuration works really well, and ASA works very impressively.

What needs improvement?

I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic at all. It's important, and you'll need an additional firewall. 

All next-generation firewalls don't have much control over Layer 7, but there's a little bit of control for inspection. ASA never controlled Layer 7, and it's a bad point.

 I don't like to use ASDM, a graphical interface, and other solutions for ASA. I wouldn't say I like this, and it's not good(ASDM).

For how long have I used the solution?

I have over seven years of experience with Cisco ASA Firewall.

What do I think about the stability of the solution?

It's stable. ASA works very well, and it's impressive. I use only ASA and only the Inline Mode. 

What do I think about the scalability of the solution?

It's a scalable, high availability solution. It's an active/standby model for VPN. But if you don't use VPN in these devices, it works as an active/active high availability model.

How was the initial setup?

If you're a Cisco Administrator or Cisco certified, the initial setup isn't a problem. But if you don't know Cisco devices and how they work, it can get a little complicated.

What other advice do I have?

I would advise new users to look at next-generation firewalls like FTD or other models from Cisco. It's better than Cisco ASA. Cisco ASA Firewall isn't a next-generation firewall.

On a scale from one to ten, I would give Cisco ASA Firewall an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Cisco ASA Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
541,708 professionals have used our research since 2012.
Hari Pandu Dairi
Network Engineer at a tech services company with 201-500 employees
Real User
Top 5
Easy to operate with good technical support, but needs better logging features

Pros and Cons

  • "The command line is the same as it is on the Cisco iOS router."
  • "The solution needs to have better logging features."

What is our primary use case?

We primarily provide implementation and maintenance services to our clients.

What is most valuable?

The software itself is very simple.

The solution is easy to operate. It's not overly complex.

The command line is the same as it is on the Cisco iOS router.

The technical support is very helpful and responsive.

What needs improvement?

The solution needs to have better logging features.

Cisco needs to migrate its ASA Firewall to a management console or to a web console.

For how long have I used the solution?

I've been working with the solution for six years at this point.

What do I think about the stability of the solution?

The solution is largely stable. Once we adopted Cisco services, we found that everything was pretty reliable. There aren't bugs or glitches. It doesn't crash or freeze. It's quite good.

What do I think about the scalability of the solution?

The scalability is a problem as the solution has a low throughput.

How are customer service and technical support?

We've been in touch with technical support and I've always found them easy to reach. They're responsive and helpful. I find their service much better than, for example, Fortinet or Palo Alto. Overall, we're satisfied with Cisco with respect to their technical support.

Which solution did I use previously and why did I switch?

We have some experience working with Palo Alto and Fortinet solutions as well.

What's my experience with pricing, setup cost, and licensing?

While I don't have the exact pricing of the solution, it's my understanding that Cisco is rather costly. It's not the cheapest option on the market. It's expensive. It's more costly, for example than Palo Alto.

What other advice do I have?

We have a gold partnership status with Cisco, however, we are also partners with companies such as Fortinet and Palo Alto.

For a next-generation firewall, I would likely recommend Palo Alto. However, if a company had the budget, I would recommend Fortinet. That said, for a VPN gateway, I would recommend Cisco ASA.

In general, I would rate Cisco's ASA Firewall at seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
OB
Principal Network Engineer at a manufacturing company with 501-1,000 employees
Real User
Top 20
Good monitoring capability, but it lacks the next-generation firewall functionality

Pros and Cons

  • "The most valuable features for my client are the ASDM and monitoring."
  • "Cisco ASA is not a next-generation firewall product."

What is our primary use case?

I am a consultant and when clients ask for white papers or studies, I do the research. At that point, they do whatever change processes they have; I give them all of the numbers and other relevant data, but that's the extent of what we do in my organization.

They are just using it as a stateful packet inspection firewall, traditional firewalling.

How has it helped my organization?

At this point, my client is looking for their next solution so something may not be working.

What is most valuable?

The most valuable features for my client are the ASDM and monitoring.

They have familiarity with the Cisco CLI.

What needs improvement?

Cisco ASA is not a next-generation firewall product.

For how long have I used the solution?

My client has been using the Cisco ASA solution for approximately five years.

What do I think about the stability of the solution?

They've been using it for five years and my assumption is that it's been good for what they needed it t do. However, they were consulting to move forward with something different.

What do I think about the scalability of the solution?

The scalability is very limited because as a traditional firewall, it's a step behind. As far as the scale goes, my assumption is that you just buy a bigger model.

Which solution did I use previously and why did I switch?

I was not consulting with this client when they implemented the Cisco ASA.

This is a hardware-based device, versus a virtual one, so it's maxed out.

How was the initial setup?

My assumption is that it's a typical HA, basic setup.

Which other solutions did I evaluate?

My client is looking for a next-generation firewall solution to replace the Cisco ASA.

What they need is a step up from what they already have that includes application-controlled firewall rules, as well as other features that ASA doesn't currently have.

What other advice do I have?

My suggestion for anybody who is looking at Cisco ASA is to work with the vendor, as they have newer products.

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AK
Senior Information Security Analyst at a manufacturing company with 10,001+ employees
Real User
Useful access controls, reliable, and good support

Pros and Cons

  • "I have found the most valuable feature to be the access control and IPsec VPN."
  • "When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution."

What is our primary use case?

I am using this solution for monitoring incoming and outgoing network traffic. This includes many types of traffic, such as VPN users.

What is most valuable?

I have found the most valuable feature to be the access control and IPsec VPN. There are a lot of people moving towards the next-generation versions of firewalls which have some advanced features such as this one. You can define rules based on the application instead of how they are traditionally are done. There are more general and traffic controls, and additional features for intrusion prevention for malware analysis.

What needs improvement?

When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution.

A lot of vendors, such as Palo Alto, are going toward cloud-based systems and Cisco should follow.

For how long have I used the solution?

I have been using this solution for approximately two years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

Since this is a hardware solution it does not scale as well as cloud versions. We have approximately 20,000 people using this solution in my organization.

How are customer service and technical support?

The support of this solution is very good.

What about the implementation team?

We have security specialists to manage the solution.

Which other solutions did I evaluate?

I have previously used FortiGate and Palo Alto solutions. When comparing them to this solution they have more standard features in their normal firewall this one does not.

What other advice do I have?

My advice to those wanting to implement the solution is to look at their use case and see if it meets those requirements for what they are looking for. There are a lot of security features that people may not be aware of and do not use. Explore the solution and all its features which will help you understand the configurations.

I rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Shrijendra Shakya
C.T.O at Sastra Network Solution Inc. Pvt. Ltd.
Reseller
Top 5Leaderboard
Reliable and easy to use with good security features

Pros and Cons

  • "It is very stable compared to other firewall products."
  • "They need a user-friendly interface that we could easily configure."

What is our primary use case?

We are using Cisco ASAv in our company and have deployed it for many of our customers. They are in both government and the private sector.

The deployment method varies depending on the customer's needs. For the government, it's through the government cloud while others are on-premises.

What is most valuable?

It is very stable compared to other firewall products.

It has good security features.

The firewall features make it easy for the users to work on it.

What needs improvement?

The interface needs improvement. I would like a better interface for Cisco. Other solutions such as Palo Alto have a user-friendly dashboard.

They need a user-friendly interface that we could easily configure.

It would be beneficial to have some of the features that Cisco has, integrating with other types of security.

For how long have I used the solution?

I have been using this solution for approximately eight years.

What do I think about the stability of the solution?

It's a very stable solution out of the box and we have not had any issues in our deployment.

We have 86% of the devices being used simultaneously.

What do I think about the scalability of the solution?

It's scalable based on the type of license and modules that you require.

We don't have the option to update the box, but we can add features such as antivirus protection.

How are customer service and technical support?

We have contacted technical support for some issues outside our technical expertise, mostly for updating the license.

We have a team that handles our issues.

What's my experience with pricing, setup cost, and licensing?

We work on a case-by-case basis and are have good offers by Cisco.

It's very competitive with other products.

What other advice do I have?

They should incorporate it with FortiGate, or Sophos firewalls. 

If they are looking for a layer 7 type of security then they need to go with another solution.

I would rate Cisco ASAv a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
JD
Network Security Engineer at a tech services company with 1,001-5,000 employees
Real User
Top 20
Affordable, scalable, and suitable for a big traffic load

Pros and Cons

  • "The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices."
  • "It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness."

What is our primary use case?

We are using it to manage our environment.

What is most valuable?

The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices.

What needs improvement?

It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness.

For how long have I used the solution?

I have been using this solution for five to ten years.

What do I think about the stability of the solution?

It is rather stable. It can have some peculiarities, but most of the time, it is quite stable.

What do I think about the scalability of the solution?

These are big devices. They have multiple models, but most of the models can be virtualized. You can create many virtual firewalls and add whatever you want.

How are customer service and technical support?

We faced some issues, but I don't deal with these issues. My colleague interacts with them, and it seems it is not that easy. Cisco is a large company, and sometimes, it is not easy to get quick and very efficient support.

What about the implementation team?

We have a firewall specialist who handles the installation.

What's my experience with pricing, setup cost, and licensing?

It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days. 

What other advice do I have?

It is a good solution for a big traffic load, but its management is not very easy. FortiGate is better in terms of management and user-friendliness.

I would rate Cisco ASA Firewall an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
NJ
Administrator at a university with 1,001-5,000 employees
Real User
Top 5Leaderboard
Flexible solution and can be easily integrated with your network hardware

Pros and Cons

  • "I have found the stability of this solution really good. This is why I use it."
  • "Comparing Cisco solution to others, it is expensive, it would be better for it to be cheaper."

What is our primary use case?

I am doing research on the product and testing it for security.

What is most valuable?

It is a flexible solution and can be easily integrated with your network hardware. It is a very useful product. This product is very popular in the industry and the network security environment is good.

What needs improvement?

It would be a benefit to improve the integration with other similar products from other vendors on the market, for example, Huawei or Fortinet products. Comparing Cisco solution to others, it is expensive, it would be better for it to be cheaper.

For how long have I used the solution?

I have been using the solution for three to four years.

What do I think about the stability of the solution?

I have found the stability of this solution really good, this is why I use it.

What do I think about the scalability of the solution?

The product is scalable.

How are customer service and technical support?

The customer service is really helpful, they do their part in keeping our organization's network from outside intrusion.

Which solution did I use previously and why did I switch?

I have used other solutions in the past, such as Cisco Firepower. I find Cisco products to be superior.

How was the initial setup?

The solution is normally easy to install but if the user has more requirements, as in a more complicated setup, it could take more time.

What about the implementation team?

I did the deployment myself.

What's my experience with pricing, setup cost, and licensing?

The product is very expensive. 

What other advice do I have?

I would recommend this product. I suggest this solution to my colleagues because it is a great product and is really stable. When looking at other products in use in other companies this product is superior. 

I rate Cisco ASA Firewall ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Firewalls
Buyer's Guide
Download our free Cisco ASA Firewall Report and get advice and tips from experienced pros sharing their opinions.