Cisco Firepower NGFW Firewall Pros and Cons

Cisco Firepower NGFW Firewall Pros

reviewer1217634
Lead Network Administrator at a financial services firm with 201-500 employees
With the FMC and the FirePOWERs, the ability to quickly replace a piece of hardware without having to have a network outage is useful. Also, the ability to replace a piece of equipment and deploy the config that the previous piece of equipment had is pretty useful.
View full review »
JoshuaThums
Network Administration Lead at Forest County Potawatomi Community
The most valuable features of Cisco firewalls are the IPS and IDS items. We find them very helpful. Those are the biggest things because we have some odd, custom-made products in our environment. What we've found through their IPS and IDS is that their vulnerability engines have caught things that are near-Zero-day items, inside of our network.
View full review »
EduardoViero
IT Infrastructure Specialist at RANDON S.A
The protection and security features, like URL filtering, the inspection, and the IPS feature, are also very valuable for us. We don't have IT staff at most of the sites so for us it's important to have a robust firewall at those sites
View full review »
Learn what your peers think about Cisco Firepower NGFW Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,283 professionals have used our research since 2012.
Dave Cooper
Network Engineer at CoVantage Credit Union
Once you add Firepower onto to it and you start enabling some of its features, you get some IDS/IPS involved with it and you can even do web filtering.
View full review »
PaulChauchis
Security Architect
The IPS, as well as the malware features, are the two things that we use the most and they're very valuable.
View full review »
Al Faruq Ibna Nazim
Head of Technology at BDPEER Ltd.
Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching.
View full review »
Girish Vyas
Architect - Cloud Serviced at NTT Global Networks
They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities.
View full review »
Maharajan S
Associate Vice President - IT Infrastructure at Navitas Life Sciences
Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.
View full review »
Henry Pan
Technical Consulting Manager at a consultancy with 10,001+ employees
Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality.
View full review »
Zhulien Keremedchiev
Lead Network Security Engineer at TechnoCore LTD
The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy.
View full review »

Cisco Firepower NGFW Firewall Cons

reviewer1217634
Lead Network Administrator at a financial services firm with 201-500 employees
We had an event recently where we had inbound traffic for SIP and we experienced an attack against our SIP endpoint, such that they were able to successfully make calls out... Both CTR, which is gathering data from multiple solutions that the vendor provides, as well as the FMC events connection, did not show any of those connections because there was not a NAT inbound which said either allow it or deny it.
View full review »
JoshuaThums
Network Administration Lead at Forest County Potawatomi Community
The worst part of the entire solution, and this is kind of trivial at times, is that management of the solution is difficult. You manage FireSIGHT through an internet browser. I've had Cisco tell me to manage it through Firefox because that's how they develop it. The problem is, depending on the page you're on, they don't function in the same way. The pages can be very buggy, or you can't resize columns in this one, or you can't do certain things in that one. It causes a headache in managing it.
View full review »
EduardoViero
IT Infrastructure Specialist at RANDON S.A
The user interface for the Firepower management console is a little bit different from traditional Cisco management tools. If you look at products we already use, like Cisco Prime or other products that are cloud-based, they have a more modern user interface for managing the products. For Firepower, the user interface is not very user-friendly. It's a little bit confusing sometimes.
View full review »
Learn what your peers think about Cisco Firepower NGFW Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,283 professionals have used our research since 2012.
Dave Cooper
Network Engineer at CoVantage Credit Union
In Firepower, there is an ability to search and dig into a search, which is nice. However, I'm not a super fan of the way it scrolls. If you want to look at something live, it's a lot different. You're almost waiting. With the ASDM, where it just flows, you can really see it. The second someone clicks something or does something, you'll see it. The refresh rate on the events in Firepower is not as smooth.
View full review »
PaulChauchis
Security Architect
For the new line of FTDs, the performance could be improved. We sometimes have issues with the 41 series, depending what we activate. If we activate too many intrusion policies, it affects the CPU.
View full review »
Al Faruq Ibna Nazim
Head of Technology at BDPEER Ltd.
One feature lacking is superior anti-virus protection, which must be added.
View full review »
Girish Vyas
Architect - Cloud Serviced at NTT Global Networks
I was just trying to learn how this product actually operates and one thing that I see from internal processing is it does fire-walling and then sends it to the IPS model and any other model that needs to be performed. For example, content checking or filtering will be done in a field processing manner. That is something that causes delays in the network, from a security perspective. That is something that can be improved upon. Palo Alto already has implemented this as a pilot passed processing. So they put the same stream of data across multiple modules at the same time and see if it is giving a positive result by using an XR function. So, something similar can be done in the Cisco Firepower. Instead of single processing or in a sequential manner, they can do something similar to pile processing. Internal function that is something that they can improve upon.
View full review »
Maharajan S
Associate Vice President - IT Infrastructure at Navitas Life Sciences
The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team.
View full review »
Henry Pan
Technical Consulting Manager at a consultancy with 10,001+ employees
The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.
View full review »
Zhulien Keremedchiev
Lead Network Security Engineer at TechnoCore LTD
I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device.
View full review »
Learn what your peers think about Cisco Firepower NGFW Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,283 professionals have used our research since 2012.