We just raised a $30M Series A: Read our story

Cisco IOS Security OverviewUNIXBusinessApplication

Cisco IOS Security is #6 ranked solution in top Intrusion Detection and Prevention Software and #19 ranked solution in best firewalls. IT Central Station users give Cisco IOS Security an average rating of 8 out of 10. Cisco IOS Security is most commonly compared to Zyxel Unified Security Gateway:Cisco IOS Security vs Zyxel Unified Security Gateway. The top industry researching this solution are professionals from a comms service provider, accounting for 30% of all views.
What is Cisco IOS Security?
Cisco IOS Software delivers a sophisticated set of security capabilities for a comprehensive, layered security approach throughout your network infrastructure. Cisco IOS security technologies help to defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls.

Cisco IOS Security was previously known as IOS Security.

Cisco IOS Security Buyer's Guide

Download the Cisco IOS Security Buyer's Guide including reviews and more. Updated: December 2021

Cisco IOS Security Customers
Arup Group, Brunel University London, City of Biel, Gobierno de Castilla-La Mancha, K&L Gates , New South Wales Rural Fire Service, Offshore Northern Seas, Transplace
Cisco IOS Security Video

Archived Cisco IOS Security Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
SH
Senior Engineer Data Center at a comms service provider with 1,001-5,000 employees
Real User
A straightforward initial setup with good technical support

How has it helped my organization?

This has improved the way our organization operates very well.

What is most valuable?

The most valuable feature is the support that we get.

What needs improvement?

In the next release of this solution, we would like to see support for the 100BT and 7000 models. We have experienced bugs in the solution.

What do I think about the stability of the solution?

This solution is stable.

What do I think about the scalability of the solution?

I would rate the scalability of this solution at about eighty percent.

How are customer service and technical support?

Technical support for this solution is very good.

How was the initial setup?

The initial setup of this solution is straightforward.

What about the implementation team?

We…

How has it helped my organization?

This has improved the way our organization operates very well.

What is most valuable?

The most valuable feature is the support that we get.

What needs improvement?

In the next release of this solution, we would like to see support for the 100BT and 7000 models.

We have experienced bugs in the solution.

What do I think about the stability of the solution?

This solution is stable.

What do I think about the scalability of the solution?

I would rate the scalability of this solution at about eighty percent.

How are customer service and technical support?

Technical support for this solution is very good.

How was the initial setup?

The initial setup of this solution is straightforward.

What about the implementation team?

We deployed this solution ourselves.

What was our ROI?

There is a return on investment with this solution. 

What's my experience with pricing, setup cost, and licensing?

The licenses for this solution are expensive.

What other advice do I have?

This is a good solution, and one that I recommend, but sometimes we have bugs.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
RH
Director Network Engineer at Therap Services
Real User
Offers good security and is easy to use

Pros and Cons

  • "The stability of this solution is excellent."

    What is our primary use case?

    Our primary use case for this solution is internet security at the edge.

    How has it helped my organization?

    Cisco IOS Security gives us a level of trust at the edge as far as being the first line of defense for anything that's trying to get into our network.

    What is most valuable?

    The feature I find most valuable is that the solution doesn't really change from year to year. The basics are there and I have so much experience with it that it's easy to use. I also like the security this solution offers.

    What needs improvement?

    External threats are changing every day, so there are new features coming in. We're more into the command line interface rather.

    For how long have I used the solution?

    Offers good security and is easy to use

    What do I think about the stability of the solution?

    The stability of this solution is excellent. 

    What do I think about the scalability of the solution?

    We are very satisfied with the scalability of this solution.

    How are customer service and technical support?

    The technical support is excellent. We've contacted the tech team a few times and the turnaround time was always almost immediately.

    Which solution did I use previously and why did I switch?

    We've always been using this solution and we haven't seen a need to change from it so we haven't looked at other vendors in quite a while because we are totally satisfied with what we have.

    How was the initial setup?

    The initial setup was straightforward and we did the deployment ourselves. We could go on the internet for any reference that we needed.

    What's my experience with pricing, setup cost, and licensing?

    We have to renew our license every three years.

    What other advice do I have?

    My rating for this solution is a ten out of ten because it does everything I need and it is easy enough to use. My advice to others is to definitely have it on their list of vendors to take a look at. I really recommend this solution.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Learn what your peers think about Cisco IOS Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
    555,139 professionals have used our research since 2012.
    OM
    Senior Pre Sales Engineer at IKUSI
    MSP
    Gives us better efficiency and is a secure option for platforms and gateways

    Pros and Cons

    • "Cisco IOS allows us to keep the same security features as our principal offices."
    • "I think setup could be one area for improvement, because sometimes we don't have people inside so we have to move to the place."

    What is our primary use case?

    We use this solution to connect branch offices and keep the security on each one.

    How has it helped my organization?

    Cisco IOS allows us to keep the same security features as our principal offices.

    What is most valuable?

    We can access control lists and VPN tunneling.

    It gives us better efficiency.

    What needs improvement?

    I think setup could be one area for improvement.

    I would also like to see them add integration with cloud solutions like Umbrella, as well as some monitoring improvements. This would let us connect a new platform and cloud solution for a site.

    What do I think about the stability of the solution?

    Cisco's high stability is a well known feature.

    What do I think about the scalability of the solution?

    It is scalable. We can go to another platform and keep the same functionality.

    How are customer service and technical support?

    I think we have great support from Cisco for this. I haven't used it personally, but I have heard good things.

    Which solution did I use previously and why did I switch?

    I think we used Firepower. We work specifically with Cisco.

    What about the implementation team?

    I think the initial setup was simple. We have a lot of documentation and a guide that we can follow.

    What was our ROI?

    Thinking about the ease of managing these platforms and the technical support that we have, we can avoid extra costs and investments. We've saved time allowing our staff to work on other things that have saved money overall.

    What other advice do I have?

    My advice is that this is a very secure option for platforms and gateways using the Cisco IOS security feature.

    I would rate Cisco IOS as ten out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    Salim Almusalhi
    Network Engineer at PART
    Real User
    Has good routing features and is easy to use

    Pros and Cons

    • "I've found their network routing to be very good."
    • "I wish it would be more like the next generation firewall technology. There should be more selection between the application and filtering."

    What is our primary use case?

    We use Cisco IOS for security prevention. It enables us to check the network.

    How has it helped my organization?

    I didn't think that they would put servers in the DMZ. It also protects us from hackers; we haven't had any issues with them.

    What is most valuable?

    I've found their network routing to be very good.

    It is also stable, has good scalability and is easy to use. 

    What needs improvement?

    I wish it would be more like the next generation firewall technology. There should be more selection between the application and filtering.

    I would appreciate updates to reporting, in terms of data entry.

    For how long have I used the solution?

    We have been using Cisco IOS for more than eight years.

    What do I think about the stability of the solution?

    We don't have any issues with stability. Cisco is always stable.

    What do I think about the scalability of the solution?

    Scalability is easy.

    How are customer service and technical support?

    We have a contract with the representative of DEO support, not just Cisco. So we have local support. If we have any issue, they respond to us directly by phone.

    How was the initial setup?

    The initial setup was easy. There are step-by-step instructions, like many of their other products.

    What was our ROI?

    The solution is definitely valuable for us.

    What's my experience with pricing, setup cost, and licensing?

    The licensing is on a subscription basis, and it is fairly costly. I would prefer a one-time payment.

    What other advice do I have?

    My advice is to take this firewall. It is really good. I would rate Cisco IOS as eight out of ten.

    The next-generation firewalls, like UTM, have paper-thin single boxes. They should follow the same projects, like the next-generation firewall. They have everything like 40GBs in a single box, along with filtering applications, like VPN and SSN. They also have reporting features.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    VR
    Product Manager - Wireless / IT Support Manager at a tech services company with 51-200 employees
    Real User
    Straightforward initial setup and good scalability

    Pros and Cons

    • "You can scale it when you need to."
    • "If they could increase the performance a little better because the device sometimes gets slow."

    What is our primary use case?

    Since we do system integration, we have a lot of clients we deploy. There is not really a single case to point to because we have multiple clients. It depends and can vary from customer to customer.

    What is most valuable?

    Defending the business processes.

    What needs improvement?

    If they could increase the performance a little better because the device sometimes gets slow. If they could increase the performance it would be great.

    For how long have I used the solution?

    I've been using this solution for between seven and eight years.

    What do I think about the stability of the solution?

    The solution's stability is quite good. We have about six hundred users.

    What do I think about the scalability of the solution?

    The scalability is quite good. You can scale it when you need to. As you go, you can scale it. It's quite scalable. It's quite good.

    How are customer service and technical support?

    I haven't used technical support yet.

    Which solution did I use previously and why did I switch?

    We have been using this solution for six or seven years; we didn't use another solution before.

    How was the initial setup?

    The initial setup was very straightforward. It only took a couple of hours, it doesn't take long.

    What other advice do I have?

    In terms of advice, I would suggest others should use it. It is quite a good product, it is one of the market leaders. I believe it could be as good as other solutions. There are two things you require: one is support and the other one is credibility. Both are there with this product.

    I would rate this solution eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Fadil Kadrat
    Network Engineer at Banque des Mascareignes
    Real User
    Top 20
    Scalability suits all enterprise needs, but it could use a better interface

    Pros and Cons

    • "The VPN is the most valuable feature."
    • "The routers, don't have like long-term tendency features, or higher availability features available for the IOS. It could also use a better user interface."

    What is most valuable?

    The VPN is the most valuable feature. 

    What needs improvement?

    With Cisco IOS, especially the routers, don't have like long-term tendency features, or high availability features available for the IOS. Also, it could use a better user interface.

    For how long have I used the solution?

    I've been using the solution for 8 years.

    What do I think about the stability of the solution?

    The solution is extremely stable. It's one of the best. It's a stable solution.

    What do I think about the scalability of the solution?

    In terms of scalability, it definitely suits all enterprise needs. The product is all we need for today's enterprise, for the client. For me, in terms of scalability, Cisco has the full package.

    How are customer service and technical support?

    Technical support is very good.

    Which solution did I use previously and why did I switch?

    I have used FortiGate and Palo Alto.

    How was the initial setup?

    In terms of initial setup, it depends on the one doing it, but I never had any difficulties or struggled to integrate. For me, Cisco is always easy to set up. It's straightforward. Deployment is pretty fast, but sometimes it takes time to implement and to put into production. Deploying, confirmation, and then setting up the devices is straightforward. The most important part is migrating to production. This is sometimes the most important. Again, that depends on the criticality of the environment. It can be done in hours or sometimes weeks. 

    Under my supervision, for at least a hundred parts, one other person and I are needed for deployment. That's it. Two people.

    What about the implementation team?

    I implemented the solution myself. I am an integrator.

    What's my experience with pricing, setup cost, and licensing?

    The pricing is very expensive. Normally I do a yearly contract; I don't know the exact pricing, but it's around $75,000 USD per year. That's the standard licensing.

    What other advice do I have?

    Cisco is one of the greatest. The Cisco stack is the best. If you don't know it, don't go for the solution because it gets very complex. If you are new to the security, don't go for Cisco. But if you are experienced and you know how to do it, it's one of the greatest solutions.

    I would rate this solution 7 out of 10. The solution is always stable, but there are many security features that Cisco is behind on today. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    CE
    Solution Architect at Bilicha Technology
    Real User
    Supports mobile devices on an enterprise network firewall including iOS and Android

    Pros and Cons

    • "We use Cisco IOS Security mostly for routers to route off the firewall. It's a next-generation device."
    • "Most of their features are meant for Cisco. You cannot integrate them with any other vendor."

    What is our primary use case?

    I use Cisco IOS Security. We install it for people. We have a very small network station. We don't use Cisco IOS Security very often, but we install it for clients. 

    We use Cisco IOS Security mostly for routers to route off the firewall. It's a next-generation device. With firewalls, we can connect the solution for the mail cloud. 

    We've deployed with Fortinet FortiGate. We don't use it much. We use Cisco IOS Security to manage for enterprise clients.

    Our primary use case for this solution is in the insurance industry.

    How has it helped my organization?

    Cisco IOS Security has not improved my organization. We use it for our clients. It helps their workers to be more secure in operations.

    What is most valuable?

    We interpret the additional protection to be very important now. Cisco IOS Security is used with client mobile devices on the firewall.

    What needs improvement?

    We don't love everything about the product. For now, it's what we're using. It's okay. It is difficult to set up. The training is okay. The pricing is standard.

    It will be great if they can make it more easy to use the features. The interface is not user-friendly, but a normal IT technician can handle it.

    Most of the features only work with Cisco equipment. It's about connectivity. Most of their features are meant for Cisco. You cannot integrate them with any other vendor.

    Cisco needs to be more flexible with the integration of other solutions.

    For how long have I used the solution?

    I've been working on this for let's say three years now.

    What do I think about the stability of the solution?

    It's not stable if you don't have Cisco gear in your network. If you don't have Cisco equipment within your network, you cannot access powerful pieces of the software.

    What do I think about the scalability of the solution?

    The scalability of Cisco IOS Security is good. It's very fast. It's not universal because most of the features require you to have Cisco equipment in your network. 

    How are customer service and technical support?

    If you ask technical support on how to solve some issues, it does help. We do fine with Cisco support. It comes with the equipment.

    We provide our clients with six months of in-house support. We pay Cisco for it. The support is okay.

    How was the initial setup?

    The initial setup is straightforward, but when it comes to complex settings like the firewall, it is not easy. Most of the features that come with it work only with Cisco devices.

    You have to have experience before you try to use it. You need to make sure you have it your router by Cisco. Some features only work with Cisco equipment.

    What we do is we set up everything. We have to go on-site. It doesn't take time to deploy it. The time required to work on the project can take up to two weeks.

    What about the implementation team?

    We did the setup mostly with our team. We are consultants. We worked with a reseller. Cisco has an integrator software team too.

    What's my experience with pricing, setup cost, and licensing?

    Our licensing costs for the solution are on an annual basis. It should be every five years.

    What other advice do I have?

    On a scale from 1 to 10, I would rate Cisco IOS Security at 9/10.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
    FA
    Networks Lead Engineer at a mining and metals company with 1,001-5,000 employees
    Real User
    Top 5Leaderboard
    Increased endpoint security but is overall a very complicated product

    Pros and Cons

    • "Previously, anyone in the organization would see any data point in the wall. They could just go and connect their machine with that data point and could access the network. But now, even if someone came and tried that, they will not be given access."
    • "We have a very bad experience on the support. They take too much time requesting logs, and they are not coming directly online to resolve the issues."

    What is our primary use case?

    We use it for endpoint security, to control access to our edge level. Basically, Cisco IOS checks the identity of each endpoint (printers, etc.). There's a specific group allowing the printer to immediately connect to the network. Also, if there is a laptop, for example, then the IOS will tell you, okay this is a laptop, please add the user name and password to access the network. Once it gets authenticated with IOS, they will still do something like posturing, checking the compliance list. For example, if a laptop doesn't have an updated antivirus or updated patches - if it's non-compliant with any one of those things, the system will reject it and isolate it in a special network, so it cannot access our network. 

    How has it helped my organization?

    Previously, anyone in the organization would see any data point in the wall. They could just go and connect their machine with that data point and could access the network. But now, even if someone came and tried that, they will not be given access. Because Cisco IOS will ask for the identity. So, you will now need to give your identity. If you are not part of the organization, you will not be given access.

    What needs improvement?

    I think it's a complicated product. It is very complicated, especially in the design. If in some way you mess up the logic and design, you can really mess up and you will hate your life. The dashboard is actually very complicated. There's a lot of options. They don't need to do this. They need to make it more simple. Going to the direct point, showing what to do, where to configure, how to make the policy. They need to simplify the dashboard management more. Also, they need to improve the dashboard statistics. We need to see the statistics in a more organized way and clear. Reporting features, I think are also missing. It should be there.

    Maybe they need to add in posturing. Cisco is able to check if a device is updated or not. Taking action to isolate it outside the network, and then requesting automatically for the updates to that system would be helpful. It's something in automation they can improve.

    For how long have I used the solution?

    I have been using the solution for 1 year.

    What do I think about the stability of the solution?

    Initially, we faced some stability problems with the wifi systems. And sometimes it authenticates, sometimes it doesn't. But, overall, it's 90% stable. It's not causing many problems, because, no one is touching that. No one is touching that box.

    How are customer service and technical support?

    Their support was very bad. We have a very bad experience on the support. They take too much time requesting logs, and they are not coming directly online to resolve the issues. They keep asking about a lot of things. And they know that we are not expert in the system. So, we are wasting our time. And it takes time to respond. Sometimes one single issue will stay on the stack for three weeks, just to resolve it. The last ticket for me reached six weeks, not three weeks even. They are not like that in all products. Just this product.

    How was the initial setup?

    The initial setup was very complicated. For the initial setup, you need to configure the TAC servers and assigning the password, user name and the group for authenticating, etc. The deployment took more than three months.

    What about the implementation team?

    We used a vendor. We are not doing anything ourselves except for the basic things. We are using the vendors to do this. Not everything is handled by vendors; only, again, for the complicated products. We try to approach the integrators to do it.

    Which other solutions did I evaluate?

    I did not evaluate other options. I was thinking maybe Aruba might be a good option, but I did not switch over to it actually because Cisco's a big company and known in the market.

    What other advice do I have?

    Even now, we are not fully utilizing the features because it'll add complicated things. I would rate this solution 7 out of 10 because of both support and interface. After this experience, next time in any project we are going to go more secure. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    FadilKadrat
    Network Engineer at Banque des Mascareignes
    Real User
    Enables us to securely transfer data over the internet network but I would like the ability to automatically load balance

    Pros and Cons

    • "I'm able to transfer data over internet network security. With the GRE I'm able to transfer data within one bunch to another bunch in a public way, like the internet. The communication is encrypted and is private. It gives me added privacy."
    • "There's a technology called SD-WAN that we would like to see. We are unable to handle multiple connections or to automatically load balance. I would like to have a feature that enables us to automatically prepare for load balancing."

    What is our primary use case?

    I usually use it for GRE channels and VPNs. Is very stable and is a good solution. It has been stable.

    How has it helped my organization?

    I'm able to securely transfer data over the internet network. With the GRE I'm able to transfer data within one site to another sites in a public way, like the internet. The communication is encrypted and is private. It gives me added privacy.

    What is most valuable?

    The GRE kernels and IPSEC security are the most valuable features.

    What needs improvement?

    There's a technology called SD-WAN that we would like to see. We are unable to handle multiple connections or to automatically load balance. I would like to have a feature that enables us to automatically prepare for load balancing.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    It is stable but is missing functionalities. For example, everyone is bound to one single router. 

    This product is being used on a daily basis, 24/7. We are a bank, so it is always running. We have no downtime and our customers don't have any downtime. 

    What do I think about the scalability of the solution?

    You can do a lot in terms of the scalability. In my department, I have 11 branches that are using it and everything works flawlessly for them. 

    How are customer service and technical support?

    Cisco's technical support is the best. 

    Which solution did I use previously and why did I switch?

    I have previously used FortiGate and I didn't switch solution, I switched companies. Cisco is stable once it is up and running. You can forget about it, it's going to work unless the hardware fails. As your centers deploy, make sure it's configured and up and running. You just have to put it there and forget it.

    How was the initial setup?

    The complexity of the initial setup will depend on your level of expertise and your experience with the product. It was simple for me but I have seen others struggle with it.  

    Usually, when I did deploy I do it on a lap setup. The time it takes depends mostly on how we are going to plan the deployment. It can be done within a day or a week.

    What about the implementation team?

    Sometimes we will use an integrator for the deployment and sometimes we will do it ourselves. 

    What was our ROI?

    The return on investment has already been achieved and it is great.

    What's my experience with pricing, setup cost, and licensing?

    The solution is a one-off fee once, it's just a matter of whether we are using IOS security you want to use the IT functionality, you need to have the security licenses.

    What other advice do I have?

    It's a good product you just have to have someone that really knows how to configure it otherwise it's going to be a nightmare.

    I would rate it a seven out of ten. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    DH
    Operational Risk Manager at a financial services firm with 1,001-5,000 employees
    Real User
    Scalability and some enhancement to our security posture have been key for us

    Pros and Cons

    • "The most valuable feature is the scalability. The nice thing with the bigger vendors is that they're very good at scale."
    • "I would like to see much more embedded security that works and that isn't a bolt-on."

    What is our primary use case?

    We use it for routing and switching, VPNs, connectivity to some degree, and firewalls.

    How has it helped my organization?

    In certain spots it has improved our security program's maturity, for example around virtualization and network segmentation.

    What is most valuable?

    The most valuable feature is the scalability. The nice thing with the bigger vendors is that they're very good at scale.

    What needs improvement?

    I would like to see much more embedded security that works and that isn't a bolt-on.

    What do I think about the stability of the solution?

    It's pretty stable. The stability has been good.

    How are customer service and technical support?

    I would rate the technical support at eight out of ten. We've had a lot of good feedback. 

    Which solution did I use previously and why did I switch?

    Different products come and go but we've been using Cisco for 20 years. 

    What about the implementation team?

    We use every consulting firm and probably most integrators, depending on the project. On any day it could be Deloitte, Accenture, etc.

    What was our ROI?

    I'm sure we've seen ROI. Routing is better than picking up a file, carrying it to you and handing it to you. But it's been in place for quite a long time.

    What other advice do I have?

    Look at this solution and figure out what you're trying to accomplish. You should probably augment it with some other vendors as well. I'm not a big single-vendor type of person. I don't think anyone does it perfectly well. With Cisco, you bring them in for their core competencies which are routing, switching, and virtual networking. Then you augment it with some security vendors that have been doing security the entire time.

    I would rate it at eight out of ten. It's not a ten because of the criticisms around security.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Dmitriy Ronkin
    Networking Specialist at Transportation
    Real User
    EEM is a valuable feature for turning a Cisco device into a programmable device.

    What is most valuable?

    EEM (Embedded Event Manager) is a software component of Cisco IOS.

    I found that EEM is a handy feature [but it is an underdog for the end user] if fine tuning of monitoring is required or if you would like to turn a Cisco device (switch or router) into a programmable device (without fancy words like ACI or Python, etc.). It is low level but efficient and money saving. It is available by default (but check the IOS feature support first). For curious minds, it could be used in combination with IP SLA and tracking features, a network engineer Swiss army knife.

    How has it helped my organization?

    • Increased monitoring level for KPIs normally not tracked by network management systems.
    • Ability to correlate events and report back in a predefined format/customized message on the switch.
    • Making a Cisco switch act as a network event sensor is enhancing visibility on the network.

    What needs improvement?

    • Tailored monitoring/notifications and some sort of added intelligence moved now to the edge of the network. (Actually, it could be done at any point of network: core, distribution, or access.)

    What do I think about the scalability of the solution?

    As it is a tailored solution, it is not very scalable, but this is a trade off; you need a hammer or a scalpel. And EEM is a scalpel.

    What's my experience with pricing, setup cost, and licensing?

    No licenses but what comes with the features of IOS.

    Which other solutions did I evaluate?

    Before choosing this product, we evaluated other options. I looked for a tailored solution.

    What other advice do I have?

    The competition (like Juniper) do offer similar approaches (scripting capabilities, but I did not look into the details). The question is that in many cases, users are not extending their expertise to adopt these money/time-saving features that vendors provide with their OSs.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user5274
    Network Manager at a insurance company with 1,001-5,000 employees
    Vendor
    Good features. But when I converted it into a zone-based firewall, CPU utilization shot up and network performance slowed down.

    Valuable Features:

    1. Cisco IOS Security feature provides key features such as AAA, VPN, IPsec, content filtering, IPS, etc in all IOS based Cisco devices. 2. I like it because they include powerful security features that come with all Cisco Router and Switch from low to higher end. 3. It helped me to convert my Cisco router into a zone-based policy firewall. 4. It helped me to implement port security at my switch end. 5. I have implemented AAA in all Cisco routers and switch easily. 6. I have configured VPN server in a Cisco router with ease compare to OPENVPN configuration in a Linux OS environment.

    Room for Improvement:

    1. IOS security related IPS facility is not as strong as Cisco ASA and the signature file of IPS does not update automatically like Cisco ASA. 2. When I converted the Cisco router into a zone-based firewall, CPU utilization shot up and slowed down network performance.

    Other Advice:

    Cisco IOS security feature is the most robust and simple security facility which nice and small to implement. It helped me protect my network from external and internal attack.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user1998
    Infrastructure Expert at a tech company with 501-1,000 employees
    Vendor
    The Best network security OS

    Valuable Features:

    Cisco IOS is the best OS for Cisco routers and switches. There are a lot of plus points of using Cisco IOS. A brief introduction about them are as follows.AAA- Cisco IOS has a lot advantages while using AAA. It can use various encryption services which also includes EAP with Radius.Firewall- You can use Cisco IOS Advance IP Services for creating Zone based firewalls on Cisco Routers.TCP Intercept- It prevents DDOS attacks quite effectively.PKI- You can use RSA keys in PKI. Also lets you use Certificates in PKI.VPN- Almost any type of VPN can be configured using IOS security. Site to site or remote. 802.1X- This facility has helped a lot of organizations and ISPs to maintain authentication for their users.

    Room for Improvement:

    It is very hard to find any limitations of this OS Still when you use this as Zone based firewall you can see its limitations. You need to restrict traffic with ACL, which is fine but you need to create too many ACLs. Hence management of ACLs is a tedious task. Works better with TACACS+ which is Cisco proprietary. WAN connectivity is difficult on a router which is running IOS Security.

    Other Advice:

    The best OS from my point of view in Cisco IOS is Advanced IP Services. This OS has changed the definition of network security by using the router. The use of VPN concentrator is coming to an end because this OS can handle any kind of VPN using the router, so no need of VPN concentrators.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Download our free Cisco IOS Security Report and get advice and tips from experienced pros sharing their opinions.