We used Cisco ASAs, and they were all individually managed. We went from individually managed IDS and Firepower IDS solutions to this consolidated single management platform.

We chose Cisco Firewall over competing solutions because what you see is what you get. We liked that the changes are immediate. The way the logs come into our Splunk system gives us a good feeling about the stability and performance of Cisco products.

We used Check Point previously, and the reason we switched to Firepower was that it would be a common vendor and a commonly supported solution by our team. The consistency with Cisco is why we went with Firepower.

I've used a number of other competitive devices. I've customers running SonicWall, I've customers running Palo Alto, and I've customers running Fortinet. Cisco Secure Firewalls are excellent.

Cisco is at a really good place, especially with a lot of the recent updates that have happened. Compared to Palo Alto and Fortinet specifically, I find FMC is way easier to use. Specifically in the realm of cybersecurity resilience, it's for sure a much more effective tool than Palo Alto. Having come from Palo Alto, the way FMC surfaces threats and enables response to set threats is vastly easier for me and my team to work with, so we're seeing a lot more resiliency. We're seeing a lot quicker response to threats. We're seeing a lot quicker identification of threats. From that perspective, it's far and away better.

Cisco Secure Firewall is the best in the market right now. Palo Alto is okay, but Cisco is better. In terms of resiliency and providing actionable intelligence to a security team, I find Cisco products to be way better. Fortinet is also fairly easy to use. They have a lot of the same strengths. However, Fortinet's technical support is terrible. Cisco has a nice package of devices. It's easy to use. It's easy to integrate for the security team. It gives you a lot of actionable intelligence in your network. Having that kind of company and technical support to be able to back that up and be able to support the customers is very useful.

Prior to actually using Firepower, we were still a Cisco shop. We used Cisco ASA exclusively, and it was fantastic. But with the advent of Firepower, being able to manage, monitor, and upgrade has really cut back our time on those processes by less than half of what we had before. We were using the good old ASA for many years.

I don't believe so. We've used Cisco, at least for this specific use case, for a long time.

Palo Alto seems clumsy to me. I don't like it. It shouldn't be a guessing game to know where stuff is. Cisco is laid out in front of you with your devices, your policies, and logging. You point and click and you are where you need to be. 

I haven't used Check Point in a while. It's been some time but it's an okay product.

Previously, I used some Linux Servers with a software firewall for 20 years.
It was a Microsoft firewall, but I don't remember the name. It was a server that I had to install on the gateway.

For more security, we sometimes have two firewalls. We have other vendors in place, such as FortiGate or Palo Alto. We have Cisco at the front or at the end, and another vendor on the other side so that there is more security, and if there is a security breach in one solution, we still have the other one. These firewalls differ mostly in administration and how you configure things but not so much in terms of features. They may differ in small things, but in the end, they are all doing the same things.

I've used different concepts of solutions before Cisco. Cisco is much better than Juniper, Brocade, or Foundry, as it is much easier to use and get directions from. It is also easier to integrate Cisco if you compare it with other customer concepts, such as Juniper, Brocade, or Aruba.

Before I started, they also had Juniper SRXs. The big issue with them was the logging. It wasn't as good. We switched to ASAs for better stability, better management, and easier logging.

We haven't used any other solution for a long time. We have been a Cisco customer for a long period.

For the data center, we didn't have a security zone previously. It was one of the key requirements to come up with the security zone. We chose Cisco firewalls because we were implementing ACI in the data center, and we thought that having one vendor for both activities will reduce our time of implementation, which didn't turn out to be true.

We had previously used Check Point but decided to switch to Cisco Secure Firewall. The reason for this switch was the lower cost and our company's desire to remove Check Point from our environment. It was an excellent deal, and the technology was on par. We did not lose any functionality or experience any drawbacks by choosing Cisco over Check Point. In fact, I believe we gained additional features, and Cisco is more widely adopted and supported compared to Check Point. Therefore, I am confident that we made the right decision.

We had another product previously. All the vendors are doing a great job in security, but Cisco has such a big portfolio, and as a reseller, it's easy for us to be a one-stop shop for the customer covering wired and wireless networks, endpoint security, and so on. That's the main advantage of Cisco nowadays.

We were using multiple products in the past. Now, we have it all centralized on one product. We can do our content filtering and our firewall functions in the same place. The ASAs replaced two of the security tools we used to use. One was Barracuda and the other was the because of tools built into the ASAs, with IPX, etc.

When we switched from the Barracuda, familiarity was one of the biggest reasons. The other organizations I've worked in were pretty much doing Cisco. I'm not going to deride the Barracuda. I found it to be pretty close, performance-wise. In some cases, it was pretty simple to use versus the Sourcefire management console. However, when you went into the nitty gritty of things, getting down to the micro level, Sourcefire was far ahead of Barracuda.

Prior to using the Cisco Secure Firewall, we were using another vendor. The Secure Firewall was a big change for us. The legacy firewalls were very old and not particularly usable. We do still use another vendor's products as well. We believe in in-depth defense. 

Our perimeter firewall controls are a different vendor, and then our internal networks are the Cisco Secure Firewall. 

Comparing Cisco Secure Firewall to some other vendors, I would say that because we use a lot of other Cisco technologies, the integration piece is very good. We can get end-to-end visibility in terms of security. In terms of the cons, it can be quite difficult to manage firewall changes using the Cisco standard tools. So we do rely on third-party tools to manage that process for us. 

We have a multi-vendor strategy for the firewall so that if there is some security issue in the software or something like that, you are not directly impacted, and there is another vendor in between. If I compare Cisco Secure Firewall with the other vendor that we have in place, the pro for Cisco Secure Firewall is that detection is better with the database of Talos. The con that comes to my mind is the deployment time when you deploy a change. With the other vendor, the change is more or less deployed immediately, whereas, with Cisco Secure Firewall, you have to wait for a few minutes until the change is deployed. This is one of the biggest cons on this side because if there's a misconfiguration, you are not able to correct the issue as fast as with the other vendor.

That was long ago, but we had Blue Coat proxies before. We switched because of our strategy to go for Cisco as an ecosystem.

We chose Cisco products because we have a Cisco-first strategy. We typically check first with the Cisco product portfolio and then make up our minds. Historically speaking, it serves our interests best.

Prior to my joining the organization, there was a ransomware attack that encrypted data. It necessitated management to invest in network security.

When I joined the project to upgrade the network security infrastructure in our organization, I found that there was a legacy ASA that had been decommissioned, and was being replaced by the 5516. Being a type-for-type, it was easy to pick up the configs and apply them to the new one.

We were previously using a Cisco product. We replaced them awhile back when I first started, and we have been working with ASAs ever since.

We did have Junipers in our environment, then we transitioned. We still have a mix because some of our contracts have to be split between vendors and different tiers. Now, we mostly have Apollos and ASAs in our environment.

We have had clients who switched to Cisco Secure Firewall from Check Point, Palo Alto, and WatchGuard due to the features and support that Cisco offers.

I've worked with Check Point's firewall, and I've worked with Palo Alto's firewall. Things like packet capturing and packet tracing that I can manipulate to pretend I'm doing traffic through the firewall are a lot easier to do with ASAs than with other products.

We have other firewalls in our environment. We still use Palo Alto. We do have a little bit of a mix with Palo Alto in our environment, but in terms of VPN specifically, the way that Palo Alto does route-based VPN by default doesn't flow well with most people out there. It works great with cloud providers. Cisco can do route-based VPNs too. We have a route-based VPN solution with Cisco as well. We just use an ISR for that instead of a firewall.

While I have not personally utilized other security products, our organization also employs FortiGate devices and applications for security purposes alongside Cisco Secure Firewall.

We weren't using anything similar in this particular use case. We chose Cisco because they originally came on the recommendation of our networking partner. They came in with a strong recommendation from a strong partner.

I have not used other firewalls.

I have previously used Juniper. Our company decided to go with Cisco Secure Firewall because of the cost and ease of use. Also, the people in our team knew Cisco versus other solutions.

In our business, we have implemented a number of Cisco Secure products in our network infrastructure, including Cisco ISE as a AAA server, Cisco FMC Management Center for our firewalls, and Cisco FTD for Firepower Threat Defenses. We also use a TACACS+ server for our hardware. Cisco products make up the entirety of our infrastructure, including Cisco Nexus Switches, Cisco ACI fabric for our data centers, Cisco ASR Routers, and Cisco Wireless Solutions, which include WLC controllers, access points, and other relevant hardware. In our organization, Cisco is strongly preferred.

We did not previously use a different solution for this particular use case. 

We work with different vendors based on customer needs. We have a specification that we need to have a combination of different vendors, which is the best practice in the data center architecture and design. We cannot have one vendor at all levels, and we should have a combination. 

As a vendor, Cisco has a complete range of products to handle all the security aspects. When I look at the architecture design, the implementation of Cisco firewalls is the best. We have data centers based on Nexus for instance. We have routing components. All the compliance and architectural design requirements are met, and we can meet the customer needs according to the Cisco design guide and validation guide. When we look at the security aspect and the guidelines in terms of next-generation firewalls, in terms of redundancy on both sites or multi-sites, we have better performance with Cisco than other vendors in some cases.

We were previously using Cisco ASA for eight years. Now, we are using Firepower NGFW. We hope to continue using this product in the future, as long as there are no discouraging issues.

We are also using Check Point in conjunction with Cisco. We use Checkpoint for our internal networks and Secure Firewall for our outside network.

I have used this solution to replace different vendors, usually Cisco ASA that is reaching end of life.

The big three solutions, Cisco, Fortinet, and Palo Alto, are all really good but I tend to lean on Cisco versus the others because one of their strengths, in general, is threat intelligence. When you put a bunch of security people in a room then you have a lot of consensuses, but like anything, you'll have a lot of disagreements, too.

Each of these products has its strengths and weaknesses. However, when you factor in AnyConnect, which most people will agree is state-of-the-art from a security standpoint in terms of VPN technology, especially when it's integrated with Umbrella, it plays into the firewall. But, it always comes back to configuration. Often, when you read about somebody having an attack, it's probably because they didn't set things up properly.

If you're a mom-and-pop shop, maybe you can get by with a pfSense or something like that, which I have in my house. But again, if you're in a regulated environment, you're looking at not just a firewall, you're looking at all sorts of things. The reality is, security is complicated.

We previously used Cisco ASA as a firewall.

We were just looking for a different feature set. We found that ASA was rock-solid as a VPN piece. We wanted to separate the VPN from our firewall policy management, so we just moved it over to VPN as a solution.

We had a partnership with Cisco. They came in and redid the entire environment. Before that, there was no Cisco environment whatsoever. So, they came in with the Nexus switching and Catalyst Wireless solution, then the VPN came with that as well as the ASA.

Earlier we used the Cisco ASA Firewall. Now, it has been phased out. Firepower is categorized as the next-generation firewall, however, we haven't found the utility of that level in this product. It lacks maturity at many levels.

I work with Palo Alto, Fortinet, and Check Point for different parts of our IT environment.

In my previous jobs, I used Palo Alto and Fortinet. My current organization chose Cisco Secure Firewall because we use Cisco for the rest of our network, and it just made sense.

We have a Palo Alto core firewall, and we handle threat detection and intrusion prevention on that device. We don't use Cisco ASA for detecting or remediating threats.

Compared to other systems that I have used in the past, Cisco ASA is reliable, and it's not a very big hassle to set up. It's very good, and it just does its job. 

They had this firewall when I joined the company.

We also have Palo Alto that we use as a firewall for Layer 2.

I also have experience with Fortinet and Check Point.

In our company, we have used another firewall which we developed based on FreeBSD.

I, personally, used to work with Juniper, Check Point, and Fortinet. I used Fortinet a lot in the past. If you use the device only for pure firewall, up to Layer 4, not as an application or next-gen firewall, Fortinet is a good and cheaper option. But when it comes to a UTM or next-gen, Cisco is better, in my opinion. FortiGate can do everything, but I'm not sure they do any one thing well. At least with Cisco, when you use the IPS feature, it's very good.

We previously had a different platform. We wanted to converge multiple platforms into one.

I switched companies. So, I have more experience with Palo Alto.

The VPN solution works much better than our previous solutions.

We previously used Palo Alto. The switch was driven by Cisco's pitch.

I previously used Check Point. Check Point relied on a thick, Windows-based client and, at the time, did not support transparent contexts. However, Check Point has a solid management platform, which is something Cisco should take some pointers from.

We also use Aruba in our organization. We never have to factor in extra development time when we go to a new major version of Cisco. With Aruba, we have a pretty drawn-out development timeline for any upgrades or software improvements. Aruba and Cisco Secure Firewall are very different in their implementation and development.

I used only a couple of other products over the years due to client preference. In general, Cisco Secure Firewall is easier to deploy mostly because of the depth of personnel trained in it. Every other product seems to be a niche thing that two people know, but Cisco once again seems ubiquitous throughout the industry. Our customers choose Cisco for various reasons, from cost to a preference for Cisco. It meets the task that they need to meet. It's really the spectrum.

As a system integrator, our primary focus is not on selling products, but rather on providing comprehensive solutions to our customers, starting from scratch and ensuring everything runs smoothly. In this regard, we rely heavily on Cisco devices, including switches, routers, code devices, NK, Nexus, 7000, and 9000. We also use other Cisco products, such as IP phones and access points. In Saudi Arabia, Cisco is the most popular brand in the market, but its popularity is declining due to prolonged delivery times. Customers cannot afford to wait a year, and this is the primary reason for the decline in demand.

We are also selling Fortinet, Palo Alto, and Check Point. We sell all solutions, but I'm quite focused on Cisco. It's mostly because I have the most expertise and experience with it over the years. I've been working with Cisco security solutions for 15 to 20 years. That's where my expertise is, and with Cisco, you have a solution for everything. It's not always the best of breed, but in the overall solution frame, you have something for everything, and they interact nicely with each other, which is great.

We previously used Check Point. We had an option to connect all of our security products from the endpoint to the firewalls to SASE-based solutions. This is why we changed solutions.

We started with Firepower. It was one of the first products that helped secure our organization. We are close to sort of an advanced maturity, primarily compliance-driven. We are not there yet, but we are close to it. We are somewhere sort of in the high to middle area. We have sort of a high compliance-driven security and close to the compliance-driven area, but still slightly below it. We are still fine-tuning and implementing some security technologies. Then, within a year's time, these will be simply managed and audited.

We used Fortinet and that product was coming to end of life. We had been using it continuously for seven years, then we started to experience maintenance issues.

Also, we previously struggled to determine who were all our active users, especially since many were VPN users. We would have to manually determine who was an inactive user, where now the process is more automated. It also had difficult handling our load.

I have experience with Sophos.

We previously sold Fortinet devices. However, many of our clients switched over to Cisco because of the price as they are quite cheap. 

We have used Check Point and Palo Alto. We are still using those but for more internal stuff. For external use, we are using the Cisco client.

We are currently using a Check Point solution because this solution lacks by not having an application layer.

We had the old version of the Kerio firewall, but because in our country, there is no official dealer for Kerio, we moved to the Cisco ASA NGFW. This is the main reason why we moved to the Cisco firewall.

We decided to go for Firepower because we needed to expand, and we have a large installation of Cisco devices in our environment. It's 70% Cisco. We have one location where they are using Extreme equipment, but in that location also, we have Cisco firewalls. Having one vendor leads to ease of management. It's also easy in terms of competence. We have good knowledge of Cisco, so it's easy to maintain and operate a Cisco platform.

For network security, we have a central hub for all the external traffic. That is a huge load of traffic. On those applications, we are using Palo Alto. We have a mixed combination of Cisco and Palo Alto in our central locations.

Using Cisco firewalls has helped to eliminate or consolidate some of the tools and applications. We have some installations of AlgoSec to see what's going on or how the performance is, but we have, more or less, decided that we don't need them now because there is so much information that we can pull from CSM or FMC.

This was the first solution we were using.

We are primarily Cisco housed, and I believe that practically everything is Cisco. 

It might be part of the contract for a small fee. I don't think there's any particular reason.

I am familiar with CheckPoint, as well as Microsoft ISA.

For me, there wasn't a previous solution here. I inherited the solution when I came in.

I also work with Fortinet, and it's my sense that, while Fortinet is getting easier to use, Cisco is getting harder to deal with.

Years ago, I used different firewalls like Juniper, but mostly, it's been fixed to ASA and FTD. We switched to Cisco because our customers were using Cisco.

We have been using different Cisco firewalls for a long time. We are currently using Cisco Firepower and Cisco ASA. Cisco Firepower is better than Cisco ASA, but stability is an issue.

We previously used Palo Alto, Fortinet, and Cisco Firepower. We switched because Cisco is more stable and offers easy deployment for the platform.

In the old days, we used Check Point. We did an evaluation of the Cisco ASA and we liked it and we brought it on board.

At that time, it was easy for our junior operations engineers to learn about it because they were already familiar with Cisco's other products. It was easier to bring it in and fit it in without a lot of training. Also, the security features that we got were very good.

We made a gradual transition from ASA to Firepower because they first had this as Sourcefire services. That is what we used to install first for our customer base. Then Firepower defense appliances and firmware came out. It was a natural process.

For the past four to five years, we have only had Cisco firewalls. However, for some of the branches, we are using Palo Alto firewalls. It depends on a client's requirements, applications, security, etc.

We previously used Fortigate.

In the past, I've worked with Check Point and Fortinet as well.

I was using Dell SonicWall before Cisco ASA Firewall.

We used to sell Palo Alto firewalls and switched to Cisco because it was more cost-effective for clients.

As a Cisco reseller, I try to give our customers the best possible solutions for their problems.

We previously used CheckPoint and Fortinet. We switched from CheckPoint because it was unsupported, and we wanted to move to a next-generation firewall.

We went to Fortinet, and when we switched over, it caused a huge network outage. The Cisco engineers helped fish us out of that. Our GM at the time preferred Cisco, and we switched to Cisco Firepower NGFW Firewall.

I didn't use another solution previously.

Cisco has been a leader in firewalls, and the US government primarily chooses Cisco first, before it chooses competitors.

Cisco ASA and Firepower NGFW is the first firewall solution that I have and am still using.

We have firewalls from other vendors, but we will be moving over to Cisco. When we have the same vendor, it would take less time to train people to do their job because there is one technology rather than four or five different ones.

In the last 10 years, we were using the Barracuda Web Security. Compared with that product, I would give this solution six or seven out of 10 when compared to Barracuda. Barracuda has one of the best web security features, giving access to users by deploying a web agent on client computers at different sites. 

Barracuda Web Security's hardware was obsolete so our management never tried to renew its license. That is why we are trying to use the Cisco Firepower module. We want to understand their web security gateways, web security logs, what it provides, and the kind of reporting it has. We are currently doing research and development regarding what features and facilities it provides us compared to our requirements.

We used FortiGate Firewall, but we are replacing it with Cisco Firepower NGFW Firewall because we had issues with HP solutions. We also switched because I am Cisco certified, and my background and expertise are in Cisco.

I have had experience with the Fortinet FortiGate firewall. It is very easy, and it does its job very well. Both Firepower and FortiGate do their job very well, but I like the Palo Alto Networks firewall the most. I have not experienced it in a real environment. I have placed it in my lab. It is a very complex firewall, and you need to know how to configure it, but it is the best firewall that I have seen in my life.

As compare to the Palo Alto Networks firewall, both Firepower and FortiGate are simpler. You can just learn which button to use and how to write rules, policies, etc. In Palo Alto, you can not guess this. You should know where each button is, how it works, and what it does. If you don't know, you cannot get the performance you want from Palo Alto. So, Firepower and FortiGate are easier to learn.

Firepower is very good for a small implementation. If you are doing a Cisco setup, you can place kind of 16 devices in one cluster. When it comes to the real environment, you need to have maybe three devices in one cluster. If two of them are in one data center and the third one is in another data center, the third firewall does not work very well when it comes to traffic flow because of the MAC address. When you want to implement Firepower in small infrastructures, it is very good, but in big infrastructures, you would have some problems with it. So, I won't use it in a large environment with five gigabits per second traffic. I will use the Palo Alto firewall for a large environment.

We did use Juniper's NetScreen product on and off for a while. We stopped using it about ten years ago now.

We had previous experience with the Cisco gear, so we were comfortable with it, and Juniper bought the NetScreen product and sunsetted it. You had to move into a different firewall product that was based on their equivalent of IOS, something called Juno OS, and we didn't like those products. Therefore, when they sunsetted the Juniper products, we looked around and settled on Cisco.

For our remote sites we didn't use a specific security platform. We had the Cisco router itself and the protection that the Cisco router offers. But of course you can't compare that with a next-gen firewall. But here in our headquarters, we currently use Palo Alto for our main firewall solution. And before Palo Alto, we used Check Point.

The decision to use Cisco was because Cisco could offer us an integrated platform. We could have only one router at our remote sites which could support switch routing with acceleration, for IP telephony and for security. In the future we also intend to use SD-WAN in the same Cisco box. So the main advantage of using Cisco, aside from the fact that Cisco is, course, well-positioned between the most important players in this segment, is that Cisco could offer this solution in a single box. For us, not having IT resources at those remote sites, it was important to have a simple solution, meaning we don't have several boxes at the site. Once we can converge to a single box to support several features, including security, it's better for us.

The main aspect here is that if we had Fortinet or Check Point or Palo Alto, we would need another appliance just to manage security, and it wouldn't be integrated with what we have. Things like that would make the remote site more complex.

We don't currently have a big Cisco firewall to compare to our Palo Alto. But one thing that is totally different is the fact that Cisco can coexist with the router we have.

We were using Juniper SRX5600. The switch was more a strategic decision than a technical one.

We are also using a 5520 for seven years in our datacenter and we are satisfied by this version.

We're a multi-vendor shop when it comes to firewalls, and we use Check Point and Palo Alto in addition to Cisco. We used to have Fortinet but that amounted to too many vendors.

When the Cisco product changed from legacy traffic inspection to the new Firepower it became a next-generation firewall. It was just a new product. That's why we decided to try it and stay with Cisco. It's like two different products: the legacy product and the new one. The legacy product was much simpler and the new one is, obviously, more complex.

I work with a lot of different companies and a number of different firewalls. A lot of times it is really about the price point and their specific needs. 

This solution was present when I showed up.

We haven't really used anything different. The only thing that we run inline with Cisco ASAs is Barracuda Networks. We kind of run that in tandem with this firewall, and it works really well.

We did not previously use a different solution. When the office was launched we implemented Cisco as a fresh product.

We are using a Cisco ASA Firewall, as well as Sophos at the remote sites. We are using another product is for log collecting. There are three solutions that basically cover us for security purposes. Those, at least, are the physical devices we are using as of now. The rest are cloud solutions such as Nexus. 

That said, I personally, have used Sophos XG as a firewall in the past. Sophos is good in terms of traffic blocking and identifying interruptions to the traffic. The features are better on Cisco's side. For example, there is two-factor authentication and a remote VPN. The only benefit I found in Sophos was the way it dealt with the traffic. 

We were using the SonicWall solution prior to this one, but it reached end-of-life because we had updated our architecture. This is why we migrated to a next-generation firewall. We had also been using Fortinet FortiGate.

We have always been using this same solution, but previous versions. We update them in trying to keep up with the amount of data coming through, such as more streaming.

I didn't use a different solution in my bank, but on some other enterprise jobs, I used some unique firewall solutions. 

Since I have been at the bank, only Cisco ASA has been deployed. We just added two new modules. In the bank, we only use Cisco ASA solutions.

We have other firewalls, and it hasn't helped to consolidate other solutions. We have to use the Cisco firewall and other vendors because of internal law. We have to use two firewalls, one from vendor A and the other one from vendor B.

We went for Cisco because it's affordable. It's something you can trust. It's something you know. It's a valued product. 

The challenge we wanted to address was scale. We're growing and we needed something a little more robust, something that could hold a big boy. We've got a lot more employees and we were using an older version of the hardware, so we upgraded to the newest version of the hardware, given that we're familiar with it. It solves our use case of allowing employees to work from home.

We have always had ASA since I have been at the company. The ASAs were in place and we have upgraded to newer ASA Next-Generation Firewalls.

We went with Cisco because it's a reputable brand and we also have CCNP engineers in our team as well. It's the brand of choice. We were also familiar with it from our past jobs.

Although I work in Korea, I needed a means of deploying computer systems in other countries. Two or three years ago I was looking for a proper solution that would cover global sites. I chose Cisco products because Cisco has a very large presence all over the world.

We also have experience using FortiGate.

We've been with Cisco and haven't had anything else yet. We haven't had a desire to move in a different direction. We've stayed with it because of how good it is.

We were initially introduced to Firepower by a consultant. At that time, it was for the web filtering because the web filtering we had was awful. We were using Sophos. Without getting too derogatory, it was just awful. There was no alerting and it was very hard to manage, whereas this is really easy to manage. With Cisco, it was very easy to set up content groups, to allow some users to get to some stuff and other users to not get to it. That's where it really started. There weren't any pros to Sophos that weren't in Firepower. We got rid of Sophos.

Since I have worked in this organization, Cisco has been the primary product that has been deployed.

The previous firewall was a Cisco SA520W. This device was great as it was a firewall, IPS and WLC all in one. I switched due to this device being EOL/EOS. Also, the main complaint about this device was that with the IPS enabled all traffic was slowed to a crawl. I would rate the SA520W as 3/10.

We use a variety of tools in the organization. There is a separate department for corporate security and they use tools such as RedSeal.

In the networking department, we use tools to analyze and report the details of the network. We also create dashboards that display things such as the UP/DOWN status.

We have also worked with Cisco ASA, and it is much better. Firepower has a lot of issues with it but ASA is a rock-solid platform. The reason we switched was that we needed to move to a next-generation firewall.

We have used the Check Point firewalls as well as several different vendors.

We didn't have a previous solution.

I have used Palo Alto and Fortinet. We switched mainly because we were trying to unify all our products. Instead of using multiple systems, everything with the Cisco solution is end-to-end with different views of security. Some of them wanted to be diverse, keeping things separate. For others, it was easier if everything was just with one vendor. Also, if you are Cisco-centric, it is also easier.

Since I have been using this solution, I have seen it grow. When they first started doing it, it was more like, "Here's the command line. Here's what you got to do." Now, it's easier for a new engineer to come on, and say, "Okay. Here, you are going to start supporting this, and here is how you do it," which has made life easier. Since it is a repeatable thing, no matter which company you go to, it is the same. If you get somebody who is doing it on the other side of the VPN, it is a lot easier. So, I like the Cisco product. I have used several different ones, and it's like, "Well, this is the easiest one." It might be just the easiest one because I have used it long enough, but it is also a good product. It just helps us be consistent.

I have also worked with Fortigate.

I have also used other solutions like Palo Alto. The capabilities are pretty much the same. It is just a matter of how they integrate with the overall landscape of the customers. Palo Alto seems to be the top end firewall these days, but the customers might have purchased Cisco in the past or have a DNA subscription using which they could probably take advantage of the security landscape that Cisco offers. It is more about what is the overall benefit rather than just the appliance.

We have used Check Point and one more solution. The main difference is in the IPS signatures. Cisco Firepower has precise and most updated IPS signatures.

We did not have a previous solution.

Most of our clients were on Cisco ASA.

Most of the time we replace Sophos, Check Point, SonicWall, and Fortinet firewalls with Cisco firewalls. Customers really like the overall integration with SecureX. They see the advantage of having more security products from Cisco to get more visibility into their security. We also replace old, non-next-generation firewalls from Cisco; old ASAs.

We also use Palo Alto, Check Point, Fortinet, Juniper, and Microsoft. 

Cisco came into firewalls much later. I would say they're top ten but they're not number one yet. They need to do more work. Cisco does better than the smaller players. 

The best firewall option is Palo Alto. 

Considering the expertise and the way they detect an advanced attack, Palo Alto is better than Cisco. 

We did not use any other solutions. Our strategy from the beginning has been to grow with Cisco. However, our customers have the final say in which solutions they choose and sometimes that's not Cisco. That has much to do with their previous beliefs and brand loyalty and trust. The customer's opinion matters and if the customer is loyal to Palo Alto, we are going to have a hard time getting them to make the switch. 

We sell a lot of different firewall varieties including SonicWall, Cisco ASA, and FTD. 

The previous usage was with an ASA that had FirePOWER services installed.

No previous solution was used.

We were previously using Fortinet. We switched to ASA and Firepower when our contract with Fortinet ended. Now, we are only using ASA.

We previously used Juniper SRX. We switched because we have a contract with Cisco. This was the cheaper option and was faster.

I also work with Fortinet and Palo Alto. Fortinet is also a really good product but Cisco is a leader in next generation firewalls and now that they are catching up to Fortinet, they have provided a lot of features and flexibility. I personally see Cisco as being good for large enterprise companies and Fortinet is better for families as well as small and medium size businesses. When it comes to Palo Alto, the high price point is one thing that is an issue, some companies are unable to afford it. Palo Alto is good but Cisco is catching up to them and I believe in a year or two, Cisco will probably match Palo Alto as well and be much better. 

I have dealt with four or five others, but so far, I have the most experience with Cisco.

Recently, I worked with the new FTD 1000 or 1100 series, and they do a lot.

Before FirePOWER we were using the ASA.

I previously used Juniper before Cisco, but only for one year. I switched because my company only used Cisco.

Previously, we sold Check Point and Palo Alto.

We choose to sell Cisco because it has been approved by NATO. Our clients use a strictly offline infrastructure, and there were significant issues with Check Point. In addition, we have good support from the local Cisco office, and they also suggested that the end user goes with Cisco.

As a Cisco Secure Firewall reseller, the value we bring is very good support. You will not get the same level of support from some other vendors. For instance,  Palo Alto and Check Point don't have direct support like Cisco. They have third-party support. Thus, you may get a response only when you escalate the issue to the third tier of the service level. With Cisco, everything is resolved within a day.

Our bandwidth was increasing, and the number of services that we were hosting was increasing. Our old solutions couldn't catch up with that. We had some really old D-link firewalls. They were not enterprise-level firewalls.

After our IPS subscription ended, we couldn't renew it because Cisco was moving to the next-generation firewall platform. They didn't provide us with the new license. Therefore, we decided to move to Palo Alto. The procurement process is taking time, and we are waiting for them to arrive.

We have another product that monitors all traffic. It just sits back and idols in the background — It integrates, but it doesn't if you know what I mean. It's a separate dashboard, but it alerts us. We can control the security — level zero through one hundred. If a threat registers above 54% (we have the limit set at 51) it alerts us. If it's a specific threat, it can shut down services, ports, machines, authentication, and so on and so forth.

We also use AMP, Umbrella, SecureX, and Duo. They're pretty easy to integrate. I wouldn't say beginner level, but if you have a working knowledge of networks and security, you can easily get them integrated. Also, if you need help, Cisco's always there to assist.

We use Firepower Management Center — it's a wonderful tool. It has an awesome all-in-one pane of glass dashboard so you can manage multiple devices from one dashboard. It's also very easy to set up.

We used to use SonicWall. Cisco was purchased right before I came on board, but from my knowledge, we had issues with the licensing of SonicWall. We are a Cisco shop. Both my manager and I prefer Cisco over other vendors. We have more experience with Cisco and their customer support and the products themselves are just better in our experience.

I work with a lot of different IT products including three different firewall solutions in the past 12 months.

We were using the ASA 5505 and our network is faster now, so we are now in the process of upgrading our network to the 5506 model. The 5505 is a 100 megabit product, which is very low.

We've been with Cisco for a long time. We've used their routers and gadgets for years and years.

I had not previously used another solution.

About one-and-a-half years ago we implemented a different solution to handle certain situations like BGP. But when we upgraded our Cisco devices just few months ago, we could have BGP on ASA. Now our devices from Cisco have enhanced capability, not just something new and maybe less dependable. Implementing BGP on ASA was a late addition. It had been tested, the bugs were worked out and engineers wanted the solution. The stability of ASA as an older solution is what is important.

We have only been using Cisco solutions.

We were previously using Sophos firewall but it had a lot of issues. 

We use MySQL and Nagios devices alongside the ASA as our network infrastructure needs expanding and required more serious hardware solutions.

We migrated from Cisco AC520 to the Cisco NGFW. We have also used HPE and IBM switches, as well as FortiGate firewalls. We are now completely Cisco.

Previously, we were also using AlienVault and it was easy to integrate with Cisco devices.

This is the first product of this nature that we have implemented. We didn't previously use a different solution.

We previously used an ASA 5500, and it was simply time to upgrade it. We used this solution as a direct replacement.

We didn't previously use a different solution.

Our company has used various other solutions in the past. We've decided to also install Cisco ASAv to add extra features to our system.

We were previously using Cisco ASA without Firepower. We switched to Cisco Firepower because Firepower has more features, like malware inspection, and more possibilities with identity management.

I usually have to take what is there. If I had a choice, I would now take something newer.

Previously, I used ASAs without FirePower; and unsure what my company used prior to that.

I have used Fortinet, Check Point, and Palo Alto firewalls. Most of those solutions have everything integrated into them so you don't need multiple appliances. You get a single solution for your network. It would be better to have a centralized firewall, from Cisco, that can do everything.

I have hands-on experience in both Fortinet and Palo Alto. So if I were to compare this to Palo Alto, for example, I would say that the user interface in Palo Alto is a lot better. But the reason that I'm working with Firepower is that we have a Cisco network as well, and Cisco ISE. We're trying to integrate different Cisco solutions. We're trying to utilize the ecosystem benefits where I can connect my Cisco Firepower to ISE and have it talk to the App Cloud. There's a benefit of utilizing Cisco Firepower in conjunction with our other Cisco solutions.

Ease of management is similar with Cisco and Fortinet, I would say similar, but it's easier in Palo Alto.

I also have experience with pfSense.

Before the Firepower I was using a traditional firewall, the ASA 5510. We went to the Firepower because the 5510 did not have port security, anti-malware protection, or IDS/IPS.

I have seen a lot of events using the Firepower: vulnerability events, countries, and IPs. As a result, I feel I am secure when compared with other firewalls. With my previous firewall, I didn't have the option of blocking a country, website, or IP.

Previous to this we had just a normal firewall that I didn't like. It didn't provide enough.

I used a different solution before. I used Meraki and it was a little simpler to use. However, currently, I only have Cisco routers.

We were using SonicWall before.

When selecting a vendor, the most important criteria include:

• Security - the ability of the technology from a security perspective.
• The ability of the company to support the technology - knowledge of the product by the company. It may sound really silly to say that, but you'd be surprised how poor some companies' technical support is.
• The financial stability of the company.

We did not use a previous solution. FireMon was implemented as part of a security mandate and we chose this product over its competitors.

I did use and deploy different firewall solutions for various customers. But every customer has his own pain points. For example, for one of the customers, he was purely looking for URL filtering. We went with Sangfor IAM in that case. They have a very strong focus on application and URL filtering and user behavior management. Plus, reporting was very extensive. 

I didn't previously use a different solution. We used Cisco and then we upgraded to ASA. 

I previously used SonicWall. I'm not the one who decided to switch, I just know that previously we used SonicWall.

I used to work with most of the hardware firewalls, Cisco ASA is reliable and few technologies are good enough to compete for the market (VPN, Modular policy framework, NAT, etc.).

Not in my current organization.

I have used both ASA and PAN. Different strokes for different folks.

We chose FortiGate from Fortinet as our Next Gen Firewall solution because of the higher value for our money.

I have migrated some set-ups from Cisco to Juniper, but not from Juniper to Cisco.

We also work with Fortinet and Palo Alto, for example. As a reseller, we work with many solutions.

I don't know the exact product they were using before but I think it was just proxy. When I came to the company, the Cisco solution had already been installed, so I don't know the exact product from before.

I think the main reason why they would have switched is the stability and possibilities are better than just proxy. Cisco is very different and more powerful than the other simple products. It's very stable.

We used Fortinet FortiGate, but as an early gen "NGFW" it was outdated. We have issues we don't believe would be resolved with their latest offering, so we didn't even evaluate it.

Cisco ASA.

We previously used Checkpoint, and I switched because Checkpoint was expensive but now it looks like Cisco is following the same route.

I have previously used Fortinet firewalls that I have found to be better.

We are also using Palo Alto. It's very easy to manage, especially the UI system. You can do anything you want.

I was using a different solution prior to this one. I shifted because I found that it can heal my pain at least partially. By the end, it did the job and more.

We chose Cisco because it had the full package that we were looking for. 

We previously used ASA, which is a regular firewall. We switched to Firepower because it has a lot of features. It is one of the best firewalls in the world so we shifted to Firepower.

Before, I did not manage my private network well (or professionally). For this reason, I have been updating products.

Some of my customers switched from ZyXel to Cisco and this is an obvious decision for me. It will be much harder to imagine a customer replacing Check Point or Fortinet with Cisco.

I used to work with open source solutions, but the support and complication behind them was definitely not OK. If you want to have flexibility and stability, you have to move on to something that receives more development in that specific area.

As a Cisco Gold Partner, we always proposed Cisco firewalls for our clients.

I've used Palo Alto's FW/IPS offerings and Cisco's older IPS platform on the ASA. Usually, I don't decide what organizations purchase, but I am impressed with SourceFire's capabilities over the latter.

I was not consulting with this client when they implemented the Cisco ASA.

This is a hardware-based device, versus a virtual one, so it's maxed out.

This was the first firewall solution that I worked with.

We did previously use a different solution. They had two different solutions. One was Cisco ASA itself and before that, they used Check Point.

We are a Cisco company and that's the reason they are moving from one Cisco product to another Cisco product, which was better than the previous one. So, that was a major reason for the switch. I would say the other vendors are improving. This company was just Cisco oriented so they wanted something Cisco.

The previous solution was based on software firewalls that where not able to perform as the Cisco ASA

3Com TippingPoint as IPS, Zyxel ZyWALL ZyXEL ZyWALLas VPN server. Cisco has good documentation and it is easy for Cisco certificated engineers.

We used to have a SonicWall and an older ASA 5510 platform. Both were replaced by a Cisco ASA cluster using a pair of 5525x.

We implemented ASA after a complete redesign of our network, and we believe that Cisco ASA is the right solution for our needs.

I have used other solutions in the past, such as Cisco Firepower. I find Cisco products to be superior.

I used Cisco ASA Firewall, but in our specific environment and not for the whole network.

Previously, we did not use any other solutions. Our company is almost 11 years old and have been using this solution for ten years. We have been using this solution from the beginning.

Before I used Fortinet FortiGate. But when I moved from the previous company to this company they had a different solution. That is why I switched.

We used to use Fortinet, but we switched because of the lack of integration.

I haven' t used another solution.

Cisco ASA firewall is most reliable to protect the network, therefore I switched.

Checkpoint Firewalls - the primary reason we switched was cost and limited support options.

We did use another UTM solution before for firewall, URL and band management. We didn't switch, we just have two layers now. If we want to use Cisco for band management or URL safety, we have to pay a license fee and it is very expensive.

We've been using Cisco. Prior to this it was Cisco ASA. This was the next evolution.

When selecting a vendor it is important that they have positive industry feedback, that they are a visionary leader.

We have almost 99% Cisco based infrastructure.

We use this solution together with Palo Alto, depending on the use case. 

Our implementation of this solution was driven by the customer.

We have been using Cisco for a long time, various models. We had PIX, then ASA. We were quite comfortable with the performance, it never failed. But our old solution was coming to end-of-life. Also, this is able to more block more threats from the application layer, etc.

The most important criteria when selecting a vendor are 

• reputation
• technology
• features
• cost.
  

We have only used Cisco security devices.

We are part of the integrator space. When we changed products, it was to displace a product that no longer met the client’s requirements.

Not reliable for long term -- seem inferior quality

We previously used Microsoft ISA and switched because it's no longer supported.

Previously, we used other products. We used Fortinet and CheckPoint.

We typically offer clients a few different solutions. For example, we may recommend Fortinet.

I was actually using ASA and I switched to another one.

Mainly customers switch from other vendor because of VPN features, ease-of-management, and good consultant/partner relationship.

No previous solution was used.

I have knowledge of Palo Alto and Fortinet.

While those two are easier to set up and control, nothing compares to Cisco in terms of security. They're very strong in that regard. We also find Cisco to be more stable.

However, we only use Cisco firewalls in our organization. We don't use anything else.

Old ASA 5500. Natural upgrade to next generation functions.

We were using TippingPoint as an IPS and ZyXEL ZyWALL as a VPN server.
Cisco has good documentation and it is easy for Cisco certified engineers.

Prior to Cisco ASA, my client was using Fortinet FortiGate. They switched because there were complaints about the connection being slow.

We did not use a previous solution.

We moved our VPN termination from a Cisco ASR to an ASA. We switched because the ASR was not scalable and we realized it was a bad idea to use the same device for routing and VPN termination.

Mainly switching from the old Cisco PIX to a new Cisco ASA. The reason for switching is to get a higher throughput, and due to the fact the that the Cisco PIX went EoL.

I have used Fortinet, Palo Alto, and Check Point previously and I prefer the process of everything working together. We are in the process of moving on to Fortinet from this solution.

The previous product was limited in throughput and security.

We were looking to upgrade to a comprehensive firewall solution that integrated Next Generation Prevention System (NGIPS).

We started with Cisco Firepower.

SonicWall.

Version 5515 is better than 5510 or 5505.

I used a Cisco 881 router as a firewall and VPN solution. ASA allows conformity and various amounts of functionality in work.

We previously used IPtables, and switched because there was a lack of technical support, RMA, etc.

Prior to the Next Generation firewall, my clients were using Cisco ASA for more than 10 years.

We switched from our previous solution because of scalability issues.

I've only worked for integrator or ISP organizations. Over the years I’ve worked with multiple solutions offered by different vendors due to my customers’ budgets or preferences. What makes it the best of all the solutions I’ve worked on is the stability and its hardware.

I have migrated customers from Cisco's competitors to ASA's.

Initially, we started with some open-source alternatives, like Opium, but eventually, we thought of moving towards a proven solution. We just did a study. We didn't put the open-source solution into production. One of our customers was basically suggesting us to go with this one, and we went for it. We did not get time to go through, study, and explore different options because we didn't have the bandwidth for testing the complete features of the open-source alternatives. Therefore, we thought of going for a commercial solution. A lot of alternatives are available right now for this solution.

We did not previously use a different solution. 

I worked with Cyberoam and Fortinet UTM at my previous job. When I joined my present company, they were already using the Cisco ASA solution. But my present company may switch to other vendors, especially Fortinet, because of the license renewal price.

Watchguard Firewall. Switched due to license cost.

Yes. We changed for no special reason, just to mix things up.

We used Cisco PIX.

No

I previously used CheckPoint, and switched because of the UTM features.

Yes and we switched because we needed a fully redundant solution.

We have some experience working with Palo Alto and Fortinet solutions as well.

We’ve always used ASA from the get go. We added the UTM is to compliment it.

We didn’t have a previous solution. I actually searched after another solution.

Yes, I used a normal model of Cisco ASA and found it a  very successful experience. Therefore we have it to a more advanced ASA box for improved, and more advanced, security management.

We have used it from the beginning.

No, I worked with this product by working for a client.

We have always been with Cisco.

Check Point. We moved to Firepower as an internal firewall to manage internal access and other network load.

There was no other solution in place.

I worked with Check Point, but Cisco Firepower is better. It was an easy transfer to this solution. We chose Cisco because of its trustworthy reputation. They're a big, recognized brand.  

The most important criteria that we consider when evaluating a solution are performance, administration, and price.

I implement solutions on several clients, Redneet is a technology integration company and I prefer Cisco ASA for my security solutions.

I previously used a Fortinet solution. I switched to Cisco because Fortinet lacked
stability and robust troubleshooting features.

Previously, I was working with Fortinet. I would most likely recommend Fortinet, because of the price and the security fabric integration with other products. It's scalable as well, and all of the FortiGate features are useful.

It's very easy to implement and it's very easy to administrate.

We just shortlisted Cisco and Fortinet.

I used Juniper Networks and I switched due to the lack of technical and sales support in Romania.

Yes we previously used Linux and we moved because Cisco is great.

No, Cisco was part of our solution from the start.

I have not worked with equipment from OEMs other than Cisco. It's the only vendor I use.

I couldn’t meet all my needs with the Cisco 5505 so I changed it with a next-generation firewall.

Yes we did, but we switched due to Ciscos ASA's ability to support big data stream in some networks.