Cisco Secure Firewall Scalability

JT
Network Administration Lead at Forest County Potawatomi Community

Scalability is also excellent. I don't have any complaints about it. As long as you're willing to put the money forward, they are very scalable, but it's going to cost you.

Their ability to future-proof our security strategy is also very good. They continuously improve on and add items, functionalities, and features to their software.

User-wise, the government side of our organization doesn't have that many. There are maybe 1200 altogether. We had to upgrade our 5555s to 4110s and our 4110s are just about maxed out. We're pushing the max of the capabilities of all the equipment that we have. The 4110s average about eight gigabits a second all day long, for about 12 hours a day, through each of the devices. There are terabytes of traffic that go through those things a day.

We're always increasing the usage of these devices. They are the core of our network. We use them as our core routers and all traffic goes through them. They are the integral part, the center of our network. They're everything for us.

We have three people on our network team who maintain the entire network, including those devices. 

View full review »
RV
Principal Network Engineer at a retailer with 10,001+ employees

There haven't been any performance issues. We run HA clusters and don't do multiple clusters for scaling. We scale the boxes to our performance needs. We have nine staff members who work with this solution.

View full review »
Daniel Going - PeerSpot reviewer
Managing architect at Capgemini

It's tough to scale because it's a firewall appliance, but in terms of the ability to deploy it virtually, it's inherently scalable. That is, as far as a firewall can scale, it's very scalable.

View full review »
Buyer's Guide
Cisco Secure Firewall
March 2024
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Josh Schmookler - PeerSpot reviewer
Network Engineer at Aton Computing

I've implemented them anywhere from a 500 MB throughput device up to a 20 GB throughput device. Particularly around scalability, some improvements in terms of clustering would be good.

View full review »
SB
Director & CIO of IT services at Connectivity IT Services Private Limited

Cisco ASA Firewall is scalable to a certain extent.

View full review »
EV
IT Technical Manager at Adventist Health

Scalability so far has been fantastic because we started with four Firepower Threat Defense boxes, but really after that, now we have 14 and we're going to be pushing that to 44 to 46 devices. The implementation has been pretty seamless and pretty easy. It's been great.

We use it exclusively for edge and core for firewall and for policy and for IPS and AnyConnect. We plan on continuing to integrate that tighter. So in the future, we probably will not grow that many physical devices, but we plan on actually integrating those tighter into the system, tighter with integration, with Cisco's ISE, and tighter integration with our ACI infrastructure. So at the end of the day, we don't see us going any further away from using Firepower as our core security edge device.

View full review »
James-Buchanan - PeerSpot reviewer
Infrastructure Architect at a healthcare company with 10,001+ employees

We have 105,000 users, and they all have access to use a VPN to connect back into our network. We found that it works very well for us, and it's very scalable to the number of users that we have. That's why we continue using it.

View full review »
Robert LaCroix - PeerSpot reviewer
Network Engineer at Red River

I'm a team of two. Either I'm looking at it, the other guy's looking at it, or no one's looking at it. It's part of my daily routine as I get in there and I make sure that I have the status quo before I move on to other projects or other tickets for the day. It's a daily process. They log the information right in.

I'll find out about scalability in a few weeks. I need to change out some firewalls that are a lower model to a higher model because of the VPN limitations. I'm going to have to do some more work and see how long it takes. 

View full review »
DonaldFitzai - PeerSpot reviewer
Network Administrator at Cluj County Council

I don't think ASA Firewall is very scalable. It depends on the models and the license. However, it's pretty simple to update and upgrade the models, so I would say it's moderately scalable. 

View full review »
Anthony Smith - PeerSpot reviewer
Principal Security Consultant at Vohkus

The scalability of Cisco Secure Firewall is really good. That's down to the management platform and the way it structures your access policies, what allows traffic in and what allows traffic out. You can easily add multiple regions, locations, and types of firewalls to the management platform. As soon as you do, they get all of those policies. Previously, you'd have had to configure each one time and time again. With this version, you import it, and it's ready to go. Thus, for scalability it's easy.

View full review »
PS
System Engineer at Telekom Deutschland GmbH

It's very scalable. Cisco is for mid to large businesses. For small businesses, there are solutions that are cheaper, but that's not the main focus. 

A large environment comprises several thousand users. We have small to large size environments, but we mostly have mid to large.

View full review »
JB
Enterprise Architect at People Driven Technology Inc

In terms of scalability, they've got all different sizes of firewalls for different scales. Being able to understand how to size the firewalls appropriately is definitely key in that. That's where a partner can help, or even the customer Cisco account team can help with the scalability. They have the big multi-instance 9300 chassis down to the small 1000 series. There's a lot of scalability within the portfolio.

View full review »
RH
Director of Information Technology at a government with 501-1,000 employees

The scalability of the solution is better than the other firewalls we have, due to technical features. Our technicians have realized that this is much more scalable compared to other solutions.

View full review »
JS
Senior Network Engineer at Orvis

The devices we have can scale pretty well. We have 600 to 700 people and we have an e-commerce site. It's deployed across the entire organization, although we have multiple firewalls.

We have plans to increase usage. We're going to do more DMZ to protect ourselves. So we'll be having more interfaces off the firewalls and we'll be protecting more VLANs. That's probably as big as we are going to get. I don't see us doing too much more than that.

View full review »
Joseph Lofaso - PeerSpot reviewer
Senior Network Engineer at Pinellas County Government

We use them for smaller campuses. Though, if we need to upgrade a model, then we go ahead and do that. For example, with our bigger campuses, we need to have a bigger model. They have specs out there that you can kind of line up with what you need.

View full review »
KB
CTO at Intelcom

For daily operations and projects, scalability is very important. Cisco provides a way of mixing and clustering firewalls to enhance scalability. We have many ways to scale, and as our clients grow, we can have the Cisco firewall solution grow as well.

View full review »
Chuck Holley - PeerSpot reviewer
Director of Networking at Albemarle Corporation

The scalability of Cisco Secure Firewall depends on the different models available, as each model may have a fixed scalability level. Therefore, the scalability we obtain will vary depending on the specific model we utilize.

View full review »
MR
Security Officer at a government

We are a very small environment. Based on our scale, it's been perfect for our environment.

View full review »
BB
Cybersecurity Designer at a financial services firm with 1,001-5,000 employees

The scalability of the firewall is one of the main reasons why we looked to Cisco. The ability to add nodes and remove nodes from clusters has been hugely important, particularly in some of our more dynamic environments where we may need to speed up a few hundred machines just for a few days to test something and then tear it all back down again. 

Within our data centers, we have around 6,000 endpoints, and then our user estate is around 4,500 endpoints and all of that connectivity is controlled by Cisco Secure Firewall.

View full review »
DavidMayer - PeerSpot reviewer
Solution Architect at a energy/utilities company with 1,001-5,000 employees

I know that there are several models for every type of scale that you need. For small branches up to the data center or even for the cloud, there are models, but so far, we only have one cluster. Among all these different types, we found the perfect matching size for our company.

View full review »
Paul Nduati - PeerSpot reviewer
Assistant Ict Manager at a transportation company with 51-200 employees

It's easy to scale it up and extend it to other operations. When we merged with another company, we were able to extend its usage to serve the other company. It became the main firewall for them as well. It works and it's scalable.

It's the main perimeter firewall for all traffic. Our organization has around 1,000 users spread across the country. It's also our MPLS solution for the traffic for branch networks. It's able to handle at least 1,000 connections simultaneously, give or take.

View full review »
Augustus Herriot - PeerSpot reviewer
Senior Infrastructure Engineer at a insurance company with 10,001+ employees

It is very scalable with the ability to virtualize, which is really easy. We do it during our maintenance window. Now, if we plan it, we know what we are doing. We can spin up another virtual machine and keep moving. 

View full review »
AK
Senior Information Security Analyst at a manufacturing company with 10,001+ employees

Since this is a hardware solution it does not scale as well as cloud versions. We have approximately 20,000 people using this solution in my organization.

View full review »
NH
Network Engineer at a healthcare company with 10,001+ employees

We've had no problems with scaling our business. We went from using probably 200 active VPNs an hour to over 600 VPNs without blinking an eye at that.

View full review »
Marijo Sutlovic - PeerSpot reviewer
Head of Information Security at Otp banka d.d.

Our company has approximately 2,500 employees and 500 devices. In terms of scalability, Cisco Secure Firewall is sufficient for our needs.

View full review »
FC
Global Network Architect at a agriculture with 10,001+ employees

So far, in this use case, it has met our scalability requirements in terms of traffic and management.

View full review »
Isaiah Etuk - PeerSpot reviewer
Chief Digital & Technical Officer at Capital Express Assurance Limited

Scalability is not a problem because I still have a span of five to seven more years. After that, I might have to go for a bigger device. For now, I have no issues. I can scale up or down. I'm good with that.

View full review »
FM
Practice Lead at IPConsul

Cisco Firepower scalability is something that can be done easily if you respect the best practices and don't have any specific use cases. If I take the example of one of my customers moving to the cloud, there is one FMC and he is popping new Firepower devices on the cloud, just attaching them to the existing policy and knots. This is done in a few minutes. It is very easy to do.

View full review »
Ramish Ali - PeerSpot reviewer
Assistant Director IT at Punjab Education Foundation

The product can scale nicely. If a company would like to expand it, it can do so. 

We have about 10,000 schools use the solution in general, and 1,000 to 2,000 that use it simultaneously daily. 

View full review »
BW
Network Security Team Lead at a government with 10,001+ employees

We bought scalable products, and we're in a good position.

View full review »
WN
CTO at a government with 10,001+ employees

Cisco Secure Firewall is a very scalable solution.

View full review »
FC
Global Network Architect at a agriculture with 10,001+ employees

Cisco Secure Firewall has met our scalability requirements as far as traffic and management goes.

View full review »
SV
Critical Infrastructure at Wintek Corporation

The solution is scalable because Cisco keeps up with new technology, the security application, bandwidth, optics, and the kind of speed that one can use.

View full review »
Samson Belete - PeerSpot reviewer
Network Engineer at a financial services firm with 5,001-10,000 employees

It is scalable. All our users utilize this firewall. We have more than 30,000 users who are end users, admins, and developers.

View full review »
DC
Senior Network Security Engineer at a tech services company with 11-50 employees

Scalability has been fine. I haven't had an issue with it. I just haven't had a need to deal with scalability yet.

View full review »
MB
Cyber Security Practice Lead at Eazi Security

The thing that restricts the scalability would be Firepower Management Center. It is constrained by how many events it can record. It suits customers who have a smaller number of sites, like a dozen or maybe 20 sites. You can still record your connection and intrusion event history for a significant period of time. But, if you are talking about a customer with hundreds of firewalls, then Firepower Management Center probably is not the right proposition.

If I am a customer with a dozen sites, I probably don't have the money to pay for a dedicated SIEM platform. So, Firepower Management Center is great for me because it is like a mini SIEM from a perimeter security perspective. I can store my connection and intrusion event history. I can get an idea of which IPS intrusions are things I should focus my attention on. These are the things that a SIEM could help you with. I can manage my firewalls from a single management location, which is really good. However, if I am a customer who has hundreds of firewalls, then it is not really scalable because I wouldn't be able to store the amount of intrusion and connection events that I would need for those firewalls.

Cisco Defense Orchestrator would probably be the better option if you had an environment that had hundreds of sites with hundreds of firewalls. Even if you acknowledge that Cisco Defense Orchestrator doesn't store events per se, it just allows you to manage and deploy policies to the firewalls, when you have an environment with hundreds of firewalls, then you will definitely have the budget for a SIEM platform. At that point, you would be scaling by having separate platforms for separate functions rather than one platform to do everything.

Firepower Management Center is great for some customers with whom we work because they don't have hundreds of sites with hundreds of firewalls. They just have somewhere between two and 10 sites. So, it is a good fit for that kind of customer.

View full review »
MK
IT Administrator / Security Analyst at a healthcare company with 11-50 employees

We have integrated these firewalls with other products, such as Cisco ISE, and it hasn't been a problem. ISE is a Cisco product so it would make sense that it integrates well, but ISE integrates with other firewalls as well.

Everything that I've done with these firewalls has been pretty seamless. We've had no downtime with them at all. They've been very rugged as we expanded usage through integration.

View full review »
AI
Head of Technology at Computer Services Ltd.

I would put the Cisco Firepower NGFW firewall into Transport mode, as you can do with most firewall systems for scalability. We used to have about 60% of our users on hold during six-week events. We still have certain problems without a firewall, but these days with the Cisco Firepower, we have over 80% of the load working.

As the customer integrator for enterprise contracts, we've been able to introduce Cisco Firepower to around 10 of our new customers in Bangladesh. At least 50 of the previous Cisco customers are still using the firewall solution right now under our support.

These are enterprise customers who require Cisco firewall support. We used to have a specialty in that which is really like the holy grail in rocket science. It used to be like that but now with Cisco's enterprise user base, we offer operational system support to reduce complexity a lot. It's really easy. It's not like you have to be a specialist.

View full review »
Ken Mohammed - PeerSpot reviewer
UC Solutions Engineer at Diversified

It scales because you can deploy a cluster. You could have up to 16 Firepowers in a cluster, from the class I [was learning] in yesterday. I only had two in that particular cluster. It scales up to 16. If you have a multi-tenant situation, or if you're offering SaaS, or cloud-based firewall services, it's great that it can scale up to 16.

View full review »
Ryan Page - PeerSpot reviewer
IT Network Manager at MLSE

We have never had to ramp up more than a small- to medium-business use case. For that, it has been great. Limitation-wise, we would run into challenges if we ever hit 2,000 to 2,500 users. We would then have to move onto hardware. Its scalability is only limited by the size of the appliance. So, if you ever have to exceed that, then you just have to buy a new box.

View full review »
JATINNAGPAL - PeerSpot reviewer
Manager/Security Operations Center Manager at RailTel Corporation of India Ltd

The solution is very scalable. 

View full review »
Nagendra Nekkala - PeerSpot reviewer
Senior Manager ICT & Innovations at Bangalore International Airport Limited

Cisco Secure Firewall is a scalable solution. Around 400 users are using the solution in our organization.

I rate Cisco Secure Firewall a nine out of ten for scalability.

View full review »
ArunSingh7 - PeerSpot reviewer
Computer Operator at a retailer with 5,001-10,000 employees

Scalability-wise, I rate the solution an eight out of ten.

Around 2,500 people use the solution in my company.

View full review »
JP
Network Engineer at Ulta Beauty

It has the scalability to replace the firewall with a higher model number.

The scalability meets our needs and future needs.

View full review »
HP
Senior Solutions Consultant at a comms service provider with 10,001+ employees

The solution can scale quite well. A company that needs to expand it can do so easily.

In our case, we have clients with anywhere between 1,000 and 10,000 users.

View full review »
PC
Security Architect

Scalability depends on the site. At some sites we have ten people while at others we have a data center with a full 10 Gig for all the group. We have had one issue. When there are a lot of small packets — for example, when our IPS is in front of a log server or the SNMP servers — sometimes we have issues, but only when we get a peak of small packets.

View full review »
Ibrahim Elmetwaly - PeerSpot reviewer
Presales Manager at IT Valley

The solution is extremely scalable and based on my experience, I would rate it 7 out of 10.

View full review »
DJ
IT Consultant at ACP IT Solutions AG

Cisco Secure Firewall is a scalable solution.

View full review »
FS
Security engineer at a energy/utilities company with 10,001+ employees

It is pretty scalable. We can add as many devices as we want.

View full review »
PR
Senior Network Engineer at a manufacturing company with 1,001-5,000 employees

We haven't scaled it much at this point.

View full review »
Jure Martinčič - PeerSpot reviewer
Engineer Specialist at Telekom Slovenije

The model we have is okay for our environment, so it's scalable. We haven't seen any problems in that regard. There are 50 or 60 devices behind it and about 500 clients. It is used in a very specific environment for a large Slovenian system.

The device has achieved its purpose. We won't implement any other features.

View full review »
it_user68991 - PeerSpot reviewer
Manager of Engineering with 1,001-5,000 employees

The newer clustering capabilities have introduced some solid scalability design options. From a cost perspective, scalability is quite intimidating.

View full review »
TO
Solutions Architect at Acacia Group Company

We did not see any limitations with Cisco Secure Firewall’s scalability.

View full review »
KH
Systems Engineer at a engineering company with 5,001-10,000 employees

The solution seems to be very scalable. I probably don't have much experience with scalability because, by the nature of how our networks work, we don't scale them; we just add another one.

View full review »
FS
Networking Project Management Specialist at Bran for Programming and Information Technology

The scalability of the Cisco Secure Firewall is excellent.

View full review »
MK
Security admin at a wholesaler/distributor with 10,001+ employees

This is a scalable solution. 

View full review »
GU
Senior Network Engineer at BCD Travel

There is room for improvement in the scalability of this solution.

View full review »
MB
Director IT Security at a wellness & fitness company with 5,001-10,000 employees

Cisco accounts for scalability by having different hardware recommendations, depending on what the throughput is, the required coverage is in terms of number of devices, the amount of traffic, etc. In our case, I don't see any issues. We are appropriately sized, but I could see how if someone's environment doubles, then someone should account for that by either procuring another appliance and separating some of the traffic flows or getting a bigger, more powerful system that can handle increase in throughput.

We try fitting to an ecosystem mentality. For example, we have four different Cisco products, which is technically a single ecosystem. If you were to think of it that way, then it is four different tools from Cisco. Then, there are two additional ones on the network, which makes six. There are additional two or three for an endpoint, plus another two or three for email, and another two or three for identities. So, I would say there are probably around 20 security solutions total.

The network team as well as the security team use it. Combined, that is approximately six people.

We are perfectly sized. I don't think there will be a need to increase the footprint or anything like that, at least for a while.

View full review »
MS
VSO at Navitas Life Sciences

Scalability is one of our major business requirements. We are seeing 20 percent growth year-over-year. The plan is to keep this product for another four years.

View full review »
Akshit Chhokar - PeerSpot reviewer
Technical Solutions Specialist - Networking at Google

The product offers good scalability.

View full review »
KB
Data center design at a comms service provider with 10,001+ employees

We have at least a pair in every one of our data centers. We gateway our applications around the firewall system, meaning all application data goes through firewalls.

View full review »
Md Mahbubul Alam - PeerSpot reviewer
Head of Information Security Division at Prime Bank Ltd.

I give the scalability a one out of ten.

View full review »
MZ
Senior Network Administrator at a comms service provider with 201-500 employees

It depends on the model. We are hitting some issues with scalability. It's getting very expensive to scale out.

View full review »
LS
Network Administrator at Bodiva

Currently, we have approximately 20 site-to-site VPNs operations.

View full review »
SN
IT Manager, Infrastructure, Solution Architecture at ADCI Group

This is a scalable solution.

In terms of the number of users, it depends on the customer. A small customer may have less than twenty users. A larger customer can be complicated by having different branches with different users and different security rules. This means that you can reach up to the hundreds. 

View full review »
BG
System Administrator at ISET

We are growing. In the next two years, we will have an additional 600 users, so we will double the capacity. We will see even more in the next three years. 

It will be like very tough. In about five-year cycles, you need to update the firewall and add other new Cisco devices for the next generation of innovation.

In five years, we will be ready for a complete upgrade cycle for everything. The stability and scalability of the Cisco ASA NGFW are good for when we need to grow. 

For the next five years, everything is fine. After that, we will see because there will be a lot of changes.

View full review »
TI
Senior Network Consultant at a healthcare company with 1,001-5,000 employees

We had an issue where we had to install another cluster for the firewall because we went out of the capabilities on one of them. You need to analyze in advance how much your usage will grow in the future and you have to decide based on that. It's about adding more firewalls. We can scale in this way, and it's good.

View full review »
RW
System Administrator at a healthcare company with 501-1,000 employees

There are no issues with the scalability. It works fine.

It is simple to upgrade.

We only need one person to maintain the product.

View full review »
PC
Senior Engineer at Teracai Corporation

It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go.

View full review »
AE
Technical Consultant at Zak Solutions for Computer Systems

The scalability of the solution is very good. We have no trouble expanding the solution.

They have multiple products that fit in multiple areas. They also have virtual firewalls, which are working well in virtualization systems. They have the data center firewalls feature for data centers. It's scalable enough to cover most of the use cases that might arise.

View full review »
IK
Network Engineer at a tech services company with 5,001-10,000 employees

The solution’s scalability is excellent. I don't know if the scalability has a downside or even a limit.

View full review »
Francisco Gaytan Magana - PeerSpot reviewer
Network Architecture Design Engineer at a comms service provider with 10,001+ employees

This solution would need an adjustment to be scalable. 

View full review »
RG
Network & Security Engineer at Oman LNG L.L.C.

There are no issues in terms of the number of users. This is the main firewall for the organization. All users are behind this firewall. So, all departments and teams, such as HR, finance, application team, hardware teams, are behind this firewall. All users have to cross the firewall while accessing applications and websites. They cannot bypass the firewall. 

View full review »
MB
Voice and data infrastructure specialist at a tech services company with 1,001-5,000 employees

The scalability is great.

View full review »
MB
Head of Network Administration Section at Zemen Bank S.C.

It doesn't have an expansion card. So, it may not scalable for huge buildings. It also lacks a lot of standard interfaces. Other products are providing capacity for a data center. Other technologies are expanding their interface bandwidth from 10 gigs. In my opinion, Cisco ASA doesn't have this capability.

View full review »
RF
Data Analyst at a hospitality company with 201-500 employees

I've never tried to scale the product. I haven't worked with it too long at this point. I wouldn't be able to comment on its scalability potential.

View full review »
Vinay-Singh - PeerSpot reviewer
Manager IT & Security at mCarbon Tech Innovations Pvt., Ltd.

This product is scalable. We have 100 users in our organization.

We will not continue to use this solution. We will be upgrading to either Firepower or Check Point.

View full review »
CM
IT Manager at Citizens Bank

The scalability is very good. We use the 5600 models and the lower 5000s. We were able to upgrade as needed. We added a ton of VPN tunnels to them and they handled all that traffic quite well.

View full review »
MC
System programmer 2 at a government with 10,001+ employees

We have about 8000 end users. Scalability-wise, it's already handling a large amount of traffic.

View full review »
RS
Senior network security, engineer and architect at a computer software company with 5,001-10,000 employees

You can vary scalability from very few users to thousands of users.

View full review »
AS
Senior Network Architect at a tech services company with 10,001+ employees

The solution's scalability is very good.

We use it on customers who have two employees up to customers with 5,000 employees. It is also used for customers who have one site or several sites. It is all over the place

View full review »
CE
Network engineer at a government with 10,001+ employees

It's very scalable. Every organization sets it up differently, but we've been able to perform upgrades with minimal service disruption. We have ASAs in multiple locations.

View full review »
AR
Lead Network Engineer at a government with 1,001-5,000 employees

The scalability of the product is pretty good. If you need to expand it, you can do so with relative ease.

View full review »
ZK
Lead Network Security Engineer at TechnoCore LTD

Cisco Firepower NGFW has a large variety of devices that are able to accommodate every company's needs, be they small or large. Overall, the scalability of the devices is very good.

View full review »
KUMAR SAIN - PeerSpot reviewer
Sr. Network and Security Engineer at Shopper Local, LLC

The scalability is also good. But in terms of future-proofing our security strategy, it depends on the points I mentioned elsewhere that Cisco needs to work on.

View full review »
CD
Senior Solution Architect at Teras Solutions Limited

Cisco Secure Firewall is a scalable solution that allows you to add capacity.

View full review »
BL
Network Engineer at a construction company with 1,001-5,000 employees

Cisco Secure Firewall is scalable.

View full review »
TM
Solutions Consultant at a comms service provider with 10,001+ employees

As a firewall, it's in use all the time. Whether there will be increased usage depends on how security risks increase. But at the moment, there's no expectation for an increase in use.

View full review »
Imran Rashid - PeerSpot reviewer
IT/Solutions Architect at a financial services firm with self employed

Scalability is good, but just like the issue with Palo Alto and Fortigate, there is also an issue with Cisco Firepower NGFW Firewall. I can configure it easily because of my Cisco background, but others in my team aren't comfortable with it.

View full review »
AM
Network Engineer at LEPL Smart Logic

Its scalability is very good. It was a small implementation. Traffic was maximum of 150 megabits per second. 

View full review »
EH
CEO at NPI Technology Management

The scalability of the solution is good. Within our customer base, it is absolutely scalable. You can go very large with it. However, if you really want the highest speeds, you have to move off of the IOS ASA line and onto the newer stuff.

Typically our clients cap out at 500 employees.

View full review »
EV
IT Infrastructure Specialist at RANDON S.A

It is scalable in our scenario. It is scalable the way we deploy it. It's the same template or architecture, and that was our intention, for all our remote sites. From this point of view, the scalability is okay. But if one of those remote sites increases in demand, in the number of users or in traffic, we don't have too much space to increase the firewall itself inside that deployment. We would probably need to replace or buy a new, more robust appliance. So the scalability for the architecture is fine. It's one of the major requirements for our distributed architecture. But scalability for the appliance itself, for the platform itself, could be a problem if we grow too much in a short period of time.

I don't know how to measure how extensively we use it, but it's very important because without it, we can't have VPN and we can't communicate with our headquarters. We have SAP as our ERP software and it's located in our data center here at our headquarters. If we can't communicate with the data center, we lose the ability to communicate with SAP. So if we don't have the firewall running on those remote sites, it is a major problem for us. We must have it running. Otherwise, our operations at these remote sites will be compromised. In terms of volume, 40 percent of our sites are deployed and we still have plans to deploy the other 60 percent, this year and next year.

Regarding future demands, if we create new business, like we are doing now in Mexico, our basic template has this next-gen firewall as part of it. So any other new, remote sites we deploy in the future, would use the same architecture and the same next-gen firewall.

View full review »
LF
Security Governance at a comms service provider with 1,001-5,000 employees

Yes, the throughput highlighted on the datasheet (10Gbps) should be reviewed. This throughput is only for a UDP running environment, which you will never find in the real world. Rather consider a multiprotocol throughput.

View full review »
MS
VSO at Navitas Life Sciences

At this moment, we have not thought through scaling. The model which we use is less than 60%. What I heard from them is you can cascade it to another box, and scaling can be done.

We have between 400 to 450 concurrent users on a daily basis accessing this box. Overall, we have 2,000 devices that could be easily communicated via Firepower.

View full review »
Sergiy Ovsyannyk - PeerSpot reviewer
VP Network Engineering at a computer software company with 501-1,000 employees

It's used around the world. We have 20 data centers and each data center handles six offices. We have Cisco in every single location. If something new comes up, we'll increase our usage of the product.

View full review »
VW
Network Engineer at a computer software company with 201-500 employees

We have been just using ASAs for a smaller environment.

I don't know if I have ever worked with ASA in a highly scalable environment.

View full review »
Michael Mitchell - PeerSpot reviewer
Network Engineer at Utah broadband

Scalability is actually pretty exponential. In the grand scheme of things, we are a small network. We only have 15,000 subscribers. However, if we need to expand, it is reasonable.

View full review »
MC
Engineering Services Manager at a tech services company with 201-500 employees

It scales, but it depends on the growth rate of the customer and the amount of bandwidth. It's usually a speed and feed problem: Is the firewall box big enough to handle the traffic? Snort 3 has made some improvements there and it's even given some life back to older boxes because of improvements in code and in how Snort processes data. But, overall, the box just has to be big enough for the amount of traffic you're trying to shove through it.

View full review »
AM
Network Engineer at LEPL Smart Logic

It is not much scalable. It is only a Layer 4 firewall. It doesn't provide deep packet inspection, and it can see packets only up to TCP Layer 4. It can't see the upper layer packets. So, it is not very scalable, but in its range, it is a very good one. What it does, it does very well.

View full review »
AA
Deputy Manager at Star Tech Engineering Ltd

The scalability is good.

View full review »
VG
Co-Founder at Multitechservers

We have it in our infrastructure for around 15 plus users, including Fortinet sites.

We have found that whenever the traffic spikes at peak times, the product automatically scales up to the requirement. We have also implemented the single sign-on it, and therefore, it automatically scales up. We haven't felt any limitations. Currently, we are using it for 1500 plus users. At any given time, there are around 700 plus users available in the office. It's a 24/7 infrastructure. We have tested it for up to 750 plus users, and it's perfectly fine.

View full review »
Heritier Daya - PeerSpot reviewer
Network Administrator at a financial services firm with 1,001-5,000 employees

This solution is really scalable and reliable. In my opinion, Cisco products are always scalable.

View full review »
FL
Team leader at J.B. Hunt Transport Services, Inc.

This solution is very scalable.

View full review »
MD
Network & Security Administrator at Diamond Bank Plc

The scalability is based on module support. We have a stand-alone version. It is not 100% applicable to talk about scalability at this point. 

There is another Cisco ASA module available that is more scalable than ours. For the module I have, the stand-alone, the scalability is not as good as on the higher model. 

The 5585 model, allocated for data center security, can be facilitated into the switching spot or the working spot in our data center. We can recommend the scalability there. 

For the module I have, I'm using it as a stand-alone. I don't think it is scalable too much at this point. 

I'm using Cisco ASA in my organization to support about 150 staff. For maintenance, I do all of the work myself.

View full review »
Karthik Venkataraman - PeerSpot reviewer
Senior Consultant at Velocis Systems

It is scalable. A thousand-plus users are using the solution in my company. 

View full review »
MF
Network Engineer at a financial services firm with 10,001+ employees

It's better to have a higher speed. I'd rate it an eight out of ten in terms of scalability.

We have multiple locations and multiple departments. We are a big company, and we have a lot of remote sites. We have about 6,000 of them.

View full review »
Tushar Gaba - PeerSpot reviewer
Technical Solutions Architect at NIL Data Communications

We look at scalability for any product of Cisco. I cannot be confined to the ASAs. We have physical, virtual, and cloud deployments. Everything is possible, so scalability is no issue.

View full review »
SG
Network Automation Engineer at a financial services firm with 1,001-5,000 employees

Scalability is probably a 10 out of 10 for what we're looking at.

View full review »
BB
Network Engineer at a university with 1,001-5,000 employees

We haven't had to really scale up too much.

View full review »
AS
CSD Manager at BTC

It is scalable, with virtualization and other features.

In terms of future-proofing our customers' security, we recommend the ASA. We have tested it in large environments and it's working well. The lesson I have learned from using Cisco ASA is that Cisco's research is continuous. They provide enhancements every day. It's a product for the future.

View full review »
JM
Head of Information Communication Technology at National Building Society

We haven't maxed it out in terms of its capacity, and we've got up to about 200 users browsing the internet at any given time. In terms of throughput, we've got an ASA 5525 so it handles capacity pretty well. There aren't any issues there.

View full review »
AN
Network Engineer at LIAQUAT NATIONAL HOSPITAL & MEDIACAL COLLEGE

The firewall is very scalable. Most contact versions are available depending upon the organization you have. It works for very large organizations. They are scalable for many scenarios. The scalability obviously is there for sure.

View full review »
DC
Network Engineer at CoVantage Credit Union

We haven't hit that issue of scalability. We have increased the amount of traffic through it and it's handled it, but I think that's also a product of the ASA as well. If the ASA is going to choke, Firepower is going to choke as well.

We're going to be bringing in two new firewalls, as early as the fourth quarter or first quarter of 2020, and those are going to be pure FTD appliances. We'll probably be using those a little bit more extensively. I don't think we're going to be using the SSL portion, but we'll probably have the IDS/IPS, and we'll probably have the AMP turned on. That's because with the endpoints, we're not sure if we're going to be able to install an antivirus, so we can at least watch that. We'll probably use most of the suite on it.

View full review »
AG
Consultant at HCL Technologies

Scaling is quite easy. 

View full review »
it_user212682 - PeerSpot reviewer
Network Consultant at a tech consulting company with 51-200 employees

The 5512-x with a BASE license does not have many options for scalability. However, the Security Plus option allows multiple contexts and ACTIVE/ACTIVE fail-over options. I currently do not use those features, but I can definitely see the need for both of these options.

View full review »
ZM
Network Engineer at EURODESIGN

I use just two devices. I've not tested anything else.

View full review »
GD
Cybersecurity Architect at a financial services firm with 5,001-10,000 employees

Scalability is unparalleled. It is easy to scale.

We don't have plans to increase our usage at this time.

View full review »
HR
Director of network ops at a non-profit with 51-200 employees

The product we have has some limitations when it comes to scalability. That's one of the things we're looking to address with a new solution.

View full review »
BL
Enterprise Architect at a tech services company with 51-200 employees

We haven't done much with scalability. We have always just done active standby. However, it scales once you figure out how to do it. If there are site-to-site VPNs within your own location, it is easier because there is a template, where it is, "Here, change this IP address. Change this IP address. There, it's done." 

Third-parties weren't bad. Once my side was done, then we could easily cut and paste it, and say, "Okay, here's what my side's configured for. If you have something that is not working, then you can tell me what it is and I will help you." However, we never really had anything that we couldn't fix. It was also possible to scale on the other side.

View full review »
Juan Carlos Saavedra - PeerSpot reviewer
Coordinador de Tecnología at a tech vendor with 1,001-5,000 employees

We have 200 users using this solution.

View full review »
WS
IT Consultant at Hostlink IT Solutions

It is scalable.

View full review »
WM
Head of ICT Infrastructure and Security at City of Harare

We have 2,000 users who connect through this product. We are planning to increase use as we go, toward the end of the year.

View full review »
CS
Sr Technical Consultant at a tech services company with 51-200 employees

It is scalable. Cisco is pretty popular with organizations, and many customers are using it. It is suitable for all kinds of customers. It can cater to small, medium, and large organizations.

View full review »
EL
Technical Specialist, consultant at a computer software company with 10,001+ employees

There is no real limit to the way they can scale. It is very easy to integrate additional firewalls or even nodes on appliances. Whenever needed, they are stackable. They are very flexible in that sense. Our clients are large businesses.

View full review »
MG
Senior Network Administrator at a construction company with 1,001-5,000 employees

For us, the scalability is good, because we sized everything right, right from the beginning. If you size it right, it's very good. We don't plan on adding more firewalls, unless we suddenly grow exponentially, which we're not expecting to do at this point.

View full review »
ME
Director of network engineering

It's a very scalable solution.

View full review »
DJ
Network Systems Manager at a computer software company with 5,001-10,000 employees

It scales well. We've had no issues ramping things up.

We're going to expand our usage of it. We rolled it out to about 200 users and now we're going to expand that to about 1,000 users out of our 3,000-user base. It has been really good.

View full review »
MS
Senior Systems Engineer at a tech services company with 201-500 employees

Its scalability is very good due to clustering. 

In terms of our plans to increase its usage, it has everything we need. We don't plan to add anything more because it has all that we need as of now.

View full review »
JV
Project Engineer at Telindus B.V.

In the Netherlands, where I work, we don't have very big customers requiring very high throughput. So I cannot say anything about clustering where you can pile different ASAs or Firepower devices together to increase performance when you require it. 

But scalability, in general, is pretty hard. Competition-wise, sometimes it's hard to sell Cisco security products because, in my opinion, Cisco is quite honest about the real throughput they are able to provide. Other vendors may be giving figures that are a little bit "too perfect." Sometimes it's hard for us to sell Cisco firewalls because a customer says, "Well, when I go to other brands they say they have double the throughput for half the price." Well, that's great on paper, but... 

In general, after we have installed Cisco firewalls, our customers are very pleased by the performance. They also like that they can tweak settings to get more performance out of the firewall by enabling specific policies for specific traffic, and by disabling inspection for very internal data center traffic. That provides a big boost to the overall firewall performance. When a customer complains that we didn't scale it correctly, and they say it's not performing as well as they expected, I'm always able to tweak things so that it performs the way the customer requires.

View full review »
HP
Technical Consulting Manager at a consultancy with 10,001+ employees

The scalability is reasonable and okay. 

One of the clients we have has 21,000,000 node. 

View full review »
MH
Security architect at a computer software company with 51-200 employees

This is a very scalable solution as long as you get the right hardware. 

View full review »
PS
Network security engineer at a tech services company with 1,001-5,000 employees

We have more than 400 employees. We are currently not thinking of increasing its usage because we need more security, and Cisco ASA is not good for Layer 5 to Layer 7 security.

View full review »
CB
Networking Specialist at a healthcare company with 1,001-5,000 employees

The scalability is great.

We have five devices in four locations.

Three network administrators who work with Firepower, including myself.

View full review »
TG
Lead Network Administrator at a financial services firm with 201-500 employees

The scalability is awesome. That's one of those features that this product adds. Not only does it scale so that we can add more firewalls and have more areas of deployment and get more functionality done, but we have the ability that we could replace a small-to-medium, enterprise firewall with a large enterprise firewall, with very little pain and effort. That's because that code is re-appliable across multiple FirePOWER solutions. So should a need for more bandwidth arise, we could easily replace the products and deploy the same rulesets. The protections we have in place would carry forward.

We hairpin all of our internet traffic through the data centers. Our branch offices have Cisco's Meraki product and use the firewall for things that we allow outbound at that location. Most of that is member WiFi traffic which goes out through the local connections and out through those firewalls. We don't really want all of the member Facebook traffic coming through our main firewalls. I don't foresee that changing. I don't see us moving to a scenario where we're not hairpinning all of our business-relevant internet traffic through the data centers. 

I don't foresee us adding another data center in the near future, but that is always an option. I do foresee us increasing our bandwidth requirements and, potentially, requiring an additional device or an increase in the device size. We have FirePOWER 2100s and we might have to go to something bigger to support our bandwidth requirements.

View full review »
NC
Technology Associate at a financial services firm with 1-10 employees

I don't see it being very scalable. I don't have access to the actual interface on it. However, it is an older product, so it probably doesn't have high availability features. So, it's scalability is probably limited. I know that we kind of put it through the ringer with our fewer than a hundred connections into it.

View full review »
it_user221862 - PeerSpot reviewer
Cloud Engineer at a tech services company with 1,001-5,000 employees

The only issue I have is with the price, as SourceFire is VERY expensive.

View full review »
FV
Admin Network Engineer at Grupo xcaret

It has really good scalability.

View full review »
BW
Network analysis at a government with 1,001-5,000 employees

It is highly scalable. It has some limitations, but for medium to large-sized deployments, it is excellent.

View full review »
Javed Hashmi - PeerSpot reviewer
Chief Technology Officer at Future Point Technologies

The scalability is very good. 

View full review »
WM
Consulting Engineer at IV4

In our organization, we only have one in our data center that all of our people pass through. However, I've got clients that have thousands running through large Cisco firewalls.

View full review »
SA
Senior Network Engineer at a consultancy with 1,001-5,000 employees

It's scalable.

View full review »
MC
Senior System Engineer at a tech services company with 11-50 employees

I don't have a sense of the scalability. I never extend the processes or usage.

View full review »
Ahmed Nagm - PeerSpot reviewer
IT Solution Consultant at PCS

As far as scalability, I haven't had any performance issues so far. There really isn't high utilization coming from the operations environment, so I don't need to upgrade the tier at the moment.

View full review »
RP
Systems Administrator at Universal Audio

Scalability has been a pain point for us. 

It's great for what it does. Just make sure you know whatever environment you are using it in is not going to have to scale. Just use it for sandbox. As long as they stay competitive, use the ASA, but make sure you have a plan to grow out of it.

View full review »
RM
Network Engineer at a tech services company with 51-200 employees

We feel we didn't even try to make it scalable. We had 30,000 end users.

View full review »
SZ
General Manager at MS Solutions Ltd.

We have not tried to scale our network. It was established a long time ago and nothing has changed since then.

View full review »
HT
Presales Engineer at a comms service provider with 51-200 employees

We typically work with large public organizations. Our customers are quite big. Some are even up to 8,000 employees.

My view is that the ASA is for data centers. When you need more performance or something like that, this may be a problem. This is due to the fact that we don't have the ability to add more performance - more CPU or more equipment - in our cluster when we deploy the solution in a perimeter. It's complicated to expand the performance with ASA on the perimeter.

View full review »
TH
President at a tech vendor with 11-50 employees

Within their limitations, yes, they're scalable. You don't want to put a 5506 in when you need a 5525 — you'll never get it there. If properly sized, they're scalable, but you can't make a 5506 a 5525 — there're different processors and everything. You have to know where you're going. You have to know your customer first.

View full review »
it_user861456 - PeerSpot reviewer
Senior Information Security Engineer at a financial services firm with 501-1,000 employees

It's pretty scalable. Cisco is a large enterprise solution and it's designed to be able to serve large enterprise, so, it's fairly scalable. We're using the solution minimally at this point, and we're decreasing usage because it's too expensive to upgrade.

View full review »
WB
Network Engineer at a comms service provider with 1,001-5,000 employees

We've used several models of the product, from the smallest to the biggest. I think that this family of the ASAs is scalable enough for everything up to an enterprise environment. I think the family of products is able to handle small and large company needs.

View full review »
MT
Information Security Administrator at Bank of Namibia

It can easily scale. If you want, you can scale it to a lot of traffic. It's an X file, so all of our users are going through it.

We only require one administrator for the solution. For deployment and maintenance, it depends on how many developers you have. We require two dedicated staff at a minimum. 

Naturally, we employ both security technicians and administrators. Cisco ASA NGFW is being used at all our branches, and we'll continue using it in the future.

View full review »
HJ
Senior Executive Technical Support at AITSL

The scalability is good.

View full review »
NP
CEO at Synergy IT

Cisco is expensive and when you want to grow, it means you're going to need to spend some money but you can justify it.

We have closer to 50 users on the firewall at the moment and do have plans to increase usage.

View full review »
it_user244500 - PeerSpot reviewer
Constructor of the computer systems at a security firm with 51-200 employees

I currently do not need to scale on my network.

View full review »
GS
Information Security and Compliance Manager at RSwitch

The scalability is fine.

View full review »
Johan Derycke - PeerSpot reviewer
Network Security Engineer at Smals vzw

These are big devices. They have multiple models, but most of the models can be virtualized. You can create many virtual firewalls and add whatever you want.

View full review »
VM
SOC & SECURITY SERVICES DIRECTOR at BESTEL

The scalability is no problem. 

View full review »
FB
Sr Network Administrator at Orient Petroleum Inc

We've never tried to scale. We have a pretty small set up in our country. It's unlikely we will have to scale.

Currently, we have between 200 and 300 people on the solution.

View full review »
JF
Cisco Security Specialist at a tech services company with 10,001+ employees

You can go for other models for scalability and sort it out that way.

My suggestion is to think about scalability and about your tomorrow — whether you'll increase or not — and already think about the next step from the beginning.

View full review »
DS
IT Specialist at a government with 1,001-5,000 employees

This solution is very scalable.

View full review »
BS
IT Administrator at Vegol

I haven't had to scale, so I can't speak to this aspect of the solution.

View full review »
NA
IT Infrastructure Manager at Beltone Securities Brokerage S.A.E.

I haven't tested scalability yet, but I believe it is a very scalable solution. We currently have 250 employees working on it without any issues.

View full review »
CR
Network Engineer at a media company with 51-200 employees

It is a scalable product. We have a lot of demand.  But, it supports any additional network that we add. It expands easily. 

View full review »
AA
Technical Manager at a comms service provider with 1,001-5,000 employees

Scalability is great. We have around 1,500 users. 

View full review »
MG
Partner - Consulting & Advisory at Wipro Technologies

Scalability is not an issue.

View full review »
FT
IT Adviser/Manager with 51-200 employees

You need to buy a new product if you want to scale. I once tried to put in another network card and ended up in a support nightmare. I had to buy more support, licenses, and it was more expensive than buying a new one.

View full review »
it_user398799 - PeerSpot reviewer
Sr. Security Analyst with 1,001-5,000 employees

There have been no scalability issues from my point of view. I was handed the solution, so some of the initial work was done.

View full review »
LA
Lead Network Engineer

It's not really cost-effective when it comes to scalability. It is a really expensive product if you go to the modular firewalls. You need to get new appliances to get new features.

View full review »
Tayyab Tahir - PeerSpot reviewer
Senior IT Officer at Paragon

Cisco Firewall's scalability is fine. 

View full review »
JJ
Network Engineer at a computer software company with 51-200 employees

We just recently enabled Snort 3 so I'm evaluating the functionality. That's what we've considered, but we haven't done any performance testing. Our company would qualify as a small to medium business company. The average office environment is about 100 to 200 people. Performance-wise, my company is about 120 people.

Scalability is really not relevant. I know there are features that address some of those parts, like clustering and stuff, but that's really not applicable in my use cases.

View full review »
JG
Gerente de Unidad at Redescomm, C.A.

The scalability is good and it can be used for organizations of all sizes.

View full review »
CM
Network Security Engineer at a financial services firm with 1,001-5,000 employees

We use it specifically for DMZ, so we don't need it to scale it up. Because we are using this solution for a specific environment, we don't plan to increase its usage.

We have a few teams who use this solution. We have the information security team for reading the logs and policies. We have administrators, and we also have contractors for the network operation center to analyze some logs and reports. 

View full review »
ON
Managing Director at Fasp

Scalability of this solution is ok. They have the IPS (Intrusion Prevention System), online updates, and signature updates.

One customer might have, for example, two hundred and fifty users, whereas another might have one hundred users. There are different models for different numbers of end-users.

View full review »
FF
Cloud Services Operation Engineer at Informatic Services Company (ISC)

The scalability of ASAv we can easily manage. We can have good scalability in different times but we don't have HA in ASAv. Some features are removed in ASAv. 

If it's a normal ASA, i.e. a physical device, you have many more ways to scalability.

View full review »
PR
Information Systems Manager at a non-profit with 1-10 employees

We are a rather small firm so we don't have much growth leads but there is a wide range of firewalls that I can expand onto. We can also set up cluster solutions. It's rather indefinite in its expandable possibilities.

View full review »
it_user560229 - PeerSpot reviewer
Security Engineer at a healthcare company with 1,001-5,000 employees

We have had no scalability issues.

View full review »
PS
Network security engineer at a tech services company with 1,001-5,000 employees

I have extended my Cisco solution and did not have any trouble.

We have more than 400 users and we plan to increase usage.

View full review »
RO
CEO at a security firm with 1-10 employees

What I use now is sufficient based on the traffic that we are generating. We won't have to expand.  

We have two providers for ASA. There is only one administrator. We have about 1.2 million connections going through one ASA per month.

View full review »
GK
IT Manager

Scalability depends on which device you have.

It's quite scalable if you have either the ASA, even if you had the new ASA firewall services, even if you had the one with the capacity of about 500 MDP. It isn't scalable for three hundred people connecting to it. I would say it is good for medium branch offices.

I'm not sure if we have plans to extend the service.

View full review »
CS
Network Engineer at a financial services firm with 5,001-10,000 employees

It's not so scalable.

View full review »
RM
Technical Specialist with 5,001-10,000 employees

All product-based firewalls will encounter scalability issues. The firewall sizing is important during the sizing.

View full review »
it_user700158 - PeerSpot reviewer
Senior Network Security Engineer at a university
it_user391305 - PeerSpot reviewer
Member of the Board of Directors at a tech services company with 1,001-5,000 employees

We have not had scalability issues.

View full review »
it_user579180 - PeerSpot reviewer
Networking Specialist at a insurance company with 1,001-5,000 employees

Scalability is limited depending on the chosen model.

View full review »
KB
Senior Network Designer at ODI

This product is very scalable in our experience.

View full review »
it_user264462 - PeerSpot reviewer
Technolgy Analyst/Lead at a tech services company with 10,001+ employees

In certain cases, like an any access-list, if we add a URL the Cisco ASA access-list does not resolve that URL while this can be done in Juniper, and Fortinet.

View full review »
GF
Security Consultant at IKUSI

This particular product does not have high availability and therefore scalability is limited.

You need a pretty sizable solution for a center.

We have about 300 clients using this solution, and therefore the amount of people on the solution is very high, however, I don't have the exact number of users across all clients. For solutions providers, we have IT solutions for maybe around 5,000 users.

View full review »
SG
Senior IT Analyst at a insurance company with 51-200 employees

This particular model can't quite handle the bandwidth we need. We're actually replacing it shortly with the new higher capacity model.

View full review »
it_user1436289 - PeerSpot reviewer
ICT Systems Engineer at a insurance company with 11-50 employees

Our current model is reaching its end of life, so it's not very scalable at the moment. We don't plan to increase usage.

It is currently providing protection for about 30 users.

View full review »
MA
Network Security Engineer at qicard

I don't know that we have plans to scale the business on this site. But Cisco products are expandable. If we want to expand the functionality with new feature sets we can add modules. So in that way, it is a flexible and scalable solution. 

We currently have 200 to 500 users who are using this solution at any time.

View full review »
CS
Information Security Manager at a financial services firm with 501-1,000 employees

It should be well scalable. However, we didn't see a good centralized management/monitoring system like the one that Palo Alto has.

View full review »
IY
Assistant Manager (Infrastructure) at SISTIC
SC
ICT Manager at a aerospace/defense firm

Upgrading from v8.2 to v8.3 is a nightmare. The risks of down time are so high that I am forced to run different versions. Stay with 8.2 on all NAT dependent on your ASA, but again it's all about the cost.

View full review »
ON
Network & Systems Administrator Individual Contributor at T-Systems

The solution can scale well. that's not a problem at all. If a company needs to expand it to fit their needs, they can do so.

View full review »
it_user1141920 - PeerSpot reviewer
Systems Engineer at a tech services company with 11-50 employees

Firepower scales well if you have the 4100 Series or 9300 Series. They can scale and you can cluster the devices. Otherwise, you can only add one device, but that's more for the small customers. But if you get up to the high-end series of Firepower, it scales very well. 

We have customers that have 100 or 200 clients but we also have customers that have 20,000 endpoints. They are using several different appliances. Two devices for internet edge, two devices for core infrastructure, and two devices for VPN. We help customers of all sizes.

View full review »
DH
Network Administrator at a transportation company with 201-500 employees

I have found the Cisco ASA Firewall scalability could improve.

View full review »
AA
Sr. Network Engineer at a construction company with 10,001+ employees

Cisco ASAv is scalable.

View full review »
AA
IT Consultant at MOD

The scalability is good. We have around 1,500 users. The users are regular end-users, network admins, technicians, etc. 

We require three admins for this solution. We require five staff members for the deployment and maintenance. 

It is used weekly. We do plan to increase the users.

View full review »
MA
Team Leader, Information Risk Engineer at National Bank of Egypt

The scalability is good. 

View full review »
GZ
Data Center Architect at Fronius International

The scalability is good. We have scaled it but at a normal gross so it's not very high. We have designed it for our use case and we have the option to scale but we don't use it at the moment.

View full review »
EE
Senior Data Scientist & Analytics at a tech services company with 11-50 employees

I've worked with the 2000 series, the 4000, and the 9000. The 9000 series is really impressive because it's absolutely scalable for large deployments.

View full review »
KS
Technical Services Manager at a comms service provider with 10,001+ employees

The scalability of the solution is OK for me. It basically fulfills my requirement.

View full review »
JK
IT Manager at a manufacturing company with 51-200 employees

The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting.

View full review »
SC
IT SecOps Manager at a computer software company with 1,001-5,000 employees

I believe scalability issues are caused by poor design.

View full review »
AK
Senior IT Networking and Security Manager at a tech services company with 10,001+ employees

In terms of scalability, this always depends on how the product was chosen and what purpose it will work for. I haven't experienced any issues with the scalability of the product.

View full review »
GS
Security Consultant at a tech services company with 501-1,000 employees

The scalability is very good. They have a clustering mechanism, so you can start with an appliance and then cluster, adding more bandwidth and nodes into your cluster. If you don't have a big budget you can start with a medium appliance and then cluster appliances. Or if you want to buy it all in one shot, there is a big range.

Although it allows scaling by adding multiple firewalls together (clustering), we have never used that, as all new hardware supports high-performance throughput and connections at a reasonable price.

View full review »
it_user380502 - PeerSpot reviewer
Principal Network Engineer at a tech services company with 51-200 employees

There were no scalability issues.

View full review »
it_user216468 - PeerSpot reviewer
Consulting Engineer at a tech services company with 5,001-10,000 employees

There are scalability limitations with FirePOWER on the ASA, so determining anticipated throughput requirements is critical. The standalone IPS sensors can be stacked for increased throughput, so depending on your organizations needs, this may be a better path for some organizations concerned about scalability.

View full review »
SD
Owner/CTO at FS NETWORKS

We have maybe 100 - 200 end users using the solution.

View full review »
OB
Principal Network Engineer at a manufacturing company with 501-1,000 employees

The scalability is very limited because as a traditional firewall, it's a step behind. As far as the scale goes, my assumption is that you just buy a bigger model.

View full review »
TR
Tier 2 Network Engineer at a comms service provider with 1,001-5,000 employees

We don't have any firewalls that can handle more than a couple of gigabits, which is pretty small. I think the largest one we have is the 5525-X, though we haven't checked it for scalability.

In my company, there are probably 16 people (mostly network engineers) working with the solution: seven or eight from my group and the others from our IT department.

View full review »
LX
Network Specialist at a financial services firm with 501-1,000 employees

You can extend your network. They are cool. They are good for scalability.

View full review »
GV
Architect - Cloud Serviced at a comms service provider with 10,001+ employees

We have only one or two firewalls as a site data center firewall.

From what I have studied, they are scalable. You can have eight firewalls integrated with the FTP devices. I don't think scalability would be an issue but I do not have a first-hand answer on that.

There are approximately 2,500 customer base users using Cisco Firepower. It's a data center firewall, so all the sites integrate for one data center.

You do not need extra staff to maintain Firepower. One field technician engineer, FTE would be sufficient and should not be a problem. I don't think extra staff would be needed. For support, for instance, you need one person.

View full review »
BS
Information Security Officer at a non-tech company with 10,001+ employees

The scalability is fine. We have no problems with the solution. We have two of them in a standby configuration.

View full review »
it_user3483 - PeerSpot reviewer
Senior Consultant at Unify Square

No, an assessment about the workload is important to select the right device.

View full review »
AM
IT Operation Manager
AL
Network Security Coordinator at a energy/utilities company with 1,001-5,000 employees
SI
Network and System Administrator at a pharma/biotech company with 501-1,000 employees

In our deployment, we did not have a scalability issue.

View full review »
NJ
Administrator at a university with 1,001-5,000 employees

The product is scalable.

View full review »
YT
Information Security Manager at a financial services firm with 501-1,000 employees

It's a scalable solution. We have five or six users in our organization.

View full review »
Othniel Atseh - PeerSpot reviewer
Network Security Consultant at a consultancy with 1-10 employees

It's scalable. You can integrate AD, you can integrate Cisco NAC. You can integrate quite a lot of things so that makes it scalable.

View full review »
YS
Senior Network Support & Presales Engineer at a computer software company with 51-200 employees

We have several thousand employees at the company.

View full review »
JL
Ingénieur technico-commercial at ICBM

It is a scalable solution. It may cost money and resources to scale.

View full review »
it_user1073460 - PeerSpot reviewer
Security Solution Architect at a financial services firm with 5,001-10,000 employees

Scalability depends on the requirements of the license. The licensing scheme is complicated and not straightforward. I think there were around 200 users, sometimes more.

View full review »
DA
Computer Networking Consultant and Contractor with 51-200 employees

No. Based on their recent acquisition of Firepower, Cisco added "multi 10Gbps" NGFW performance in their solutions portfolio, which can be used by us, as a Gold Partner with Advance Security Architecture Specialization, in our network architecture proposals.

View full review »
SS
Network Engineer with 201-500 employees

We never had an infrastructure that required scalability.

View full review »
RS
Network Security Consultant at a tech services company with 51-200 employees

Migration to new version is very easy, therefore no issue.

View full review »
it_user246819 - PeerSpot reviewer
Global Security Architect/Perimeter Systems Administration/Active Directory and System Administrator at a retailer with 1,001-5,000 employees

The ASAs offer several different technologies for HA and we have used all of them successfully.

View full review »
JL
Network Administrator at a manufacturing company with 10,001+ employees

The scalability is not perfect.

View full review »
RP
System Administrator at a non-profit with 1-10 employees

We currently are protection approximately 220 users.

View full review »
PC
Network Security/Network Management at a educational organization with 201-500 employees

We have 500 users working on the solution and I believe it may increase, so I believe the program is scalable.

View full review »
VA
Cyber Security Software Engineer at FireEye

Especially for the AWS version, we can spin up multiple instances and do load-balancing. 

We have 15 to 20 Cisco ASA switches with a couple of physical appliances and twelve machines. Our team is using four to five machines.

View full review »
DH
‎Senior Vice President at a transportation company with 51-200 employees

The scalability is good.

View full review »
it_user627855 - PeerSpot reviewer
Manager Network Security at a financial services firm with 5,001-10,000 employees

As of now, no.

View full review »
MS
Network Architect at a tech vendor with 10,001+ employees

This is a scalable solution. 

View full review »
BD
Solutions Architect at a manufacturing company with 10,001+ employees

Scalability doesn't really apply to us, as it is just a firewall client.

View full review »
MK
Asst.Manager IT at a manufacturing company with 501-1,000 employees

It has limits. If your network is going beyond it, then you'll have to replace it with higher model.

View full review »
it_user698424 - PeerSpot reviewer
Network Engineer at a tech vendor with 10,001+ employees

Scalability has been all-star perfect.

View full review »
it_user477366 - PeerSpot reviewer
Security Technical Architect at a tech services company with 10,001+ employees

We did not have scalability issues with the high end devices.

View full review »
MZ
Middle-Tier Admin Integrator at a tech services company with 51-200 employees

Price maybe...

View full review »
it_user243897 - PeerSpot reviewer
Cisco Systems Engineer at a tech services company with 1,001-5,000 employees

No issues encountered.

View full review »
JR
Enterprise Integration Architect at a insurance company with 10,001+ employees

It's a scalable product. We have 200,000 users in our organization.

View full review »
PS
Executive Director at ict training and development center
it_user208356 - PeerSpot reviewer
Security Engineer at a tech services company with 201-500 employees

Scalability is not that good, I think. Other firewalls, upgrading is a very easy task; from the graphical user interface, you just need to import the firmware versions into it and install it. In this firewall, you need to have a third-party solution in both. It's a process. It's a procedure, a hard procedure, actually, so there is no straightforward procedure for upgrading.

View full review »
RS
Network Security Consultant at a tech services company with 51-200 employees
it_user242529 - PeerSpot reviewer
Network Consultant at a tech services company with 51-200 employees

License scalability for SourceFIRE is really not good if you have an ASA in HA as you need two licenses of everything, which is really bad as you wont get double SourceFIRE other than that you need to remember to buy your ASA based on the SourceFIRE's throughput and not the inspection throughput.

View full review »
it_user222999 - PeerSpot reviewer
Network Security Engineer at a tech services company with 51-200 employees

No issues encountered.

View full review »
it_user234789 - PeerSpot reviewer
Chief Technical Officer at a comms service provider with 501-1,000 employees

No issues encountered.

View full review »
SK
Senior MIS Manager at a tech company with 201-500 employees

We've found the solution to be scalable. A company shouldn't have any issues with expanding it if it needs to.

We have about 300 users on the solution currently. We do plan to continue to use Cisco in the future.

View full review »
PK
Jr. Engineer at a computer software company with 5,001-10,000 employees

It's a scalable solution. We have more than 2000 users in our organization.

View full review »
TM
Group Information Technology Manager at a mining and metals company with 201-500 employees

We haven't made any changes since implementing and we haven't tried scaling.  

View full review »
it_user637233 - PeerSpot reviewer
Presales Consultant at a tech services company with 51-200 employees

Some clustering functions are not available in the unified image.

View full review »
MR
Network Security Engineer at a tech services company with 201-500 employees

We only have two to three users who directly deal with the solution within our company. Overall, we have between 100-200 employees. We haven't really scaled it.

I personally would prefer not to use ASA going forward. However, I don't know if the company itself has any plans to increase usage or not.

View full review »
it_user1307058 - PeerSpot reviewer
Network Consulting Engineer at a comms service provider with 201-500 employees

It is very easy to scale this product. With SMC, you can control all levels of ASA in a central console. You can simply add a new ASA firewall to protect your network, and you will be able to control it.

We have approximately 300 users.

My clients for this solution are medium-sized organizations.

View full review »
SS
C.T.O at Sastra Network Solution Inc. Pvt. Ltd.

It's scalable based on the type of license and modules that you require.

We don't have the option to update the box, but we can add features such as antivirus protection.

View full review »
EM
Technical Manager at a comms service provider with 501-1,000 employees

The solution is really scalable.

View full review »
it_user886188 - PeerSpot reviewer
Presales Engineer

In terms of scalability, it is really expensive. It is scalable, but when it comes to pricing, the upgrading is a bit high.

View full review »
it_user654645 - PeerSpot reviewer
Senior Network Specialist

We had a scalability issue, as each feature is based on license or hardware support.

View full review »
it_user341043 - PeerSpot reviewer
System and Network Administrator at a hospitality company with 501-1,000 employees

No issues encountered.

View full review »
it_user243879 - PeerSpot reviewer
Network Security Engineer at a tech services company with 1,001-5,000 employees

One of the major disadvantages with the ASAs is the throughput, while the network evolves, the ASA was usually causing the bottle neck.

View full review »
RW
Cyber Security Consultant at a tech services company with 51-200 employees

I would say in terms of scalability, they are still the greatest family of products. Scalability means you can actually add on some processing parts to actually increase the throughput when the requirement comes up. They have a range of products for that, but this solution, it's already going out of phase, because at JSC, you can only allow up to a certain amount of upgrades that can be added on.

View full review »
SH
Team Leader Network Egnieer at deam

ASA is limited in terms of its scalability because of our customer environments. They are in the banking and microfinance sector. Our clients always want to move to the next generation firewall so they like FirePOWER. When we move clients to Firepower, they need to integrate with Sourcefire and move into more complicated management.

We have the staff perform the migrations to Firepower. We redirected traffic with Sourcefire and also require the use of FMC by our management center with Firepower.

View full review »
it_user511224 - PeerSpot reviewer
IT Support Engineer

I have not had scalability issues at all. Maybe it is because I have not used it quite extensively.

View full review »
ED
Founder, CEO, & President at Krystal Sekurity

There were no issues with scalability.

View full review »
VG
Network Security Engineer at a tech services company with 51-200 employees

It's a scalable, high availability solution. It's an active/standby model for VPN. But if you don't use VPN in these devices, it works as an active/active high availability model.

View full review »
TS
IT Administration at a healthcare company with 11-50 employees

We're just a small company, so we have not had to scale it.

View full review »
MM
Coordinator Network Support at a manufacturing company with 501-1,000 employees

It is scalable. We have had no issues. 

View full review »
it_user850275 - PeerSpot reviewer
Pre-sales engineer with 51-200 employees

When we implement a firewall we need to be aware of whether it is growing over a short time period or a long time period. I think the scalability, from our implementation, is good because you can use the same configuration for another platform. If you implement on a small platform, it It is easy to implement the same configuration to another, bigger device.

View full review »
it_user590484 - PeerSpot reviewer
Sr Network Engineer at a tech services company with 501-1,000 employees
it_user254346 - PeerSpot reviewer
Business Development Director with 51-200 employees

No issues encountered.

View full review »
ME
Solution Architect at a tech services company with 11-50 employees

Cisco NGFW is a scalable firewall. My client has more than 100 users.

View full review »
it_user793611 - PeerSpot reviewer
Account Manager

No scalability issues.

View full review »
it_user242523 - PeerSpot reviewer
Network Security Administrator at a tech company with 5,001-10,000 employees

There were no problems in terms of scaling an existing solution, though very expensive.

View full review »
it_user241755 - PeerSpot reviewer
Senior Network and Security Engineer at a tech services company with 51-200 employees

With ASA, you can scale to the largest deplyments. As an example, I have installed an ASA in an environment with 80.000 users.

View full review »
KS
CEO & Co-Founder at a tech services company with 51-200 employees

Scalability-wise, we did not have much problem because we have a single site. If we have two or more sites, and if we want to have a site-to-site VPN and more number of users, we are not sure about the scalability. We will have to go for an updated version of the new product line. 

We have close to 80 plus users. We anticipate a huge increase in the number of users and plan to increase the usage of Cisco ASA Firewall. We may have to open a new center in a different city, which will lead to more sites, users, and usage.

View full review »
GS
Center for Creative Leadership at a training & coaching company with 501-1,000 employees

The scalability is good. I'm happy with the service. We are around twenty users. Some are in finance, some are in a mid-user roles, and some are in other official roles.

View full review »
it_user413292 - PeerSpot reviewer
Regional Manager - Pre Sales at a tech services company with 51-200 employees

It requires additional licensing to enable 10G ports.

View full review »
it_user682167 - PeerSpot reviewer
Network and System Engineer at a non-tech company with 201-500 employees

I did not encounter any issues with scalability.

View full review »
it_user470943 - PeerSpot reviewer
ICT Manager - Network Operations at a healthcare company
it_user400626 - PeerSpot reviewer
Senior Network & Data Communication Engineer at a tech services company with 201-500 employees

Yes, before Clustering was introduced.

View full review »
it_user349320 - PeerSpot reviewer
Corporate Information Security Officer

We did not encounter any scalability issues.

View full review »
it_user237144 - PeerSpot reviewer
Senior Technical Consultant - Network and Security at a tech services company with 51-200 employees

No issues encountered.

View full review »
it_user275442 - PeerSpot reviewer
Senior Presales Engineer at a tech services company with 501-1,000 employees

Clustering is available for ASA with firepower services.

Also for firepower appliances, there is stacking available for some models.

View full review »
it_user237354 - PeerSpot reviewer
Sr. Network Engineer at a tech services company with 10,001+ employees

No issues encountered.

View full review »
it_user224271 - PeerSpot reviewer
Senior Network Architect/Owner with 51-200 employees

As long as you buy the correct model for your company, in regards to throughput, licenses etc., you will be fine.

View full review »
it_user212700 - PeerSpot reviewer
Senior Network Engineer at a aerospace/defense firm with 51-200 employees

No issues encountered.

View full review »
it_user150300 - PeerSpot reviewer
Senior Network Engineer at a tech services company with 501-1,000 employees
HD
Network Engineer at a tech services company with 201-500 employees

The scalability is a problem as the solution has a low throughput.

View full review »
it_user346116 - PeerSpot reviewer
I.T Security Consultant

No scalability issues.

View full review »
it_user614874 - PeerSpot reviewer
Gerente de Telecomunicaciones at a financial services firm with 1,001-5,000 employees

We have to buy more licenses to get more VPN connections.

View full review »
it_user240063 - PeerSpot reviewer
Network Security Engineer at a manufacturing company with 10,001+ employees

I believe this product is very scalable with our current needs and requirements.

View full review »
it_user430797 - PeerSpot reviewer
Network Engineer at a mining and metals company with 1,001-5,000 employees

Sometimes, the throughput and CPU counter issues were faced, maybe because we started to use it a long time ago.

View full review »
it_user200313 - PeerSpot reviewer
Security Consultant at Accenture
it_user821520 - PeerSpot reviewer
Information Systems Manager at a manufacturing company with 201-500 employees
it_user698436 - PeerSpot reviewer
ESS Security with 201-500 employees

No scalability issues.

View full review »
it_user697185 - PeerSpot reviewer
Consultant

Still working on this.

View full review »
it_user387540 - PeerSpot reviewer
I.T. Security/Projects Specialist at a tech services company with 501-1,000 employees

We've not had any issues scaling yet.

View full review »
it_user241749 - PeerSpot reviewer
Security Engineer at a tech services company with 501-1,000 employees

There were some issues.

View full review »
SF
System Engineer at a tech services company with 501-1,000 employees

It's a scalable product. We have approximately 2,000 users in our organization.

We have plans to continue to use it.

View full review »
OC
Network Engineer at IT Security

Scalability is good. 

View full review »
it_user456837 - PeerSpot reviewer
Project Manager with 11-50 employees

We did not encounter any issues with scalability.

View full review »
it_user242523 - PeerSpot reviewer
Network Security Administrator at a tech company with 5,001-10,000 employees

No issues encountered.

View full review »
MS
Network Security Presales Engineer at a tech services company with 51-200 employees

It's scalable indeed.

Our clients are SMB Enterprise.

View full review »
it_user857937 - PeerSpot reviewer
ICT Manager with 1-10 employees

It can be used by multiple users.

View full review »
it_user674844 - PeerSpot reviewer
Executive Manager with 11-50 employees

I have not encountered any issues with scalability.

View full review »
it_user240570 - PeerSpot reviewer
Network, Unix and Security Engineer at a tech services company with 501-1,000 employees

No issues encountered.

View full review »
it_user764139 - PeerSpot reviewer
Solutions Architect at a tech services company with 51-200 employees

No scalability issues.

View full review »
BB
Security Consultant at a tech services company with 51-200 employees

The scalability is good.

View full review »
it_user747591 - PeerSpot reviewer
Technical Administrator at a tech services company

No scalability issues yet.

View full review »
it_user570603 - PeerSpot reviewer
IT Manager at a manufacturing company
it_user241743 - PeerSpot reviewer
Network System Engineer with 51-200 employees

No issues so far.

View full review »
Buyer's Guide
Cisco Secure Firewall
March 2024
Learn what your peers think about Cisco Secure Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.