Anonymous UserNetwork Security Engineer at a tech services company
Anonymous UserManaging Director at a tech company
Andy DibbleIT Manager at Flare Technologies
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"I like the user interface because the navigation is very easy, straightforward on your left side pane you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward."
"We have multiple secure internal networks linked with our plants. We are from a oil company, so we have multiple plant areas which need to have restricted network access. Therefore, we are using it for restricting access to the plant area."
"The initial setup was completely straightforward."
"I would say the Firepower module is most valuable. I'm trying more to transition to this kind firewall. I had to study a little on Palo Alto Networks equipment. There is a lot I have to learn about the difference."
"The feature that I found most valuable is the overall stability of the product."
"The stability of Cisco ASA is excellent compared to other products on the market. Because of our customer experience as an integrator company, our clients never report any performance problems. We have a good performance reputation with Cisco ASA."
"Right now, Cisco ASA NGFW has given us a lot of improvement. We are planning to move to a new facility and will be a much larger organization."
"Cisco ASA NGFW significantly improves our bank. It protects any high-value products that we use from hackers, viruses, malware, and script-bots. It gives us metrics on network traffic as well as what kind of attacks we are getting from the outside."
"The most valuable feature is the scalability. The nice thing with the bigger vendors is that they're very good at scale."
"I'm able to transfer data over internet network security. With the GRE I'm able to transfer data within one bunch to another bunch in a public way, like the internet. The communication is encrypted and is private. It gives me added privacy."
"Previously, anyone in the organization would see any data point in the wall. They could just go and connect their machine with that data point and could access the network. But now, even if someone came and tried that, they will not be given access."
"We use Cisco IOS Security mostly for routers to route off the firewall. It's a next-generation device."
"The VPN is the most valuable feature."
"You can scale it when you need to."
"I've found their network routing to be very good."
"Cisco IOS allows us to keep the same security features as our principal offices."
"The statistic feature enables us to better use bandwidth management. We monitored the use by mobile, type of application, department, and by users. The bandwidth was solid. Our internet speed is optimized for our research."
"The flexibility of the system, the capacity to provide the right level of security, and the ability to be integrated into different kinds of infrastructures are the most valuable features."
"The most valuable feature is to provide users with the ability to log in to the portal page, keep track of their data usage and perform bandwidth management."
"All of the features of Kerio Control are equally good. Most valuable to us are the firewall rules, the intrusion detection system, and IP address features."
"What I like the most about Kerio is that I can use the software appliance as a solution, so if the hardware fails for any reason then I can quickly replace it with hardware that I have in stock."
"It prevents people from visiting undesirable sites and ensures that they use the internet for their designated jobs."
"The user interface and the ease of use are pretty good. Everything fits together so nicely."
"The routing of the multiple internet physical routers I have is the most valuable feature of this solution. Instead of me physically unplugging a cable from one router to the server, if one connection goes down, it automatically switches for me. So I can have all three of them plugged in. If one goes down, it just picks up the other one automatically. There's no physical cable swapping."
"If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own."
"Most of the time, when I try to run Java, it is not compatible with ASA's current operating systems."
"We have to rely on Cisco ASDM to access the firewall interface. This needs improvement. Because we have a web-based interface, and it is a lot more user-friendly."
"The installation and integration of Cisco ASA with FirePOWER can be improved. The management with Fortigate is easier than Cisco ASA on FirePOWER. The management side of Cisco ASA can be improved so it can be more easily configured and used."
"One of my main concerns, an area that could use improvement is in adjusting the need to buy a license to enable features."
"Usually, the customers are satisfied, but I am going to recommend that all clients upgrade to FirePOWER management. I want Cisco to improve the feature called anti-spam. We use a Cisco only email solution, that's why we need the anti-spam on email facility."
"There is no support here in Georgia. If something goes wrong, support is not always very helpful with the other firewalls or other products."
"Cisco should improve its user interface design. There is a deep learning curve to the product if you are a newcomer."
"I would like to see much more embedded security that works and that isn't a bolt-on."
"There's a technology called SD-WAN that we would like to see. We are unable to handle multiple connections or to automatically load balance. I would like to have a feature that enables us to automatically prepare for load balancing."
"We have a very bad experience on the support. They take too much time requesting logs, and they are not coming directly online to resolve the issues."
"Most of their features are meant for Cisco. You cannot integrate them with any other vendor."
"The routers, don't have like long-term tendency features, or higher availability features available for the IOS. It could also use a better user interface."
"If they could increase the performance a little better because the device sometimes gets slow."
"I wish it would be more like the next generation firewall technology. There should be more selection between the application and filtering."
"I think setup could be one area for improvement, because sometimes we don't have people inside so we have to move to the place."
"I would like for them to add more security features."
"The improvement that we are looking for is for when decide to move some part of our application to the cloud."
"I would like to be able to inspect https packets for the purpose of virus scanning."
"Kerio Control has just improved on their biggest problem, which was to introduce better support for high-availability requirements in production."
"Their support is getting better but still needs improvement."
"Improvements are needed to the Next Generation Firewall Protection, specifically with user-level protection."
"The one thing that did put me off of the solution was that, after they were taken over by GFI, the licensing and a few other items have gotten very complicated."
"I would like it if the interface section had multiple failovers. Although I do have three connections, just in case our physical cables get disconnected, I can only set up one failover as a backup. So, if for some reason our fiber and our AFM went down together, I would have to have it search for our 4G modem. I'd love to have extra backups running."
"Licensing is expensive compared to other solutions."
"The cost is a big factor for us. This is why we are using it only in our restricted area. They are very much higher than their competitors in the market."
"We paid about $7,000 for the Cisco firewall, plus another small Cisco router and the lead switch. It was under the combined license. It's a final agreement."
"Watch out for hidden licensing and incredibly high annual maintenance costs."
"I bought a license for three years and it was really affordable."
"With AnyConnect, it depends on your license. It depends on the number of concurrent users you want to connect."
"This solution might be expensive, but it is economical in the long run."
"Some of our customers would be more likely to standardize on Cisco equipment if the cost was lower because a lot of people install cheap equipment."
"The pricing is very expensive. Normally I do a yearly contract; I don't know the exact pricing, but it's around $75,000 USD per year. That's the standard licensing."
"The licensing is on a subscription basis, and it is fairly costly. I would prefer a one-time payment."
"The licenses for this solution are expensive."
"It is an expensive solution."
"The pricing is okay. It is competitive. It costs more when you need get more features."
"Price is certainly something that the IOS technology has fallen behind the competition on."
"It's very affordable."
"The pricing is in-line with our expectations in terms of the quality that we get for it."
"There is a yearly upkeep fee."
"My advice is to use your own hardware, and do not use theirs."
"It is priced low enough for entry-level, but it has the power to grow with a company without them having to replace it."
"The biggest advice that I could probably give people is when you buy the solution be prepared to either buy the unlimited license or buy more licenses than you think. Each user license gives you one employee and each a user gives you five devices. In the world nowadays where everybody has a cellphone, tablet, desktop, and laptop, that's four devices. You still get one more device per person. That covers your servers and back-ends."
"It is a good fit for SMBs because of its maintainability. When you want to keep your costs low, then Kerio Control is a very good solution. It's not an expensive product that is well integrated. It has a complete set of features within it that make it a very strong product."
"GFI has made a stupid decision regarding small office licensing. For offices where there are only three to five employees and had five years towards a five user product, they now force these customers to a 10-year user license. I really don't understand it. It's a stupid decision for the small offices who want a good solution for security because they'll probably decide to go to another product. Why should they buy something that they don't use?"
Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.
Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.
Kerio Control brings together next-generation firewall capabilities -- including a network firewall and router, intrusion detection and prevention (IPS), gateway anti-virus, VPN, and web content and application filtering. These comprehensive capabilities and unmatched deployment flexibility make Kerio Control the ideal choice for small and mid-sized businesses.
Cisco IOS Security is ranked 16th in Firewalls with 16 reviews while Kerio Control is ranked 7th in Firewalls with 31 reviews. Cisco IOS Security is rated 8.2, while Kerio Control is rated 8.0. The top reviewer of Cisco IOS Security writes "Prevent unauthorized use of network resources and integrate branch offices with reliability". On the other hand, the top reviewer of Kerio Control writes "Through the ease of how quickly we could roll out the VPN to everybody, we had whole companies remotely working overnight". Cisco IOS Security is most compared with Zyxel Unified Security Gateway, Fortinet FortiGate, pfSense, OPNsense and Sophos UTM, whereas Kerio Control is most compared with pfSense, Fortinet FortiGate, Sophos UTM, Sophos XG and Sophos Cyberoam UTM. See our Cisco IOS Security vs. Kerio Control report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.