Tech specs
1-8 of 320 reviews
What is our primary use case? Our main use cases include segmenting different networks for IPS and IDS, using it for basic firewall purposes, controlling ACLs, and monitoring traffic to identify issues within the network. What is most valuable? Currently, I find the event viewer feature of Cisco Secure Firewall very useful as it visually displays what is being blocked or allowed by the ACL. I also appreciate the improved visual presentation of the ACL layout. We have many different opportunities to share incidents with individuals on how traffic flows through the network, and we utilize Cisco Secure Firewall features such as network packet inspection to ensure that policies are applied correctly and to monitor traffic for what is blocked, allowed, or denied. Cisco Secure Firewall's ability to unify policies across our environment is pretty good. We can deploy different features and ACLs between various firewalls easily with the FMC, which has improved significantly from the initial deployment time, which was once poor and is now manageable for multiple firewalls. We use the new AnyConnect or Secure Connect VPNs, which works pretty well. Although we haven't switched to the latest series to utilize the VPNs fully, I appreciate the deployment phase where we can track our deployment progress. What stands out positively about Cisco is their training and support, which has effectively prepared engineers to work with their products. When hiring, I find it beneficial that most network engineers are familiar with Cisco, whereas I might question the expertise of those trained with Palo Alto or Fortinet. Performance-wise, Cisco seems to be the best. For instance, my sister company uses Palo Alto and Juniper and reports a high RMA rate. In contrast, we have only RMAed one Cisco Secure Firewall in six years, indicating stability and dependability. The interface of Cisco Secure Firewall works effectively once you become familiar with its layout, although hiring engineers requires training on the platform, especially as updates occur. They should prioritize adding to the existing product rather than overcomplicating it with new features that may not be necessary. What needs improvement? Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly. For how long have I used the solution? I have been using Cisco Secure Firewall for about six years. What do I think about the stability of the solution? The process of expanding the usage was fairly smooth. My assessment of the stability and reliability of Cisco Secure Firewall is great from a hardware perspective, yet only okay from a software perspective. I have experienced downtime crashes and performance issues. Specifically, the FTDs have had High Availability (HA) issues, which I struggle to understand, especially concerning switch connections and HA setups between firewalls. We have often encountered split-brain scenarios during failover processes and code upgrades, which have been persistent problems for us. It seems that Cisco lacks enough skilled technical support engineers to quickly resolve these issues, often requiring escalation that takes too long. What do I think about the scalability of the solution? Cisco Secure Firewall scales incredibly well with our growing needs. We recently transitioned to the new 4100s and we have only just reached the firewall's limitations after five years, indicating that it has been able to build for our future success. How are customer service and support? I would rate customer service and technical support about a five out of ten, sometimes dipping to a four depending on the time of day. As in many support models, the quality depends on the region. Some TAC engineers are better in specific areas, such as India or South America. However, they often lack the skills to troubleshoot effectively, leading to repetitive troubleshooting sessions and unresolved issues. How would you rate customer service and support? Neutral Which solution did I use previously and why did I switch? Prior to adopting Cisco Secure Firewall, I used solutions such as SonicWall and Juniper firewalls. I didn't prefer Juniper and found Cisco Secure Firewall to be the most stable firewall I've worked with. How was the initial setup? The deployment time could be improved. The deployment was good, however, it could be sped up. There was a bit of a learning curve as well. What works well is the interface. It's pretty good as far as knowing where to go and the layout. When hiring engineers, they need to know the platform. In terms of updates, sometimes they bolt on too much. What was our ROI? I have not seen ROI with Cisco Secure Firewall initially, however, over time, it has paid for itself as we scale our business. What's my experience with pricing, setup cost, and licensing? My experience with pricing, setup costs, and licensing was a nightmare. It is indeed challenging as Cisco has too many variations of support with no clear explanation of what you are actually getting. Sales representatives try their best but often fall short, making it complicated for users to understand what licenses are included with the product, leading to confusion over various levels of support. Which other solutions did I evaluate? Before selecting Cisco Secure Firewall, I considered Fortinet and Palo Alto, and I even thought about sticking with ASAs. We still operate a couple of FTDs alongside ASAs, which creates internal competition. Fortinet, in particular, has remained a competitive option. What other advice do I have? We did not purchase this on the AWS Marketplace. My advice to organizations considering Cisco Secure Firewall would be to recognize the tendency for Cisco to overcomplicate things. However, they are striving for simplification in their firewall products. If someone has experience with ASAs, they can adapt to FTDs as easily. Cisco should focus on learning from competitors to enhance its features and remain competitive in the market. If you want a stable solution with fewer vulnerabilities, Cisco Secure Firewall is likely to meet your needs as it requires fewer upgrades compared to competitors. On a scale of one to ten, I rate Cisco Secure Firewall a seven. Which deployment model are you using for this solution? On-premises Disclaimer: My company does not have a business relationship with this vendor other than being a customer.
What is our primary use case? My main use cases for Cisco Secure Firewall include certain requirements from the energy sector, NERC CIP compliance, acting as a perimeter security device, doing layer three routing for us, and VLAN segmentation, as well as creating DMZs. How has it helped my organization? These features benefit my company by reducing my troubleshooting time, and in the energy sector, time is money, so it does help. The time reduction depends on how quickly someone gets used to it. What is most valuable? The feature of Cisco Secure Firewall I prefer most is troubleshooting, packet capture, and packet tracer; I love those features. You can quickly run certain commands on CLI or on FMC CLI to find out what could be the root cause, and it varies from person to person, but it's very useful. I prefer Cisco since it has been here for a very long time, we have a good relationship with the sales team and Cisco representatives, and the support is pretty good, providing us with 24/7 support, which makes me pretty happy. Cisco Secure Firewall in helping my company implement a zero-trust security model. I've yet to try it, however, I'm very excited to work on it. My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is pretty good. We can build site-to-site tunnels and various ways of site-to-route based or policy-based, allowing us to see the packets and cap decaps, and Cisco CLI provides a way to see the packets inside, which is very helpful. What needs improvement? Cisco Secure Firewall's licensing model can be improved, as I struggle with it in an air-gapped environment. To make it a ten, a couple of challenges need to be addressed, particularly with the licensing model, as I'm looking for a permanent license solution for air-gapped environments. The second issue is the ROMmon mode, where during power outages the firewalls go into ROMmon mode, causing outages and financial loss until we can send someone on-site. For how long have I used the solution? I have been using Cisco Secure Firewall for almost six years. What do I think about the stability of the solution? The stability and reliability of the platform are pretty stable. The only challenge I see is with the substation, where when it loses power and there's no manual reboot, it ends up in ROMmon mode and requires a physical reboot, which means we have to send somebody on-site. It does not pick it up when the power goes out and comes back up, going into ROMmon mode, so I need better answers from Cisco about that. What do I think about the scalability of the solution? I'm not sure how Cisco Secure Firewall scales with the growing needs of my company. How are customer service and support? My experience with customer service and technical support has been good. If I were to rate customer service and technical support on a scale of one to ten, I would give them an eight. How would you rate customer service and support? Positive Which solution did I use previously and why did I switch? In the past, we have used other solutions such as Palo Alto and other vendors. I am more of a Cisco person and prefer Cisco. How was the initial setup? My experience with the deployment of Cisco Secure Firewall is that it's pretty straightforward. What was our ROI? The biggest return on investment for me when using Cisco Secure Firewall is reliability and robust network design. What's my experience with pricing, setup cost, and licensing? Regarding pricing and setup costs, apart from the licensing issue, Cisco products are on the pricier side. That said, they're worth it. We have over 500 substations plus our data center just on OT, and everything is Cisco, so we are a core Cisco customer, and as long as the product is reliable, it's worth every penny. Which other solutions did I evaluate? We did consider other solutions before choosing Cisco Secure Firewall. What other advice do I have? I'm not sure how Cisco Secure Firewall's ability to unify policies across my environment is, as I haven't tried that. I am not using Cisco SecureX with Secure Firewall; I'm using FMC for centralized management for the firewalls. The impact of the cloud-delivered firewall on my company's security posture is tricky. For compliance, we are not supposed to have anything cloud-based, so it must be on-prem. We're a big company and we can use it in some other parts of the network, just not for my team. Overall, I would rate Cisco Secure Firewall an eight out of ten. Disclaimer: My company has a business relationship with this vendor other than being a customer:Partners
What is our primary use case? We're using the solution as a firewall, for securing our whole network for students and staff throughout the whole school. How has it helped my organization? Cisco Secure Firewall's performance benefits my company by allowing us to shape the bandwidth and internet for staff with quality of service where it works better for them rather than students, or vice versa. When students are testing, you can adjust it for that too. What is most valuable? The performance part of Cisco Secure Firewall is pretty good. You can control the bandwidth and features such as bandwidth shaping and quality of service, and I appreciate that part. At our school, a lot of the kids use laptops, the staff use laptops, and they have Wi-Fi. I just tried the chat feature in Cisco Secure Firewall, and that was pretty cool; the AI worked pretty good when I tried it at home in the evening, so that was a nice feature. The visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic are pretty good too, as our finance department uses it, so keeping that part secure for them works out well. For our students, we have them in certain groups, and then our staff in certain groups, so with Cisco Secure Firewall, you can push out policies for each one. Cisco Secure Firewall is important. You can control what students are looking at, and if they're looking at something inappropriate, you can control it. You can also see which device is taking up more bandwidth. Regarding the zero-trust security model, Cisco Secure Firewall helps our company. Our students and staff have the ability to do whatever they need to do with their research. It helps them while keeping security top of mind. What needs improvement? I would like to see more about the pricing of Cisco Secure Firewall or maybe see it enhanced. For how long have I used the solution? I have been using Cisco Secure Firewall for about ten years now. What do I think about the stability of the solution? The stability and reliability of the Cisco Secure Firewall have always been good; it never falls, never fails, and it's always backed up, which is always good too. What do I think about the scalability of the solution? We have more kids and more staff coming in, so with Cisco Secure Firewall, just having that ability to add on more features is great. Currently, it appears we're barely using it, so we can add more with it, and we always have room for that, which is good. How are customer service and support? Whenever I call about a problem with Cisco Secure Firewall, they're always helpful and very knowledgeable, getting me to the right solutions I need. They're always willing to help afterwards too and send me documentation, which is always good. How would you rate customer service and support? Positive How was the initial setup? The deployment experience with Cisco Secure Firewall is easy, with a straightforward deployment. What was our ROI? From my point of view as an IT admin, the biggest return on investment when using Cisco Secure Firewall is seeing what kids are looking at, shaping what they're looking at, shaping the bandwidth, quality of service, and you can do all that with the firewall, too. It also helps in blocking kids from things and monitoring what staffers are looking at. What's my experience with pricing, setup cost, and licensing? I work for a school, so getting licensing and getting the budget for Cisco Secure Firewall for certain products is a challenge. It's good to have them, however, it costs us a lot. What other advice do I have? On a scale of one to ten, I rate Cisco Secure Firewall a ten. Which deployment model are you using for this solution? On-premises Disclaimer: My company does not have a business relationship with this vendor other than being a customer.
What is our primary use case? My main use cases for Cisco Secure Firewall are to help secure the network and control what we allow in and out of the network. How has it helped my organization? The benefits of Cisco Secure Firewall's features for my company include giving us more visibility into what's going on when there's either an attack or just normal traffic, allowing us to see what's going through it. What is most valuable? The feature of Cisco Secure Firewall that I appreciate the most is the central management. The central management feature makes it easier to configure once, push out, and replace firewalls when they go bad. It's nice to have one pane of view, one pane of glass. I assess Cisco Secure Firewall's ability to unify policies across my environment as definitely easy. We just do it through the one central management and then push it out from there. It is important for our organization to have such a feature. The importance of this feature lies in that it just helps standardize our configuration approach, allowing us to ensure that our ideas get pushed out to everything. What needs improvement? Cisco Secure Firewall could be improved by providing more visibility, especially regarding encryption, to be able to see what's in those traffic flows. More application visibility would also help; it knows about certain types of traffic yet not everything. It would be awesome if it knew everything. To make Cisco Secure Firewall a better product or a perfect product, visibility is a good improvement area. You sort of have to know the product to use it, so user and technical improvements should aim for simplicity. There's so much it does that I don't know how much more simple it could go, so I'm not sure what really could be improved. My impression of Cisco Secure Firewall's visibility and control capabilities in managing encrypted traffic is that somewhat limited. Most tools seem to be limited on encrypted traffic, so we don't get too much visibility into it—just the general type of traffic, not too much more than that. For how long have I used the solution? We've been using the solution for at least 15 years. What do I think about the stability of the solution? The stability and reliability of the Cisco Secure Firewall platform are very good; it's rock solid and has always just done its work. What do I think about the scalability of the solution? Cisco Secure Firewall is growing and handling everything we ask it to do, so it's performing that part effectively. How are customer service and support? I evaluate customer service and technical support of Cisco overall as good; it's definitely one of the better companies to work with. How would you rate customer service and support? Positive Which solution did I use previously and why did I switch? While using Cisco Secure Firewall, we did consider other solutions. We recently upgraded all of them to the latest edition of Cisco, and we looked at Palo Alto and other tools at that time, but those firewalls have been in place for about 15 years. I don't know what happened when we initially put them in, but we did do an evaluation three years ago and decided to stay with Cisco. How was the initial setup? The deployment seems to go well. I'm not the one personally doing it. That said, the guys I tell to do it get it done when we need it done. What was our ROI? I don't see a return on investment with Cisco Secure Firewall; it's more of a needed tool, just something we need to do to get business done, so I'm not really looking at it as a tool that would give us an ROI. What's my experience with pricing, setup cost, and licensing? My experience with the pricing, the setup cost, and the licensing of Cisco Secure Firewall has been what I expect; I'd always prefer it cheaper, but nothing too exorbitant. Which other solutions did I evaluate? Familiarity was the biggest reason for staying with Cisco; everybody knows how to use the Cisco CLI, so it wasn't worth the effort to swap out, as there were no big benefits from other solutions. What other advice do I have? I'm not sure if there are any new features or functionalities that I have tried recently in Cisco Secure Firewall; it's just been doing its work for a while now. I don't really use a cloud-delivered firewall as of today, so the only effect of not looking at it is speed. We're looking for the best performance we can get, and cloud usually isn't that. Cisco Secure Firewall helps us along the path to implementing a zero-trust security model, but there are a lot of tools and different paths to cover, so it's just really one tool in the arsenal. On a scale of one to ten, I rate Cisco Secure Firewall an eight. Which deployment model are you using for this solution? On-premises Disclaimer: My company does not have a business relationship with this vendor other than being a customer.
What is our primary use case? My main use case for Cisco Secure Firewall is to secure a data center. How has it helped my organization? They help keep our environment more secure. What is most valuable? The features I appreciate the most about Cisco Secure Firewall are the policies, ACLs, and traffic behavior analytics. These features have benefited my organization by keeping the environment more secure within the organization. If I assess Cisco Secure Firewall's ability to unify policies across my environment on a scale of one to ten, it would be an eight. This is very important to my organization, as we work extensively with security because we are a bank, so we can keep the data safe. What needs improvement? I have not recently used any new features or functionalities in Cisco Secure Firewall, however, I would want to try more visibility and observability. My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is that it can improve. There is some traffic that is encrypted that needs to be decrypted to catch something and analyze and give some analytics, so that part needs to work more. The dashboard needs to be more intuitive and easier to navigate. What stood out to me about Cisco Secure Firewall that made me choose to use it is that it is intuitive, but I feel it could be improved further in terms of intuitiveness. It could be improved to achieve easier configuration and more efficiency. For how long have I used the solution? I have been using Cisco Secure Firewall for eight years. How are customer service and support? I would evaluate the customer service and technical support on a scale of one to ten as a ten, as they have expertise and provide solutions for the most difficult problems, so we have had a very good experience. How would you rate customer service and support? Positive Which solution did I use previously and why did I switch? We did have Fortinet previously. That had a more intuitive dashboard. Which other solutions did I evaluate? We did consider other options, including Juniper. What other advice do I have? I did not purchase via AWS Marketplace. At the moment, we are not using the cloud-delivered firewall. It could be better regarding encryption and encrypting traffic. I have not seen that part and we do not use it since we use it on Fortinet, however, that would be something that helps to keep the network more secure. I would advise other organizations considering Cisco Secure Firewall that they can trust Cisco Secure Firewall and that they should provide training for their staff to achieve better and more efficient work. On a scale of one to ten, I would rate Cisco Secure Firewall overall as an eight. Which deployment model are you using for this solution? On-premises Disclaimer: My company does not have a business relationship with this vendor other than being a customer.
What is our primary use case? My main use cases for Cisco Secure Firewall are mainly user access to the internet and blocking firewall sites. How has it helped my organization? With the centralized management of Cisco Secure Firewall, it's good in unifying policies across my environment. The simplicity and supportability are important to my organization as it's much easier if everything's the same as much as possible. What is most valuable? I appreciate that the central management of Cisco Secure Firewall is from one location, which saves a lot of time. The IPS protection is good for us for security reasons. The central management feature of Cisco Secure Firewall saves one location instead of having to log on to multiple locations, which speeds up deployment of any changes or requirements for monitoring. What needs improvement? The upgrading process of Cisco Secure Firewall is a long process on a per-firewall basis, and it would be nice if that could be improved. One firewall can take two to two and a half hours to upgrade, so we end up having to watch it. It becomes a problem; in the old firewall days, it would be about a ten-minute job. I know it's more complicated with the newer firewalls. It's just a long-winded process even if they have sorted it out a little bit with automation. For how long have I used the solution? I have been using Cisco Secure Firewall for probably about eight years. What do I think about the stability of the solution? I have not had one Cisco Secure Firewall fail so far, which shows it is stable and reliable. Right now, I have not experienced any downtime, crashes, or performance issues with Cisco Secure Firewall. What do I think about the scalability of the solution? Cisco Secure Firewall scales with the growing needs of my organization, as we have different models and sizes, and our central boxes are powerful enough to cover whatever we want whenever we want. How are customer service and support? My evaluation of customer service and technical support for Cisco Secure Firewall is that I have generally hardly ever had to use them. We did two weeks ago, and it was a very quick response that identified exactly where the issue in our configuration was. Two weeks ago, I received a very quick response from customer service, which identified exactly where the issue on our configuration was, and it went very smoothly, so out of ten, I would give it a nine. How would you rate customer service and support? Positive Which solution did I use previously and why did I switch? Prior to adopting Cisco Secure Firewall, I was also using previous Cisco firewalls, and before that, we had Fortinet and Juniper. The factors that led me to consider the change to Cisco Secure Firewall were actually price, as Cisco's was a very competitive price, and we received a very good deal. How was the initial setup? My experience with the deployment of Cisco Secure Firewall has been generally okay. What was our ROI? I have seen a return on investment with Cisco Secure Firewall since we run them for a long time. Our current Cisco Secure Firewall units have been in place for probably over three years now, and at the moment, we're not looking to replace them, indicating a good return on investment since they last and are supported quite a long time after they're released. What's my experience with pricing, setup cost, and licensing? My experience with pricing, setup costs, and licensing for Cisco Secure Firewall shows it can be expensive, especially the bigger boxes, since they do a lot more and handle a lot more, with a big jump from the smaller firewalls to the big firewalls. Which other solutions did I evaluate? The other solutions I considered before selecting Cisco Secure Firewall include Fortinet, Juniper, and Palo Alto. We're generally a Cisco house and have been for quite a few times with the old Cisco firewalls, so it was a natural progression. What other advice do I have? We did not purchase the product on AWS Marketplace. We actually don't do that much encrypted inspecting traffic at the moment with Cisco Secure Firewall, which is something we want to look at. We just want to make sure we don't max out the CPU with the many jobs it does. Cisco Secure Firewall will be a building block part of our zero-trust security model, however, there will be a few other parts needed, such as Cisco Secure Access. I have not really expanded the usage of Cisco Secure Firewall. My advice to other organizations considering Cisco Secure Firewall is that it does what it says on the tin; it works, it's reliable, and I have never had one fail, so I think it's good. On a scale of one to ten, I rate Cisco Secure Firewall a nine. Disclaimer: My company does not have a business relationship with this vendor other than being a customer.
What is our primary use case? My main use cases for Cisco Secure Firewall include revamping old networks, security, content filtering, amp protection, et cetera. What is most valuable? Cisco Secure Firewall is easy to configure, and you can do it all in one pane of glass. It is really simple to configure. The solution allows my junior admins to go into the dashboard and look at any issues or reconfigure any features that need to be tweaked without me physically having to be there. I have been using the assurance feature in Cisco Secure Firewall recently, and I am starting to see that it is a lot more beneficial for me, with all the analytics and reporting that it provides. Cisco Secure Firewall allows us to pinpoint exactly where the packets are being delivered or dropped, and we are able to identify issues quicker than with other models or other vendors. I assess Cisco Secure Firewall's ability to unify policies across my environment as having ease of building. We need to be able to scale and deploy without running a bunch of commands, especially when managing multiple locations acting as separate entities. It is important to my organization since our team is really small. As an engineer, it is just myself and a few juniors. I can verbally tell them to look at specific things or deploy certain features. It gives them the confidence to touch a firewall without being insecure. The impact of the cloud-delivered firewall on my organization's security posture is very important. It allows us to place certain policies compared to the old infrastructure that is currently in there, with outdated hardware. It allows us to control the firmware and deploy the firmware. In evaluating Cisco Secure Firewall, I find that it helps us implement a zero-trust security model by allowing us to create one policy and deploy it across all of our networks versus multiple agents. Cisco Secure Firewall is very helpful and convenient for me. What needs improvement? I faced challenges moving away from the MS switches to the CS switches, as it is a little different. I am experiencing some small issues with IP reservations, however, I am working with the Meraki engineers to work around or configure it the next day. Regarding stability and reliability, I have experienced false negative alerts with the CS models, which indicate that my switch has gone down when in reality, it has not. That is a fix that is needed. For how long have I used the solution? I would say I have been using Cisco Secure Firewall for the past two months. What do I think about the stability of the solution? Regarding stability and reliability, I have experienced false negative alerts with the CS models, which indicate that my switch has gone down, but in reality, it has not. That is a fix that is needed. What do I think about the scalability of the solution? Cisco Secure Firewall scales tremendously with the growing needs of my organization. I know in the future we are going to start deploying SD-WAN and other applications that will require all of our clinics to connect to our HQ, and deploying Meraki will make their IPsec tunnels very seamless. How are customer service and support? I evaluate customer service and technical support based on productivity. If I can reduce ticketing by 10% to 20% by deploying these solutions, I consider or job done. On a scale of one to ten, I would rate the customer service and technical support of Cisco a ten. There is always someone on call. They are very thorough; they know the product and work with you to resolve issues. That is important for me. How would you rate customer service and support? Positive Which solution did I use previously and why did I switch? Prior to adopting Cisco Secure Firewall, I was using different solutions at various locations. As we transition and take on these clinics, we have anywhere from home networks, where someone's uncle installed something, to very outdated firewalls. When we come in and present Meraki and what it can do, it becomes a done deal. How was the initial setup? My experience with the deployment of Cisco Secure Firewall has been awesome. I come in when they have the old network and deploy it. I install a cabinet and new drops. I configure the Meraki gear onto their old network side by side. Especially during downtime, I can plug the firewall into that rack to get the external IP configured. Once my ISP comes in, I apply those IP addresses to the firewall. What was our ROI? I have seen a return on investment with Cisco Secure Firewall. What's my experience with pricing, setup cost, and licensing? I handle pricing, setup costs, and licensing with our vendors. I contact our vendors, we go over the pricing and the licensing. I make sure they get all the proper codes. As I purchase and license these firewalls, it is all in one place and easy to read and do. Which other solutions did I evaluate? Before selecting Cisco Secure Firewall, I considered Fortinet, which was probably one of the bigger competitors, and SonicWall. We thrive in the Meraki policy. What stood out to me in the evaluation process, compared to other options, was the ease of deployment, the dashboard, being able to manage everything in one place, and Meraki support. What other advice do I have? I did not purchase the product on AWS Marketplace. My advice to other organizations considering Cisco Secure Firewall is to make sure they plan for their organization. Plan for your growth, a three-year growth, and then scale your solutions accordingly. On a scale of one to ten, I would rate Cisco Secure Firewall overall a solid ten. Which deployment model are you using for this solution? On-premises Disclaimer: My company does not have a business relationship with this vendor other than being a customer.
What is our primary use case? Our main use cases for Cisco Secure Firewall include firewall, IPS, and URL filtering. What is most valuable? The feature of Cisco Secure Firewall that I prefer the most is IPS. I appreciate the IPS feature because it's built in and I can control it using the FMC and push out the policy company-wide, making it centrally managed. The IPS benefits my company because that's one of the requirements; we used to have separate IPS. Now it's all integrated, providing ease of use for us. Cisco Secure Firewall has helped my company achieve its goals because it's a next-generation firewall. That's what we need to maintain certain compliance from the security side. Having IPS built in, firewall, URL filtering, everything is centrally managed, so we have more visibility and management. What needs improvement? Compared to the previous generation, the ASA, firewall rules appear differently in the ASDM and the previous generation firewall versus FTD, which I don't prefer as much. The ASA makes it easier to view those policies. There could be some improvement in the way FMC displays the policy. For how long have I used the solution? I have been using Cisco Secure Firewall in my company for the last two years. What do I think about the stability of the solution? I haven't seen any breakdown or instability; the platform has been stable, and we haven't had any issues. What do I think about the scalability of the solution? Cisco Secure Firewall scales with the growing needs of my company as we're going to implement clustering. I've used clustering in my past experience; it's very easy and straightforward. We had some minor issues with the clustering. I appreciate the clustering capability, though I haven't implemented it in my current job. How are customer service and support? The customer service and technical support have been great; they've always been great. How would you rate customer service and support? Positive Which solution did I use previously and why did I switch? I considered other solutions such as Palo Alto before choosing Cisco Secure Firewall. We were using Palo Alto, but we decided to go with Cisco because of its ease of use. We were a Cisco shop, and there's a micro facility where you can migrate all the ASA to the firewall. How was the initial setup? The deployment process of Cisco Secure Firewall is simple enough. Out of the box, you perform the initial management configuration, specify the FMC location, join FMC, and then you can manage it from FMC. The process is straightforward and simple. What was our ROI? From my point of view, the biggest return on investment when using Cisco Secure Firewall is the single pane of glass, which is a huge plus for us. Having that visibility, managing all the alerts, IPS alerts, vulnerability management - everything is a huge plus. What's my experience with pricing, setup cost, and licensing? My experience with the pricing, setup costs, and licensing is that it's consistent. I don't have much visibility on the licensing side, but I assume it remains the same. Which other solutions did I evaluate? There are differences between Palo Alto and Cisco, particularly on the cloud side. Palo Alto has Prisma Cloud and additional tools. I would say Cisco has room for improvement in that area for the future. We're not heavily in the cloud, so for us, it's not a significant concern. What other advice do I have? We haven't used any new features or functionalities in Cisco Secure Firewall recently, but we plan to try file scanning, focusing more on the malware side, AMP and everything. That's something we want to try next. My impression of the visibility and control capabilities of Cisco Secure Firewall in managing encrypted traffic is limited as we haven't tried SSL encryption yet. That's something we might explore in the future. Regarding Cisco Secure Firewall's ability to unify policies across my environment, managing via FMC ensures accuracy. Unifying policies is essential for my company because it provides one pane of glass. Software pushes, policy implementation, traffic monitoring, and having all alerts in one place are crucial. The impact of the cloud-delivered firewall on my company's security posture is significant. Having the same FTD running in the cloud, managed by FMC, is our future direction. We currently implement this with Azure. Regarding zero trust security model implementation, we are exploring options with SD-WAN, both on-premises and in the cloud with firepower. I'm meeting with a Cisco engineer next week to discuss implementation strategies. I don't see anything that needs improvement in Cisco Secure Firewall; we've been very satisfied with it. I've been using FTD for almost five to seven years now, including with a previous company, and heavily worked on migration from ASA to FTD. From one to ten, I would rate Cisco Secure Firewall a ten. Which deployment model are you using for this solution? On-premises Disclaimer: My company has a business relationship with this vendor other than being a customer:Partnership
