Cisco Adaptive Security Appliance (ASA) software is the core OS for the ASA suite. It provides firewall functionality, as well as integration with context-specific Cisco security modules. It is scaled for enterprise-level traffic and connections.
N/A
WatchGuard XTM - Discontinued Product
Score 8.0 out of 10
N/A
WatchGuard XTM is a firewall option, from WatchGuard Technologies.
N/A
Pricing
Cisco Adaptive Security Appliance (ASA) Software
WatchGuard XTM - Discontinued Product
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cisco Adaptive Security Appliance (ASA) Software
WatchGuard XTM - Discontinued Product
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Cisco Adaptive Security Appliance (ASA) Software
WatchGuard XTM - Discontinued Product
Features
Cisco Adaptive Security Appliance (ASA) Software
WatchGuard XTM - Discontinued Product
Firewall
Comparison of Firewall features of Product A and Product B
We moved our operations entirely to the cloud a few years ago. We loved the stability and scalability of the ASA and wanted to, somehow, keep using it. We discovered that ASA was available in the cloud as well and it was branded ASAv. We tested it and noticed that it was equally robust and a perfect fit for us. During the entire migration period, we used ASAv for cloud operations and put a lot of load on it. ASAv performed very well and gave us an easy transition from on-prem to the cloud.
The web filter is complicated when you don't have a server to log in users. Companies using static IPs. They have to be clear about the number of users that the company has in order to obtain the correct model since each one has its resources according to the number of users.
They are simple to set up and configure. With just a few months of experience you can easily deploy any series of XTM in mid to small environments in minutes. I can deploy clustered M5600 in an enterprise within 30 minutes straight from the box, that's easy.
They are very reasonably priced and competitive in the market. For small and mid-sized businesses it's hard to beat the bang for the buck.
After setting them up, it's also very easy to fine tune and manage them. The packet monitor is very useful in troubleshooting and I use it to tighten down rule sets.
Dimension is a great packet analyzer and I think they still offer it as a free tool.
The Java based ASDM can botch commands and isn't compatible on some more locked down systems.
Monitoring. Really the same complaint as above, the monitoring available through the ASDM is crappy at best. A much better solution is to send the logs and mirror packets to a SEIM, but that can create issues of its own when looking for realtime analysis.
Compatibility across other ASA models. ASA 5520s don't play well with 5525X which don't play well with older 5510s. Each is great on it's own, but it's next to impossible to logically stack them or have them as layers of firewalls in an infrastructure.
Lack of cloud based management. The Cisco Meraki security devices do this well, but the ASAs are still behind in this regard.
To be honest there has been now great products out in the market compared to Cisco ASA. I beleieve Cisco has to do a lot of improvement in this area. The other defeiniete factors is the cost when it comes to renewals which is always a premium on Cisco products
I generally have not noticed the outages, however since it's a machine it can malfunction, we need to implement the firewall infrastructure in such a way that it is highly available with device failure, region failure etc. Else any solution will be having the issues if they are not build with resiliency.
The support is usually very good and gets back to you very quickly. However I had some instances of when two engineers will give me wildly different answers to what I thought was a simple question. Overall however I do rate the support highly and they are generally always very good.
It was quite a good one, how ever requires an expertise to deploy hence the SMB segment would be finding it difficult to implement this product. The one good reason is that there are lot of ASA certified engineers in compared to the other certified engineers. Hence this resembles positively on the deployment as you have quite a lot of experienced engineer on your deployment
Cisco has made it easy to buy, set up, and manage all of our firewalls with the central FirePower Management Center. All licensing is done via one license portal too. Tech support is standardized for all ASA devices and like support engineers who know the different models to provide timely help for any issues. Cisco Talos is a premier could platform which scours the internet looking for threats and develops protections for the ASA's and as such provides zero second coverage when it best can detect global issues.
The 5510 is still being used in one of our setups, and still doing its job this is a lot of Return on Investment.
We have managed to turn around projects quickly because most of our engineers understand this firewall very well. We deploy them in a matter of minutes[.]
