TrustRadius Insights for Cisco Adaptive Security Appliance (ASA) Software are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Pros
Ease of Deployment and Configuration: Users have consistently praised the Cisco ASA for its seamless deployment and user-friendly configuration process. They find it straightforward to set up, allowing for a quick integration into their network security infrastructure.
Centralized Management and Convenience: The web-based interface for centralized management is lauded by reviewers for its ease of use and time-saving convenience. It simplifies tasks such as license setup and software maintenance renewals, enhancing overall operational efficiency.
Performance-Driven Security Features: Customers appreciate the robust security capabilities of the Cisco ASA, which not only provide adaptable protection but also include an advanced analytics engine to effectively identify and mitigate potential security threats.
Cisco Adaptive Security Appliance (ASA) Software is used to create and enforce security policies to control the traffic entering and exiting the organization's network. We also use its VPN functionalities, allowing remote users or branch offices to securely connect to the organization's network.
Pros
Centralized Management
Intrusion Prevention System
VPN Concentrator
Cons
Cloud Integration
Reporting
User Interface and Management
Likelihood to Recommend
Cisco Adaptive Security Appliance (ASA) Software is well suited for large enterprise environments where robust firewalling capabilities are required to protect complex networks. Its VPN capabilities enable organizations to securely transmit sensitive data over public networks, ensuring confidentiality and integrity of communication between sites. Cisco Adaptive Security Appliance (ASA) Software may be less appropriate for small office/home office (SOHO) environments due to its relatively high cost, complexity, and resource requirements as well as unsuited for organizations with cloud architecture.
So we have shared usage of it and for us we really just implement rules and it to block allowed, deny whatever it is, traffic within our network.
Pros
We typically just use it to block traffic. It does what it is supposed to.
We just use it to monitor, block, allow. Blocks at the layer three.
Cons
Management, I would say a single pane of management that works would be good. Similar to the FTD, the FMC, being able to manage objects and security group objects in one pane. That would be good for the firewall versus having to manually create objects and monitor them across several different firewalls across several different contexts.
Likelihood to Recommend
Well, it's very suited for up to layer three maybe but it's not suited for layer seven or anything above layer three. So it's not that next-gen smart.
VU
Verified User
Employee in Information Technology (1001-5000 employees)
We have several Cisco ASA and FTD firewalls in use within our organization. The ASA name is the legacy platform for the now current FTD firewalls. Both platforms provide security access for both internal networks to communicate and for external to internal network accesses. Cisco does a great job providing firewalls that are easy to manage and configure (by a skilled network administrator). The central management system; FirePower is pretty straight forward to deploy changes needed to any firewall across our network.
Pros
centralized management via a web based interface
easy , one time license setup
easy yearly software maintenance renewal process and easy access to tech support when renewed
adaptable and performance driven to protect networks
excellent analytics engine to detect malware and security events and block them
Cons
rather expensive to get into for many models
working with cisco acct management is not easy and getting into a streamlined renewal process can be problematic
some software upgrade require other security changes which mean its a continual upgrading process to stay current. and can be cumbersome
Likelihood to Recommend
Cisco ASA's are great for internal network connected access between a firewall and the central management server. And, for complex networks where high security requirements with overly strict compliance are necessary. For networks with limited connectivity to the core or for poor network connectivity these are not the best solution. There are other more stand-alone firewall's that do this better. These firewall's are a little more complex to set up to start with so significant knowledge of these devices is required to set them up and ensure they are best practice installed.
VU
Verified User
Administrator in Information Technology (201-500 employees)
Our employee count was growing and we wanted to have a scalable, easy to administer and cost effective solution for a VPN concentrator. We wanted to support concurrent connections that was 2x our employee count. We chose Cisco's ASA as our VPN concentrator and that allowed us to scale with low administrative cost and a reasonable license/tooling cost. We also wanted to support 4 different entities, which ASA was able to help us achieve.
Pros
ASA is our VPN concentrator. The client and server are very stable and very easy to use
ASA also offers Intrusion Prevention, to an extent. This is also very useful for an improved security posture for a small company
ASA allowed us to scale very quickly. We could onboard clients, partners, and consultants and give them a great onboarding experience as well
Administrative costs with ASA are low. It's very easy to administer.
Cons
For small companies that require DLP, ASA could add a basic DLP system
ASA has an easy web administration screen. It's look-and-feel could be improved
ASA could develop and/or promote agentless VPN access
Likelihood to Recommend
We moved our operations entirely to the cloud a few years ago. We loved the stability and scalability of the ASA and wanted to, somehow, keep using it. We discovered that ASA was available in the cloud as well and it was branded ASAv. We tested it and noticed that it was equally robust and a perfect fit for us. During the entire migration period, we used ASAv for cloud operations and put a lot of load on it. ASAv performed very well and gave us an easy transition from on-prem to the cloud.
We have used ASA to interconnect branch offices and also as a gateway. It's been a good product over the past years. Nowadays a lot of firewalls have overtaken the product. Especially in terms of user-friendliness. Also, the performance of the product should be improved compared to the other firewalls out there in the market.
Pros
Vpn
Natting
Av scan.
Web filtering.
Cons
Definitely when troubleshooting. It should be made simpler.
AV scan engines should be improved.
Configuration can be made simpler.eg: Fortigate.
Likelihood to Recommend
It's well suited for the rigid environment. In remote site locations where there is difficulty in accessing it's not a good idea as it's difficult for an end-user to provide remote access to the device. I understand it could be a security issue. But there are other means it can be secured. 2FA should be integrated.
VU
Verified User
Administrator in Information Technology (501-1000 employees)
Our business uses ASA'a as firewalls and for routing. We route 2 incoming connections and route them to allow our customers to come in on one dedicated SLA provisioned fiber line and a general internet line for internet browsing. We also utilize the failover capability of the ASAs for redundancy. We will utilize the security features when we have completed an upgrade project.
Pros
Routing
Firewall
Security
Cons
Ease of use
Cisco's purchase model is difficult
Level of skill required
Likelihood to Recommend
These appliances are great for small or medium business that needs a higher level of security will additional functions able to be purchased. It is a great reliable device for routing and firewall use, I've monitored user activity and utilization of our internet connection bandwidth noted outside attacks, DOS type when we see slowdowns, found infected computers by seeing them communicate with outside systems. A lot of helpful resources in the ASA
VU
Verified User
Manager in Information Technology (51-200 employees)
We have been using Cisco ASA as a part of our company for many years. It is used for routing, [dating], site-to-site VPN, remote access to our internal network for our employees when they are not in the office.
Pros
Allows the users to connect to our office network from outside the office.
Straightforward interface for configuration of firewall rules.
Cons
Support is a little expensive
The GUI could use an update
NextGen features
Likelihood to Recommend
If your organization is a small business and you don't require advanced-level security then you can go with the Cisco ASA firewall. However, when you want to use a full L7 with NG capabilities, you should go with firepower.
VU
Verified User
Administrator in Information Technology (1-10 employees)
We use Cisco ASAs in our Datacentre and we deploy these firewalls for our clients, with users mainly working from home, AnyConnect VPN which works with this firewall helps a lot by facilitating a secure remote access connection back to the office. Also, users can [break out] to the internet using [a] secure [VPN] connection when accessing services like O365[.]
Pros
Easy deployment[.]
High availability by deploying a pair[.]
Make changes without having to reboot[.]
Supports firepower services for IPS and IDS[.]
Cons
The ASDM software is at times a nightmare to install because of different java versions[.]
[The firewall] could do with a power button, just to be able to do a hard reboot when needed[.]
It would be nice to manage the firewall via the web on port 443[.]
Likelihood to Recommend
The Cisco ASA is well suited for data centers, enterprise, and small offices. The fact that there are several models big, medium and small makes it easy to deploy certain models for small offices and bigger models for datacenters. I personally believe this firewall is great for many scenarios, l have deployed a pair to manage internet line failovers and single entry-level ones for small offices with ingle internet lines.
VU
Verified User
Engineer in Information Technology (11-50 employees)
Cisco Adaptive Security Appliance (ASA) is a powerful software that provides routing, network, and virtual private network (VPN) services. Our organization has implemented it, and our clients have IPSec site-to-site VPN. We use VPN tunnels between locations and use Cisco AnyConnect for VPN connections. For preventing unauthorized access to our managed networks, Cisco ASA devices excel. There are many options in Nat to customize it to our needs. Because it helps us categorize traffic and find problems, we're using it in all departments. ASA is a security device that combines firewall, NAT, intrusion prevention, and virtual private network functionality. It is the best for a firewall, router, and VPN device.
Pros
Easy to configure and edit Access rules, allowing users to connect to our office network from anywhere.
NAT rules and network access protection keep our network safe from unauthorized connections from the outside. We can set them up quickly and easily.
Customer service and technical assistance are top-notch with Cisco for this product. User web and application traffic can be easily accessed and monitored.
Cons
Infrequent rule/setting changes and an outdated Java plug-in for the Web interface.
When some appliances and apps don't work, the rules and settings are complex, so GUI-based configuration is not always a better option.
There is a lack of a learning curve for the full potential of the ASA and Central management features.
Likelihood to Recommend
As an infrastructure firewall, Cisco ASA is a good fit for our organizations' needs. In comparison to other solutions on the market, this one is less expensive. It has all of the security and routing features that you could ever want. We don't need to buy routers for our organization and easily configure this firewall's policy and NAT settings. We can easily configure and deploy this product in an existing network, and it will never misbehave or experience any downtime whatsoever. Moreover, the CLI is simple and user-friendly. ASA has many options for routing, nat, and VPN support, and I always recommend it.
