Cisco Firepower 4100 Series Reviews & Insights

We use Cisco Firepower 4100 Series for network perimeter controls. Remote access vpn for our users and site to site vpns for partners and third parties. We use Firepower Management Console to orquestrate the configuration for all of our firewalls. Our HA configuration give us piece of mind for the availability and resiliency piece.

It's a great firewall but it has some deficiencies as well: it takes to much time to deploy changes from the fmc to the firewalls. Also client posture for vpn clients it's not a native feature. You need to deploy cisco ise posture to check for compliance and enforcement. Updating the vpn client is also a regular task.

We use Cisco Firepower 4100 Series as the perimetral device for outside connections to the internal network, such as VPN for remote access, VPN L2L, NAT translation for published services and to have full control of who can access the network and what they can do. It is also used as a backup route to the internet.

Cisco Firepower 4100 Series fits well for scenarios where not much changes are needed, once the service is UP the device works very well, but sometimes for troubleshooting is complicated because for every change you make you have to make a deploy and every deploy take almost 5 minutes, si for a real failure it can be difficult to be waiting so long during troubleshooting.

We use two of them, in HA, to monitor and manage our network security for all of our internal network. We were the victim of a ransomware attack in 2021, and needed to upgrade our network's security significantly. We use the firepowers for policy management, VPN security, site-to-site and remote access tunnels, network monitoring, etc... It, in conjunction with several other Cisco products like Umbrella, Stealthwatch ISE and SecureX have significantly impacted our network security, and provided us with incredible visibility of what is going on in our environment.

I'm not sure. I think they would be useful in any environment where a powerful, next-gen firewall should be used. The 4100s are quite expensive, with massive capabilities, so I don't think they'd be suitable for small organizations, but for our college, they are perfect.

Cisco Firepower 4100 Series can support Layer 7 firewall protections when deployed as Firepower Threat Defense. Besides, it is also providing centralized management from Cisco Firepower Management. This can easily simplify the administration tasks and daily operation works. Cisco Firepower 4100 Series is a high-end firewall model which able to cater to high traffic throughput and does not cause any performance issues.

Cisco Firepower 4100 Series can be centralized managed by Cisco Firepower Management Center, this is quite helpful for customers who just want to manage from a single pane of glass. Cisco Firepower 4100 Series allows customers to choose between ASA or FTD images which are quite flexible although different images will cater to different throughputs.

Our Firepower 4120 is being utilized as a main internet connection firewall as a pair of the appliances in high availability mode. It's an upgrade from an existing Cisco ASA firewall that only had the built in firepower module. Having it integrated into a single box makes managing it much easier. It also has more processing power and works faster than the old unit.

When we are asked by local partners which security equipment we use we always recommend our Cisco security products. The Firepower firewall is no exception and we can easily recommend this to others who need a fast, secure, and well built system that integrates well with all your existing hardware and software.