Cisco ASA 5500-X Series Reviews & Product Details

What I like most about this product is how robust it is, a firewall completely adapted for small and medium-sized companies that complies with the functions of restrictions and 100% blockages, as long as it has a good configuration and administration. problem, has a nice interface with the ASDM where the configuration becomes easier than by console.

what disgusts me most of this product like many corporate firewalls are its high cost of device and lenciamiento, apart it also has a long learning curve to learn how to use it, can be used institutionally by the ASDM but by console is much more complicated to use it, it must have an advanced use of networks

the advisable thing is that they study the product very well before buying it and implementing it since it is necessary to know how to use it very well.

was implemented in the company to cover perimeter security needs, with the passage of time has been configured to block specific ports both input and output, lately configured with ospf routing protocol. the last feature used was the use of vpn site to site which was successful in configuring it

Simple firewall that is easy to manage so long as you have a good understanding of Cisco CLI and ASDM. The newer versions i.e. 9.x have continued to add more features to the appliances as Cisco migrates to FirePower. We use our firewalls mainly for User traffic filtering and Remote Access VPN. It doesn't have the best UTM features.

Weak UTM features and has to be used with a Firepower engine so as to function as a UTM

Has a very high maintenance cost for both support and subscription services.

Lacks internal log management capability

Simple firewall that is easy to manage so long as you have a good understanding of Cisco CLI and ASDM. The newer versions i.e. 9.x have continued to add more features to the appliances as Cisco migrates to FirePower. We use our firewalls mainly for User traffic filtering and Remote Access VPN.

Website fire-walling

User browsing filtering

Remote Access VPN

Site to Site VPN Services

ASA it is really easy to use ... if you have the proper knowledge, otherwise you will suffer too much for any little thing and I mean ANY. The thing is if you are a Cisco admin and have used Fortinet products via CLI then you would find ASA a piece of cake but if you are a Checkpoint admin then you will need to learn new concepts.

Tallking about automation ASA it is the best of the best

Like i said if you dont have enough knowledge then ASA will be a pain in your heart and you need to have in mind that it has NO auto loggin system like Checkpoint does.

Learn first and play after no the other way around

We needed virtual firewalls over a physical box and the case of ASA its called 'contexts' and its awesome, easy to automate, to troubleshoot and to backup.

The biggest plus for the Cisco ASA is the community of the installed base. Because there are so many in production, it is easy find answers the problems between the documentation and community.

The Cisco GUI for the ASA is the ASDM. While it is pretty good on it's own, it still relies on Java which is a royal pain.

The venerable 5500-X series is nearing it's end, but the heritage will continue in the FTD appliances.

The Cisco ASA has provided strong security appliances for my business allowing us to worry about the configuration of security and not worry about the appliance.

The Cisco ASDM makes it a breeze to manage this product and there are a lot of features that we don't fully utilize. When setting up your firewalls and troubleshooting, the packet tracer is one of the best tools. Also if you want to learn some of the command-line, turn on the preview commands in ASDM which allows you to see what is being sent to the device before it executes.

The FirePower module always attempt to load when you sign-in even if you don't have it configured which is an annoyance. Although the ASDM makes it easy to setup certain things, the way it configures things is sometimes not optimal and you are better off configuring it through command-line.

The main reason we have deployed this is for our site-to-site VPNs with remote offices and large job sites as well as the Cisco AnyConnect Mobility VPN solution..

FirePower services -- specifically the effectiveness of the IPS and Web Content Filtering

Dependency on ASA and SF modules, thus if you want to upgrade one, you may have to upgrade both which increases operational risk for downtime.

- Content filtering works quite well, but has a few quirks with rules (i.e., blocking a domain with a word that is the subset of another domain will result in an unintentional block

- IPS works great, alerting not so much, not very customizable

- Access to snort rules is nice

- Failover works quite well

- Most upgrades are time consuming, but simple

- Integration with AMP is nice, but would be better if AMP for endpoints was represented here as well (it exists as a separate portal)

We utilize many of the NGFW features, one of the main benefits that we received was combining multiple disparate products into a single platform. Instead of having an IPS and Web Content Gateway that are separate, they now work in a single pane of glass so to speak.

The company has a very good support, that would help the user during the installation process. The software also integrates well with various systems, and is extremely reliable.

The reporting functionality particularly for the VPN function, should somehow be improved so that one can be able to know when another user logs in or out of the network. Upgrading the software can be a little bit challenging at some point, and the price is a bit higher.

This is a great tool for VPN devices and has an efficient firewall system . Other protection features such as Firepower also work in handy in preventing malware infections. As long as the user has the right license of the the product, satisfaction is guaranteed.

The software was excellent in solving the company's VPN needs both through VPN phones and VPN networks.

They are stable and reliable platform which we have been using for quite a few years. I'm very much happy with the software as it provides rigidity and has never given us a single issue. I use it with a data analyst who's quite expert in it and which has further more given us the opportunity to run and administrater it easily. Yet at times I'm able to queries myself if there's an update to be madr

It has some Java language dependency which make it quite tricky at times to use. And has some issues associated with it. Lastly UI can be much better. Rest application is amazing

It helps us in creating internal as well as operational efficiencies and lastly for drive innovation.

The ASDM interface is solidly made and feature-full. All commands can be made through the console interface or by command line.

The ASDM interface navigation is intuitive and uses logical separation of tabs and sections.

Documentation and support is top notch - if you ever get stuck, there is a ton of help available.

The ASA is not a next generation firewall and therefor is behind on newer features that are becoming commonplace. The ASAs are not compatible with modern VPN connections to Cloud services. The 5500-X series ASAs will be phased out soon if they don't update the architecture of them to become next-gen type devices.

It's 2019 and it's time to consider a next generation firewall. These did a great job for their day, but their time is over unless the architecture is modernized for today's IT needs.

We had used these for firewall protection as well as VPN connectivity for uses, remote vPN devices, and site-to-site VPN connectivity between offices and between Azure classic ASM networks to on-premise networks. These devices provided one solution for all of these needs, thereby saving us from having to need multiple devices for each need.

I like the GUI interface and the multiple functionality of this firewall. I also like the failover functionality.

The VPN setup can be a little daunting, but with a bit of help from TAC, it worked out fine.

You should probably be at least certified as a CCNA before attempting a setup. It's not required, but it would help.

Fierce, scalable solution for network protection, the benefits of which are immeasurable.

Enterprise quality with huge options available for the users

The security is best in class, Real-time protection against DOS Applications, detection and filtering of network activities from different types of threats

The timely updates are awesome

Similarity with other CISCO products makes it easy to use

Licensing is a huge complicated process and some hidden costs involved

No options available to rollback the configuration if an error occurs while implementing the new configuration

VPN not supported in context mode

When purchased with FirePOWER the Cisco ASA can be configured to inspect the application layer of the packets for better threat detection.

For companies that want more granular security when it comes to internet access both external and internal the Cisco ASA can be configured in many ways. For smaller companies the Cisco ASA may not be good fit as someone with network experience needs to administer the ASA. Other firewalls can be setup for use out of box.

We are using CISCO ASA as our primary internet firewall to protect our systems against all the security threats and also for site-to-site and client-to-site connectivity. It helps in providing security policies, business-to-business connectivity over the internet.Our customers use VPN sessions to access their servers over the public network. We have multiple site to site VPNs along with Cisco AnyConnect VPN for users accessing corporate resources when out of the office.

The 5500x series really have been the work-horse of the internet edge. Providing security and features that are hard to match. They also offer quite a bit of flexibility on the internet edge or used as a data center security device.

There are quite a bit of security patches that are required to keep these devices secure. Seems like there is always a critical exploit that requires a software patch. It is also a good sign that the code is continually being updated though.

The firewall is definitely helping us segregate our internal network. It also helps us maintain good security posture on the internet edge. It is an essential device in the layered security design approach.

Cisco support and ability to handle the bandwidth traffic we had was much better than the other products we tested.

As with most Cisco products price is always at a premium.

Using the ASA to protect our data and allow us a secure way to access data onsite as well as from remote locations

User friendliness is a major component of this product's success. I really enjoy the interface.

I think there are a few too many options in the toolbar

I would definitely recommend this product to others due to the ease of use and reliability of the software.

Security for our servers

I like how easy it is to connect to my server.

There were a few problems we ran into, but not enough to have any dislikes.

We are about the effectively able to use it as a firewall.

Cisco has always been top of the line with what they come out with and this is no different. I highly recommend it!

Only thing I don’t like is the price of the product.

Networking

Same commands, and same familiarity that you expect in a Cisco product.

We ran into multiple bugs that really hurt our business, licensing, and lack of features as Cisco doesn't seem to innovate like they used to.

Simply needed a firewall, this fit the bill.

The inexpensive price for a great service that works great with having to spend a fortune on high performance firewall

I personally don’t have any dislikes with this product

It provides a protective firewall

delivers integrated threat defense for the entire attack continuum - before, during, and after an attack. c

if you don't install it correctly or use the recommended advice, your information can be compromised

N/A