![]() ![]() The ASAs don't really have that, but they are easy to use if you physically go into them and manage them." So, we are using a Firewall Management Center (FMC) to manage all those. We have a lot of our environments on FTD right now. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs." "The one thing that the ASAs don't have is a central management point. I would challenge Cisco to continue to improve in that area." "The visibility for VPN is one big part. Even at 50 seconds, it's longer than some of its competitors. It is very easy to log in and configure things." "It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection." "Cisco's inspection visibility could be better." "The change-deployment time can always be improved. The user interface of FortiGate is more intuitive. There are some devices that are easier, such as FortiGate. If you don't know what to do, you can mess things up. Currently, you have to know what to do before you can manage a device. they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better." "Its user interface is good, but it could be better. ![]() I've heard rumors that this is something Cisco is working on, but it isn't yet available." "Cisco wasn't first-to-market with NGFWs. As I understand, Firepower doesn't let you export the decrypted traffic so that, for instance, the security department can look at the traffic or inspect traffic. "I'm not very familiar with the largest Firepower models, but competitors like Palo Alto seem to have a more capable engine to do, for instance, TLS/SSL decryption. I feel like that's a really valuable tool." "It integrates with various Cisco security portfolios and products, and there is an easy and seamless integration for building a complete security framework for our customers." It has a lot of flexibility and even a lot of third-party or non-Cisco integration. That was nice." "I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. Cisco's engineer helped us to do some scripting and find out what kind of policy we can have and organize those policies. In fact, we didn't have any policy because we didn't have any firewall for the data center, so generating a policy was a big challenge. Previously, we didn't have a proper policy. It seems to work fairly well for us." "It's quite a capable box for UTM." "The most beneficial aspect of the Cisco Secure Firewall is the Anåonnect component within the firewall package, which we selected specifically for VPN usage due to its exceptional integration with various third-party devices and applications." "Cisco's engineer helped us with a lot of scripting to see what existed. In some ways, it is a reactive solution and we have it sitting in a whitelist mode rather than a blacklist mode. We have enabled IPS and IDS." "Cisco Secure Firewall is a good solution. It can protect from different types of attacks. The scope has been widened, so the ROI, eventually, has multiplied." "It has a good security level. Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. "The return on investment is not going to be restricted to just the box. ![]()
0 Comments
Leave a Reply. |