Cisco firewall

Cisco ASA-5508 Firewall Review

Best Product Reviews

Last Updated on May 1, 2024 by Daniel Osakwe

I recently got a chance to take a look at the Cisco ASA-5508 firewall for a review. The Cisco ASA is a very popular firewall product. It has a nice UI and a great feature set. However, the ASA is expensive. For example, it can cost anywhere from $500 to $2,000. The ASA is very feature rich, and if you are planning to deploy the ASA for a large network or if you are planning to use the ASA to support a large number of users, the price can start to add up.

I’ll start with a quick overview of the Cisco ASA-5508’s features before delving into some of the more specific ones.

Why should I choose the Cisco Firewall ASA-5508?

Cisco ASA-5508 Firewall

The Cisco FirePower Services Firewall 5508-X is an entry-level, next-generation firewall designed for small to midsize businesses and branch offices of larger companies. The firewall features eight Gigabit Ethernet interfaces, an 80GB SSD, up to 100 IPsec VPN peers, 50,000 concurrent connections, and one Gbps throughput.

With Cisco ASA with FirePOWER Services, customers can enhance their Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewalls with distinctive, next-generation security services. It provides comprehensive protection against known and advanced threats, including protection against targeted and persistent malware attacks.

Cisco ASA-5508 Firewall: Pros and Cons

Pros Cons
With AMP, or Advanced Malware Protection, users can discover, understand, and stop malware and emerging threats missed by previous security layers that are industry-leading for breach detection, low total cost of ownership, and superior protection value. After-sales service is slow.
The Cisco ASA with FirePOWER Next-Generation IPS (NGIPS) provides highly effective threat prevention and full context awareness of users, infrastructure, applications, and content. Timing-chip issue
Over 3,000 application-layer and risk-based controls are supported by Advanced Application Visibility and Control (AVC), allowing us to launch tailored Intrusion Prevention System (IPS) threat detection policies to optimize security effectiveness.
Site-to-site and remote access Assuring business continuity, VPN and advanced clustering enable highly secure, high-performance access and high availability.

Cisco ASA-5508 Firewall: Key Features

cisco firewall

Next-Generation Firewall

It’s called Next-Generation Firewall and it’s the industry’s first threat-focused NGFW. Incorporating Next Generation Intrusion Protection Systems and Cisco’s Advanced Malware Protection, it is the only NGFW with market-leading protection. As a result, Cisco ASA-5508’s NGFW provides unified policy management for firewall functions, application control, threat prevention, and malware protection from the network to the endpoint, all accessible from a single management console.

Proven ASA firewall

Cisco AnyConnect VPN offers high-performance, highly secure, and reliable access through rich routing, stateful firewall, and network address translation.

market-leading NGIPS

It provides network visibility, security intelligence, automation, and advanced threat protection with its Next-Generation Intrusion Prevention System (NGIPS). NGIPS from Cisco integrates real-time contextual awareness, intelligent security automation, and superior performance with industry-leading network intrusion prevention technology to set a new standard for advanced threat protection.

Here are some more benefits of NGIPS:

  • Effectiveness: Every two hours, NGIPS receives updates on new policy rules and signatures, reinforcing the security of your software at the same time.
  • Operating Costs: By separating actionable events from noise, NGIPS automation increases operational efficiency and reduces overhead.
  • Integration: NGIPS connects to your network without requiring major changes to your hardware, and it is simple to install. Users can also manage multiple security applications from a single view thanks to NGIPS’ Firepower Management Center. In addition to seeing more contextual data from their network, users can also fine-tune their security with the Firepower Management Center.
  • Flexible: Enterprises can deploy NGIPS in a number of ways to meet their needs. WAN connections, guest access, or mission-critical assets can be protected via this device at the perimeter, in the distribution center, or behind the firewall. This device can also be used for inline inspection or passive detection.

Advanced Malware Protection

Enterprises are protected against targeted and persistent malware attacks by detecting, blocking, tracking, analyzing, and remediating them.

Full Contextual Awareness

Enforcement of policies relies on complete visibility of users, mobile devices, client-side applications, virtual machine communication, vulnerabilities, threats, and URLs.

Application Control and URL Filtering

Custom applications and URLs may be used to enforce usage policies and tailor detection policies.

Purpose-built and scalable

A highly scalable security appliance architecture capable of operating at gigabit speeds; consistent and robust security across branches, Internet edges, and data centers in both physical and virtual environments.

VPN for Remote Access

Access secure corporate networks from mobile devices no matter where they are; supports Cisco AnyConnect Secure Mobility Solution with granular, application-level VPN capabilities and native Apple iOS and Android VPN clients.

Collective Security Intelligence (CSI)

Providing real-time security protection for global brands and web reputations.

Cisco ASA-5508 Firewall: Other Features

  • Rack-mountable
  • Integrated Wi-Fi
  • VPN Support
  • VLAN Support
  • Low TCO
  • Open API
  • Rugged Design

Specifications

Interfaces 8×1 Gigabit Ethernet interface, 1 management port
Multiprotocol Throughput 500 Mbps
Maximum 3DES/ASES VPN throughput 175 Mbps
IPsec site-to-site VPN peers 100
Virtual interfaces (VLANs) 50
Memory 8GB
Flash 8GB
Power (AC or DC) AC only
Height (rack units) 1RU
Package Weight 8.77 Kg
Dimensions 1.72 x 17.2 x 11.288 in.
Weight 8 lb (3 kg)
Maximum Peak 12V @3.0A

Observations

Cisco ASA-5508 is a good firewall software for small or midsize enterprises and branch offices. With Cisco’s reputation for quality products and 35 years of experience in the tech industry, you can surely rely on the safety, security, and high quality of the Cisco ASA-5508 software firewall.

A few years ago, Cisco had a problem with a faulty timing chip. Cisco addressed the timing chip issue in its products in 2017, issuing a notice that busted timing chips in many of its products could fail after 18 months of operation, causing the device holding the chip to crash and never restart. Several years have passed since the incident, but Cisco’s many customers are still concerned about it.

In contrast, after going through all of its many features, it would be foolish not to admit that the Cisco ASA-5508 is an amazing product that can cover all your medium-sized enterprise network security needs.