Cisco FirePower 1010 FPD Review

Long story short: don't buy it, it is not ready for production.

I will give it a fair shake in this review. As I did in testing. I would have never expected this from Cisco.

This review will cover the following items:

  • Specs
  • Features
  • Licenses
  • General Overview

Specs:

So the full list can be found here. So to sum it up, you get 890Mbps throughput with firewall enabled. However we are already finding inconsistency's here. In some lists it says 650, some say as low as 350

So make of that what you will, for my requirements I only needed 200 so was not too concerned.

Hardware: you have 8x 1Gbps ethernet ports. 1 rj-45 console port, 1 ethernet mgmt port. one USB type A and one mini USB. One 4 pin power in. 1 reset button

All pretty standard Cisco IO

Firewall features: (with advanced license, with the license that comes with it, you get nothing, like really the thing is just a low end router without the advanced license)

  • Full IPS (snort) sniffs packets for malicious signatures.
  • Encrypted packet sniffing
  • URL filtering
  • Active download sniffing
  • Geo-IP blacklists
  • TALOS malware definitions
  • Layer 7 Inspection (blanket inspection of incoming packets)
  • Advanced granular logging

Sounds solid right? Yeah I thought so. Backed by Talos, I'm in. Remember that to get any of the above you need an additional license that costs around $500 (the L-FPR1010T-TMC-1Y license)

You need an additional license to use the L2TP VPN. That will run you another $100

Features:

L3 routing and switching on all 8 ports. Very nice all in one device (on paper.) Failover supported (with proper licensing.) Both types of console port, RJ-45 and mini USB.

Fan-less, just be sure to give it some space overhead to let the hot air rise out.

External power brick, some like it, others do not. It is a chunky thing as this dose support (on paper) 30W PoE+ on 2 ports.

Dedicated mgmt interface for use with FTD system.

Licenses:

So it comes with the base license that basically just lets you turn on the device. Seriously, this is not a firewall without the advanced license.

Now lets talk about "contracts" see on top of licenses, cisco requires that you have service contracts for the various components of software. What that means for you: without the advanced license, you do not get to even download firmware updates

Serriously,

This device is a paperweight without the advanced license. It is a router without basic features.

To use the RA VPN you need a separate license.

So lets do the math $500 device, plus $500 license, plus $100 VPN license = $1100 + the renewal fees so an additional $600 a year.

That would be fine if the device actually worked.

General Overview:

After more hours then I care to admit, I came to the same conclusion that many others have. The FirePower 1010 is not ready for production use. On top of being way overpriced compared to competitors. It lacks basic features, is very buggy, support is non existent. Just look else where.

We have all had this experience; you get a new technology, you are trying to make it work and every turn is a dead end, another bug you think, oh it will get fixed in an update lets just move on. Oh it dose not have that basic feature? Well we can work with that. Oh it just dose not work as described? Well now this is getting silly.

Cisco, I really tried everything. This device is a disaster and needs an overhaul.

Leave a Reply

Your email address will not be published. Required fields are marked *

We Would Love to Help

Web design. IT computer network systems. Security Cameras. Graphic design. We do it all. Reach out to see if we are a good fit for you.
menuchevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram