Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

what are people's opinions about CSA?

my company runs CSA on all of our production servers (v4.5) which i'm charged with.

I was just looking for feedback, positive or negative, about other people's experience using CSA - eg what you like about it, or dont like about it, how often it detects real problems, or anything else you might want to add.



Re: what are people's opinions about CSA?

I give it two thumbs up.

5.x is a nice upgrade from 4.x and if you have a fresh installation in mind you can ditch VMS altogether. (5.1 is a free standing product.)

The best part of CSA is that it helps reduce calls to the helpdesk. When an end user does call into the helpdesk to report an issue with their PC, a quick scan of the Events on the CSA MC can usually predict whether or not the problem was one caused by the end user. In particular, whether or not they disabled the CSAgent to try and install prohibited software, and consequently messed up their machine. With CSA deployed an IT staff can usually anticipate problems and begin their troubleshooting from a known point of reference. This has been one of the biggest benefits that our clients have noticed and they have been grateful for the advanced notice that CSA has been able to provide.

Hope this helps.


Re: what are people's opinions about CSA?

I second that emotion. When we were first deploying it in early 2004, we had an incident where machines were being infected rapidly by a virus. I put all hosts into protect mode ahead of schedule and it stopped it cold.

I also like the look that it gives me into the seemy underside of network traffic. We've since made changes to how we deploy our PCs by turning off unneccesary services and I think we are better off because of it.

CreatePlease to create content