Cisco Secure IPS (NGIPS) Reviews

We're working usually for the public sector and government organizations mostly. Also we work with some private sector organizations and private banks. 

This may not be the latest data, but the number of installations we secured with Cisco solutions was enormous, reaching tens of thousands of users. And it must be admitted that we didn't experience a serious security incident. This proves that the threat information and vaccines provided by the manufacturer were doing their job. 

The best thing about Cisco is their good marketing force. We appreciate doing business with Cisco all the time, and I'd love to sell and install Cisco switches and other things.

Regarding security, my opinion is that the real value of a security solution lies in these information databases and is more important than, for example, ease of use or other features.

Cisco's got Talos security, and there are many people working there analysing security incidents and preparing new singnatures fast, so we are  immune to new versions of malware.

There are numerous things that could be improved about Cisco Secure IPS (NGIPS) to get it back on track. 

Sollution for small branches: when we have to connect a lot very small branches (or sometimes only an ATM) we need something small, with LTE and with reasonable price. Cisco response is SDWAN but it is not always the case. Recently Cisco released some small firewalls but I have not tried them yet.

Central management with FMC is a very good idea, but sometimes local management or monitoring is helpfull. With Cisco You have to decide: central or local. You cannot have both. 

Regarding usability, when you commit configuration on Cisco, it sometimes takes very long. Commits also take some time for the competition, but Cisco is definitely lagging behind the rest in this respect.  

Last but not least, for me as a professional is lack of CLI. With CLI, I can configure every firewall on the market except Cisco. CLI is very important in professional working, and IMHO it was an unwise decision by Cisco to remove it. Graphical interfaces are very nice, but when you've got thousands of objects in a big installation and have to configure many things, CLI is a much faster way to do it.

I have been using Cisco Secure IPS (NGIPS) for a long time. I'm CCIE for over 25 years and I installed a alot of ASAs and and many IPS sensors. At the beginning, it was PIX, ASA, IPS4500, IDSM Sensors, and then it was Firepower. Now, I don't really work very often with Cisco IPS. It's mostly with other vendors, but I still provide support to customers wich using FirePower. 

We had some problems where after an upgrade, simple things stopped working. It was unfortunate that after upgrading to recommended software, some things stopped working, and these weren't just minor details but very important functions. And there are frequent problems with FMC. It's software so you can't fix it yourself, the only option is to open the case with TAC.

This happens with other manufacturers as well, but it occurs very frequently with Cisco. They are now in a position where they have to surprise us with good quality and ensure everything works properly. 

However, the switches, router and other stuf are working very well, and we don't complain about and our customers are very pleased with them.

The technical support by Cisco used to be one of the best in the world. Sometimes it is very good, but i think they try to optimize business by lowering costs and buying support from other companies. When I open a Cisco ticket, I sometimes get a response from people from IBM. I believe IBM is a subcontractor of Cisco, and they employ people from other companies who sometimes knew very little. Usually, the first person in contact is incompetent most of the time.

When I get firs 10 initial questions, somme of them are irrelevant. I usually don't answer and ask for someone more competent, and then the next day I get someone qualified.

But the average level of Cisco's technical support is still very good especially when compared to other manufacturers.

Positive

My job is to secure customers networks. And it is not that I have switched, but I had to addapt to customer needs. At the end they decided what they want. 

When people lose trust in the solution, they stop buying it and regaining the trust is very hard and time consuming. I have experience with all best security  products on the market, and they all have advantages and some flaws. The future will show who will dominate this market.

Long time ago (times of ASAs, IPS Sensors) Cisco had probably 60-70% of the security market, but they made many mistakes and missed their chance with NGFWs. Many people who had ASA were very pleased with it. They wanted another firewall from Cisco, but they couldn't buy it because Firepower didn't work at the beginning or was at least problematic.They lost people's confidence. Now, the product is quite good, but the milk has been spilled. 

The competition isn't without errors as well, but it seems that Cisco lost a lot of trust. They still have significant influence on the market in switching, routing, and other things and they are still able to rebuild trust.

They could regain some market share, but it takes time. Security is a matter of trust.

On a scale of 1-10, this solution receives a rating of 6.

Neutral

Our main use case for Cisco Secure IPS (NGIPS) is in-line traffic control, and we are using IPS in an in-line mode.

The features I really appreciate in Cisco Secure IPS (NGIPS) are the discovery features, Snort engine features, user mapping, visibility, and the IDS feature.

We are using real-time contextual data for threat detection, which is a valuable capability.

Cisco Secure IPS (NGIPS) helps me with the visibility component, providing visibility across more than 3,000 applications using Firepower IPS.

The main benefits Cisco Secure IPS (NGIPS) provides for us are security, visibility, and cost savings.

I am aware that we are not measuring some metrics or tracking access through Cisco Secure IPS (NGIPS).

In my opinion, Cisco could improve the Web GUI for Cisco Secure IPS (NGIPS).

I have been working with Cisco partner solutions for ten years.

I would rate the stability of Cisco Secure IPS (NGIPS) as middling.

I recommend it to other users, but I am concerned about stability, as the stability is not adequate.

I would rate scalability as between seven and eight.

I would rate Cisco technical support as not the best, especially compared to previous years.

The initial setup is straightforward.

We completed ten setups with our team for Cisco Secure IPS (NGIPS).

I would rate the price for Cisco Secure IPS (NGIPS) as high.

I can compare Cisco Secure IPS (NGIPS) with Fortinet IPS.

We use Cisco Secure IPS to prevent and detect any suspicious activities or network detections to prevent unwanted applications.

IPS decreases the risk for management.

Cisco has many products that are easily integrated with other services. The capability to capture logs and prevent unauthorized activities is beneficial.

The dashboard is quite old compared to today's technology. We would like to see improvements in the dashboard features.

We have been working with Secure IPS from Cisco for around ten years.

The solution is stable.

For IPS, it cannot be scalable. From our perspective, it is already fixed.

We have no issue with Cisco tech support. They resolve issues faster than expected.

Positive

We don't use any other solution.

There was no complexity in the initial setup.

We used a third party for the implementation.

We cannot calculate the ROI for a security product.

The pricing is standard and there is no issue.

Cisco Firepower was the first choice for us.

Cisco has a strong brand and the tech support is always available. It's a good fit for our company.

I'd rate the solution seven out of ten.

We are working as a system integrator, dealing with various network security products. Currently, I am dealing with Cisco products, including Cisco Secure IPS (NGIPS), for different facets of our networking setup. These include UCS servers, NGIPS firewall, Firepower, switching, routing, and AP controllers.

Cisco Secure IPS (NGIPS) is deployed on a very limited part of networks due to Cisco's historical lack of investment in education for Firepower. As a result, the market in Pakistan has been captured by Fortinet. All NGFW solutions, including Cisco Secure IPS, are largely similar in most respects. The choice is often dependent on the significance of the brand's name rather than their performance advantage in the security domain.

There are no specific additional features needed in Cisco Secure IPS (NGIPS) as most features are similar across all NGFWs. Any improvements would target marketing strategies and how they communicate with users because, technologically, all major firewalls are on par.

I am satisfied with Cisco's technical support, but I would rate it six out of ten. Fortinet, on the other hand, offers quicker response times and same-day RMAs, which gives them an edge in customer service.

Neutral

I have used Sophos, Fortinet, and Palo Alto. My choice for firewalls usually starts with Palo Alto, followed by Fortinet, and then Cisco because Palo Alto and Fortinet offer better pricing and are rated higher in Gartner.

The initial setup of Cisco Secure IPS (NGIPS) can be complex compared to Fortinet or Palo Alto. I had to spend several days with support to handle the licensing via a YouTube tutorial.

Cisco Secure IPS (NGIPS) has a higher cost compared to Fortinet, making it a less favorable option in terms of pricing.

In our country, most SD-WANs are based on Fortinet because it does not require a license, unlike Palo Alto. Also, Fortinet integrates multiple functionalities in a single firewall.

I don't recommend Cisco Secure IPS (NGIPS) unless the network infrastructure is predominantly Cisco. It is less commonly found in higher enterprise networks for security. My overall rating for Cisco Secure IPS (NGIPS) is six out of ten.

Our primary use case is for regulatory purposes. We use Cisco Secure IPS for intrusion prevention to manage all features from a single dashboard.

The solution is valuable since it is a single vendor option, which makes it easier to manage all features from one dashboard. The threat detection and prevention feature is particularly important for us.

Customer support needs improvement. The regional manager and the Romanian representative are not adequate. They should change their approach and policy since they currently do not allocate enough resources for smaller projects, like those in Moldova. This is not acceptable for a vendor of Cisco's stature. We are considering a change in vendors due to this issue.

We have been using the solution for about one year.

I would rate the stability of the solution as seven to nine out of ten.

The scalability of Cisco Secure IPS is strong, supporting our organizational growth with a rating of nine out of ten.

Customer service is lacking, and I would rate it as three out of ten. There is significant room for improvement.

Negative

We also use Zscaler. Unlike Cisco, Zscaler is more flexible in terms of vendor and regional management.

The initial setup was somewhat difficult. It took about a week to deploy.

On a scale from one to ten, Cisco Secure IPS pricing is relatively economical with a rating of four out of ten.

We have evaluated Zscaler as another solution.

I would not recommend Cisco Secure IPS to other users in Moldova because of the regional managerial approach and inadequate resources. They need to change their policy and position in the market. 

I would rate the overall solution as seven out of ten.

I use Cisco NGIPS as a firewall for the DMZ zone.

Cisco NGIPS is not secured, and we did not use it in our company for VPN-related purposes. Cisco NGIPS is just to protect data. We use Cisco ASA, which has reached its end-of-sale cycle, and install Cisco NGIPS simply in our environment, which emulates features similar to Cisco ASA.

From an improvement perspective, Cisco's technical support team should work on their speed of response.

If there is a delay in the response time from Cisco's technical support team, it causes a problem since for our company, we don't have access to Cisco's site since it is a restricted zone. If we have some project in our company and we want to set up some remote access, then we need to enter some commands and tests. Some problems exist on my company's side when it comes to the product, but a better speed of response from the technical support team of Cisco would be good.

Cisco NGIPS should work on its shortcomings related to the issues that stem from bugs and performance.

I have been using Cisco NGIPS for a year or two. My company operates as an integrator for Cisco.

Though Cisco NGIPS is a stable tool that offers performance, there are a lot of bugs in the product. At the moment, my company has an open ticket with the support team of Cisco in relation to IGMP snooping, where there are some bugs causing issues.

The technical support provided by Cisco NGIPS is okay. I rate the technical support an eight out of ten.

Positive

I have some past experience with Cisco ASA and PIX.

It is difficult for me to speak about the price of the product since I am unable to compare it with other products in the market that may be its competitors. In our company, we know that the price of Cisco products is high, especially for its switches, routers and IOS. The price of Cisco products may be twice its original price if you plan to extend some of its features.

I am not responsible for the development part of my company, and it is our headquarters in the US that decided to opt for Cisco NGIPS. Initially, in our company, we used Cisco ASA and then Cisco NGIPS.

In my company, we operate the solution we use in our internal environment owing to cybersecurity reasons. In general, my company uses simple solutions and routers for protection that are not complicated, which means we don't use anything considered high-tech. For my company, the most important part when it comes to a solution is in terms of OT.

I am satisfied with Cisco NGIPS as a product. I rate the overall product an eight out of ten.

We have deployed Cisco Secure IPS (NGIPS) for intrusion detection and prevention in our financial sector. It protects our public-facing systems, especially in the DMZ zone, ensuring high security for servers involved in public transactions.

Cisco Secure IPS (NGIPS) performs exceptionally in Trojan detection, especially at the network level. We used a Next Generation Firewall on that aspect, which is amazing. Cisco products are also very good at integration with third-party tools.

It's better to strengthen the AI feature of the IPS. Considering different attack vectors, using AI to understand the behavior or features of network-level intrusions and protecting against zero-day attacks would be beneficial.

I have been working with Cisco Secure IPS (NGIPS) for about two to three years.

I find Cisco Secure IPS (NGIPS) stable.

The solution is good at scaling.

Before Cisco, we did not work with any other solutions for the IDPS.

I was not involved in the initial deployment or setup.

The pricing for Cisco Secure IPS (NGIPS) is quite high. They should consider revising the pricing strategies since there are other vendors in the market offering competitive pricing.

I would recommend Cisco Secure IPS (NGIPS) to others, although the pricing is high.

I'd rate the solution eight out of ten.

Our company uses the solution for data functions in banking. It is a backend solution in the server center. 

We analyze traffic and adapt configurations or customize policies to the environment of the IPS itself. 

The solution very effectively provides malware protection and signature-based anomaly detection. We don't need to use any separate tools. 

The end delay layer was recently improved so it is much faster for service functions, training, and workflows. 

Recent improvements to the OS and firewalling are good. 

The solution could always enhance detection for zero-day attacks, SQL injection, and signature-based anomalies. 

I have been using the solution for 15 years. 

The stability needs improvement so is rated a four out of ten. 

Technical support is rated a six out of ten. 

Neutral

The setup is pretty normal but might be slightly more complicated than Fortinet. If you are familiar with the interface or have a technical background, then you won't have issues with the setup. New engineers might find the setup a bit complicated until they get used to it. 

We implement the solution in-house. Deployment time depends on the environment itself. You also have to consider migrations and preparing the environment. In the learning phase, you determine any impact on protection or policy and adapt accordingly. 

A large network will take longer to implement than a small one. Integrations can take some hours to many days, can take minutes to a month. 

The solution is a good product so I rate it a six out of ten. 

We use the solution for cybersecurity purposes. The tool helps us to identify anomalies that come from internal or external networks. 

The attack patterns and payloads go undetected in Cisco. We would like to see a new solution with more effective detection of attack patterns. There should be more data analyzing patterns as well which provides useful information. 

I have been using the product for two years. 

I would rate the solution's stability an eight out of ten. 

The tool's scalability is not an issue. We have a lot of people using the product even in our subsidiaries. We have a couple of thousand users for the solution.

We have residence engineers for support. We mainly use level two support. Cisco's support in the local region is up to the level. However, we have issue with country-level support.  

I use Darktrace simultaneously. 

The product's setup was smooth and easy. The implementation was not a big deal and took two weeks to complete.

A Cisco consultant helped us with the tool's implementation. They were competent, helpful, and confident. 

We get cut in price since we use other Cisco products. We have the whole bundle of Cisco solutions. 

I would rate the product a six out of ten. The solution is easy to maintain. We are looking for a solution that is powered by AI which gives enhanced protection and detection.