Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
Intrusion Detection and Prevention Software (IDPS)
September 2022
Get our free report covering Palo Alto Networks, Trend Micro, Darktrace, and other competitors of Check Point IPS. Updated: September 2022.
633,184 professionals have used our research since 2012.

Read reviews of Check Point IPS alternatives and competitors

Rudi Machilek - PeerSpot reviewer
CTO at Brightstar Communications, Inc
Reseller
Top 20
Integrated management is a great feature and the UI is user friendly
Pros and Cons
  • "Integrated management is a very valuable feature."
  • "IPs are not handled well and the process is unnecessarily complicated."

What is our primary use case?

Any time a firewall is deployed at a customer site, we'll use the intrusion detection, mostly on the input side, on VPN connections, as well as forward connections and established related environments. If you go to a website, you want to be sure it returns the content that it should, for instance. So we'll use IPS both for user traffic originating from behind the firewall, inbound NAT PAT, as well as for VPN connections. We are partners with Fortinet. 

What is most valuable?

Integrated management would probably be the most valuable feature. I can take a single FortiGate and manage switches and access points from a single login. I think it's on par with a Palo or a Check Point. I also like their sandbox. The solution covers what we need for most environments, whether small, midsize or enterprise. That aside, the user interface is pretty good and the packet capture works fairly well. The CLI is their own flavor of everything, but that's going to be true for just about anybody that's out there. IPS has widespread capabilities.

What needs improvement?

The biggest problem we have is the way they handle virtual IPs. It's not handled well at all and even pfSense handles that better. There are three different ways to configure it, depending on whether it is an internal or a through process, and it's just unnecessarily complicated. It would be nice if everybody got together and agreed on some language in their CLIs, but that's not going to happen. If you only dealt with one product on a regular basis, then the problem wouldn't be as evident.

For how long have I used the solution?

I've been using this solution for many years. 

What do I think about the scalability of the solution?

Scalability is relative because a given platform only has so much horsepower. It's not too bad to move from one platform to another, as long as they're on the same software rev. If they're not, then you run into the typical hassles where a backup from an earlier rev doesn't cleanly install on a newer rev. It would be nice if that was a little bit cleaner. 

How are customer service and support?

The customer support is excellent. The first-line tech support is pretty quick about establishing whether they're going to be able to address a given problem. They can often escalate it on the phone, but they're also pretty good and timely if you're going through email. Once you have somebody assigned, it's pretty good.
We also have great local engineering support here in North Carolina. 

How was the initial setup?

The initial setup isn't too complicated for a single WAN. You have to assign your name, your address, set up your aliases and then build rules. I think the VPN configuration could be a little simpler, but it's no harder than setting it up on a SonicWall, for instance. The setup can be done in less than an hour, including running updates and registration. A single person can deploy 10 switches, a pair of FortiGates in HA, and let's say 10 access points. One person will do the programming and then all installation is done by two specialists by code.

What was our ROI?

Fortigate is as cost-effective as its competitors. As the boxes get big, it gets pretty expensive but that's for large organizations that have a substantial IT budget.

What other advice do I have?

My advice is to go through some basic training before trying to take it out of the box because the language that's used to configure FortiGate is not the language used on the Cisco ASA or on WatchGuard, or Juniper. The language is a little different so what you think you're configuring and what you're able to configure are two different things. The way that the policies are applied is different than it is from other boxes. So just because you have a technician-level cert with Cisco, you will not be able to successfully configure a VPN on a FortiGate. 

I rate this solution eight out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
Senior Network Security Engineer at a wellness & fitness company with 10,001+ employees
Real User
Top 10
Auto-scaling, powerful software fingerprint identification, and good technical support
Pros and Cons
  • "I think their fingerprints are good in terms of how they whitelist and blacklist."
  • "The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery."

What is our primary use case?

The NGIPS handles all of the IPS functionality for our security.

What is most valuable?

The most valuable feature for our cloud-based deployment is the autoscaling.

For our on-premises deployment, clustering is the most valuable.

I think their fingerprints are good in terms of how they whitelist and blacklist. This is because of Talos, which is really awesome. We use that a lot.

The anomaly detection capabilities are awesome.

What needs improvement?

The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery. You need that to really handle finding anomalies properly. In the past, I've noticed that some applications are not identified correctly, based on the OS and the fingerprints that they're pulling from the host.

In the future, we would like to see more involvement with the on-premises hybrid cloud. We want to see Cisco do more in the cloud space, and basically improving the connection between on-premises and the cloud. This including things such as automation.

For how long have I used the solution?

I have been using Cisco NGIPS for almost seven years.

What do I think about the stability of the solution?

The code is well-stabled right now and we've never had issues upgrading from one version to another. We've had it since version 2.0 and for every time we upgrade, it gets better. We're currently on version 6.6 and we're expecting that when 6.7 comes out, it will get better.

What do I think about the scalability of the solution?

This is a very scalable product. You can add multiple devices to the same policy and then push that out.

In the cloud space, scaling is done automatically based on the amount of traffic and the amount of bandwidth that's generated. It scales up and down, back and forth, as needed. For example, if there is not much traffic then it drops, whereas if there is a lot of traffic then it creates another FTD, and then it just shares the load with load balancing.

Everything is scaled properly both in the cloud and on-premises.

How are customer service and technical support?

Cisco's technical support is really good. I would say that they are number one. They follow up on their calls and tags, as well.

Which solution did I use previously and why did I switch?

I also have experience with Check Point and I find that the pricing is better with Cisco.

How was the initial setup?

The initial setup is straightforward. With the Firepower Threat Defense (FTD), everything is in one box. You can do everything from firewalls to IPS and more. It also includes the next-generation firewall.

It is an easy upgrade process that is easy to understand. I would say that from version 3.0, it has improved.

What's my experience with pricing, setup cost, and licensing?

The cost of the license depends on the level of support that you have with Cisco. 

What other advice do I have?

My advice for anybody who is implementing Cisco NGIPS is to read and understand all of the documentation before you start. Whatever it is that you might need help with, reach out to Cisco support and let them help you. The documentation is available and it is very understandable so you may not need their help. I would say that if you take your time to read it then you shouldn't have any problems in deploying.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Vatsal-Shah - PeerSpot reviewer
Assistant Technical Manager at Bluefive Technologies (P) Ltd.
Real User
Top 10
Good VPN and filtering features, 100% stable, but needs a better graphical user interface and more training
Pros and Cons
  • "The VPN and the filtering features are the most valuable. Its VPN is very strong, and its services are very nice. The main problem in India is the service. There are not enough Check Point and Fortinet Firewall services, but for this product, the service is very good."
  • "Its graphical user interface could be improved because not everybody is technical. There is a lack of knowledge, and they can give some training for this solution."

What is our primary use case?

We basically use this solution to filter traffic so that the network can be secured and no one can hack the network. We are using WatchGuard as a gateway security product. It is installed on the gateway to filter the traffic for our network, stop access to malicious websites, and protect our interwork network from any kind of hack attempt from outside.

We are also using the VPN feature. The traffic is encrypted via a VPN, and no one can hack it. We are using the latest version of this solution.

What is most valuable?

The VPN and the filtering features are the most valuable. Its VPN is very strong, and its services are very nice.

The main problem in India is the service. There are not enough Check Point and Fortinet Firewall services, but for this product, the service is very good.

What needs improvement?

Its graphical user interface could be improved because not everybody is technical. There is a lack of knowledge, and they can give some training for this solution.

For how long have I used the solution?

I have been using this solution for three months.

What do I think about the stability of the solution?

It is 100% stable. Our technical team had tested this product before buying it.

What do I think about the scalability of the solution?

We have approximately 500 to 700 users who are using this solution in our company.

How are customer service and technical support?

I haven't used their support.

How was the initial setup?

It is easy to install. If we have all the required information about static IP, private and personal IPs, and network series, it takes just 10 to 15 minutes to install.

We have seven technical guys for its deployment and maintenance. 

What's my experience with pricing, setup cost, and licensing?

It is not expensive. Other products like Fortinet and Check Point are of the same price.

What other advice do I have?

I would 100% recommend this solution to others. We plan to keep using this solution in the future.

I would rate WatchGuard Intrusion Prevention Service a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Intrusion Detection and Prevention Software (IDPS)
September 2022
Get our free report covering Palo Alto Networks, Trend Micro, Darktrace, and other competitors of Check Point IPS. Updated: September 2022.
633,184 professionals have used our research since 2012.