We changed our name from IT Central Station: Here's why

Cisco NGIPS OverviewUNIXBusinessApplication

Cisco NGIPS is #5 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Cisco NGIPS an average rating of 8 out of 10. Cisco NGIPS is most commonly compared to Trend Micro TippingPoint Threat Protection System: Cisco NGIPS vs Trend Micro TippingPoint Threat Protection System. The top industry researching this solution are professionals from a comms service provider, accounting for 32% of all views.
What is Cisco NGIPS?

Cisco Firepower NGIPS provides network visibility, threat intelligence, automation and industry leading threat effectiveness. Gartner has ranked Firepower NGIPS as a Magic Quadrant Leader for seven years running, and the independent NSS Labs testing organization consistently rates it as a “Recommended” IPS solution for eight years.

Cisco NGIPS was previously known as Sourcefire NGIPS, Firepower NGIPS.

Cisco NGIPS Buyer's Guide

Download the Cisco NGIPS Buyer's Guide including reviews and more. Updated: January 2022

Cisco NGIPS Customers

American Electric Power, Huntington Bank, Keycorp, Nationwide, Transunion, Marriott, Inova Health, Ford, Thomson Reuters, Dow Chemical, Equifax, Chevron, Walmart, Coca Cola

Cisco NGIPS Video

Cisco NGIPS Pricing Advice

What users are saying about Cisco NGIPS pricing:
  • "This is an expensive product, with the biggest cost being the license that keeps the service going."
  • "The weakness of Cisco Firepower is the cost. Some of the customers see it as very expensive."
  • "It is expensive. It has separate licensing for all the features, and every feature set seems to require another license. Licensing is on a yearly basis. There are no additional costs besides the standard licensing fee."
  • "The cost of the license depends on the level of support that you have with Cisco."
  • Cisco NGIPS Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Manager IT Security at UnitedHealth Group
    Real User
    Top 20
    The anomaly baseline formation links the network, then anything that goes away from the norm is also flagged
    Pros and Cons
    • "Ir's signature-based. We are also using the anomaly baseline formation, where it links the network, then anything that goes away from the norm is also flagged. Those are the two most valuable features."
    • "It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own."

    What is our primary use case?

    Basic IPS functionality for intrusion prevention. We have two kinds of deployment. The one that is Inline and the one that is not Inline, where it's just listening. We have like a tap to which its monitoring traffic. For the one that is kind of offline deployment but for the Inline deployment, all traffic goes through it, like for North-South traffic, towards internet to provide some real-time intrusion prevention.

    What is most valuable?

    Ir's signature-based. We are also using the anomaly baseline formation, where it links the network, then anything that goes away from the norm is also flagged. Those are the two most valuable features. 

    What needs improvement?

    It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own. It learns patterns, learns what good traffic looks like then is able to stop bad traffic, not just based on behavior but based on every other thing. I think other next-generation IPS solutions are turning towards integration of ML and AI. I need machine learning and the ability to share intelligence. 

    For how long have I used the solution?

    I have been using Cisco NGIPS for seven years.

    What do I think about the stability of the solution?

    It is pretty stable and has good throughput.

    What do I think about the scalability of the solution?

    It's scalable. You can add more to it as traffic requires, one cluster can do HA, so it's pretty scalable. In fact, you can cluster up to six chassis on the 4100.

    If it's host-based IPS, we can count a number of users and say we have 45,0000 users but for network-based IPS, where it's just picking traffic from different connections when you're trying to go to the internet or when you're trying to come back to the internet it can support up to 10 million concurrent sessions. We have around 200,000 users but it can support 10 million concurrent sessions.

    For maintenance, once you configure it, depending on what you call maintenance if it's software upgrade it doesn't take a lot to upgrade it. If it's active/standby you can upgrade the active. The standby becomes the active. Then when the active comes back on, you can upgrade the standby. So usually, at least you have an active/standby scenario, but if you have a cluster, you can take each out of production in codes. We start while others are in production. 

    If you're talking about maintenance in terms of log collections and shipping of the logs, it's also easy to deploy from that perspective.

    How are customer service and technical support?

    Cisco has very good support. We get good support from Cisco. 

    Which solution did I use previously and why did I switch?

    We've been using Cisco for a while. Going from the IPS module on ASA or the IPS appliance, we've transitioned from different Cisco IPS solutions to this Cisco Next Generation IPS. 

    It's been Cisco all along, it's just that this one has more visibility and it's next-generation style compared to the older IPS. 

    How was the initial setup?

    The initial setup was straightforward and easy to deploy. It was very quick.

    Which other solutions did I evaluate?

    We also looked at Sourcefire.

    They bought this particular one from Sourcefire and Sourcefire was the world leader in next-generation IPS before Cisco bought it and I know it wasn't just in terms of visibility and how much it can do but in terms of cost too because it was an open-source project that was going on before Cisco bought it. Cisco bought the enterprise version so I feel it's not expensive, but I've not really checked the licensing cost.

    What other advice do I have?

    Sourcefire wasn't originally Cisco and it was already a world leader and if I'm not mistaken or quoting wrongly, I think it's from the Snort project. I know the open-source community is still contributing to what Cisco is presenting with FirePower or FireSIGHT IPS. It's an open-source project. You can trust it because of the originality score and with what we've used so far too, I see the difference in the old version and this new one. You get better security compared to these other next-generation IPS out there.

    In the next release, I would like to see AI machine learning capabilities built into it.

    I would rate it a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Associate Consultant at a computer software company with 201-500 employees
    MSP
    Top 5
    Good intrusion prevention and easy to set up but the pricing is high
    Pros and Cons
    • "The solution gives us a lot of visibility into our security."
    • "The solution requires better management. When it comes to central management capabilities, improvements can be made."

    What is our primary use case?

    We primarily use the solution for network firewalling and intrusion prevention.

    How has it helped my organization?

    We get a bit of visibility into network threats and we can successfully mitigate those threats by using the product.

    What is most valuable?

    The most valuable feature would be the intrusion prevention for us for security reasons.

    The setup is pretty straightforward.

    The solution gives us a lot of visibility into our security.

    The product is quite stable.

    There are pretty good capabilities for scaling.

    What needs improvement?

    Currently, this product is difficult to manage. It needs to be more user-friendly.

    A lot of improvements can be made into the overall architecture of the firewall. It's lacking right now. It's something they need to work hard to improve.

    The reason for the lack of cohesion in the architecture is due to the fact that Cisco acquired this company and then they merged two products, the Cisco ASA and the Firepower product, into a single product. As a result, the product is not as mature as some of the other comparable products out in the industry.

    The price is in the high end of the spectrum, again, comparing to other players in the industry.

    The solution requires better management. When it comes to central management capabilities, improvements can be made. 

    Better reporting in terms of analytics and dashboards would be very useful in future versions.

    For how long have I used the solution?

    We've been using the solution for about five years now.

    What do I think about the stability of the solution?

    The stability overall has been good once we get it up and running. We've not seen any issues once we've launched everything. It isn't buggy or glitchy. It doesn't crash or freeze. It's reliable.

    What do I think about the scalability of the solution?

    The scalability on the solution is good overall. They have a central management console that can assist with the process. The only issue there is we feel like there's room for improvement on the administration side of things.

    When it comes to a user installing the networks, all the users essentially traverse this firewall, but when it comes to the administrators of the product, we've got five administrators in networking, they pretty much use it on a daily basis.

    How are customer service and technical support?

    The technical support has been good. We're satisfied with the level of service we get. They know what they are talking about. They respond promptly. Overall, they are above-average. I'd rate them eight out of ten. 

    Of course, there's always a little bit of room for improvement from any technical support service. In general, it's always about the speed of resolving an issue, responsiveness, et cetera. These are common industry wide. We always want everything resolved faster.

    Which solution did I use previously and why did I switch?

    We previously used FortiGate. We switched as we wanted something that had easy management capabilities, so we moved to Cisco. We thought that Cisco would be a bit more mature.

    How was the initial setup?

    The initial setup is a little bit difficult. It's pretty straightforward, although if we look at it relative to other products on the market, we feel that the other products are easier to set up compared to this one.

    What's my experience with pricing, setup cost, and licensing?

    The pricing is actually pretty high, especially if you compare it to other solutions that are out there. They are comparable but cost less.

    What other advice do I have?

    The advice we would give to other organizations is to look at the administrative overhead, and also to pay close attention to when the company is deploying it. We feel that there are certain feature functionalities that might not be mature depending on a company's use case. Everything depends on use cases. A company needs to evaluate its own unique use case, and look at the product feature functionality. A company also needs to look at some of the administrative overhead before they choose the product to make sure that it is suitable for their environment.

    This solution overall I would rate at seven out of ten. I would say it's a good product if you look at the primary functionality, which is intrusion prevention. It's is one of the best out there, however, the issue is it's been wrapped around an administrative layer which is quite difficult compared to other products. They've got a really good engine as far as IPSs go, and that's the most important thing. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Learn what your peers think about Cisco NGIPS. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
    564,322 professionals have used our research since 2012.
    Ivan Radev
    Network Security Consultant at Societe Generale Global Solution Centre
    Real User
    Top 5
    Boosts network security using inline IPS and passive IDS, and they have efficient technical support
    Pros and Cons
    • "The main advantages to Cisco are the scale, the integration, the training, and the possibility of finding somebody to work with."
    • "I think that some initiation scripts might be helpful because they would make the configuration easier and more user-friendly for customers."

    What is our primary use case?

    We are a solution provider and I am an engineer who deploys solutions. This is one of the products that I have experience with it in this capacity. The version that we use depends on the client.

    Some of our clients are ISPs and they are using the firewall features in this product to replace old firewalls. It is doing the regular firewall inspections, VPN concentration, and other such things. For other customers, who replaced Sourcefire, they use it primarily as an inline IPS and a passive IDS. These customers do not choose very many of the firewall features.

    Some customers use it for both; they have a firewall, VPN concentration, and then they do IPS inspection. This is the next-generation of these technologies.

    What is most valuable?

    The most valuable feature is the IPS engine. It has been in the security branch for decades and is now integrated into the Cisco portfolio. The difference is that it has been scaled a thousandfold. It provides a base language for intruder inspection for all of the security engineers. Now, they have the same language everywhere in the corporate and the open-source firewalls and IPS.

    What needs improvement?

    The configuration of this product can be simplified. I am an expert in this area because few people can do it. It requires a lot of training and documentation.

    I think that some initiation scripts might be helpful because they would make the configuration easier and more user-friendly for customers.

    For how long have I used the solution?

    I have been working with NGIPS for about four years, since 2016 or 2017, shortly after Cisco bought it.

    What do I think about the stability of the solution?

    Stability is something that is tricky to judge because when you have a 600-person userbase, there are always going to be issues. As we fix them, it becomes stable again.

    What do I think about the scalability of the solution?

    This is suitable for organizations of all sizes; small, medium, and large-sized companies. For example, one of our clients has 600 users.

    The ease of scaling depends on the number of times you scale, or to which extent. I can start by saying that scaling is easy but if you want to scale a hundredfold, then it's not going to be so easy. It's impossible.

    How are customer service and technical support?

    I like Cisco's technical support and find that they are efficient. In fact, I was a technical team leader for Cisco support, and I am now a client. There is amazing support team at TAC and they help Cisco be great. 

    Which solution did I use previously and why did I switch?

    I have worked with similar products from different vendors in the past, although I am avoiding this type of task for the moment.

    The main advantages to Cisco are the scale, the integration, the training, and the possibility of finding somebody to work with. Also, the reaction time that they have in case of failure is very fast, and it is easy to replace the setup.

    How was the initial setup?

    The initial setup is complex. It requires that NGIPS be optimized such that it has the best results with the best performance. The deployment model, be it on-premises or cloud-based, depends on the client.

    The length of time required for deployment also depends on the client. In a small office, I can do it in a few hours. For an enterprise, it could take half a year. I have worked on many different scales.

    What about the implementation team?

    I am responsible for deploying this product to our customers. When it comes to maintenance, we cooperate. They know the environment, their tools, the change management, and the internal procedures. I take care of the technical parts, and we have full cooperation until it is complete.

    What's my experience with pricing, setup cost, and licensing?

    This is an expensive product, with the biggest cost being the license that keeps the service going.

    What other advice do I have?

    My advice for anybody who is implementing NGIPS is to get in touch with someone who can advise them because every network is different. Properly sizing the appliances is important. 

    I would rate this solution a ten out of ten.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Security Team Lead at a tech services company with 201-500 employees
    Real User
    Signature tuning is automated, so deployment is straightforward for our customers
    Pros and Cons
    • "I like Firepower's automation, and the security intelligence is a powerful feature."
    • "Our customers are still facing many bugs on the system. It has matured noticeably, but we are still facing multiple stability issues on Firepower. There are more than 80 or 90 bugs for each release node. It's a considerable number of bugs."

    What is most valuable?

    I like Firepower's automation, and the security intelligence is a powerful feature. 

    What needs improvement?

    If Firepower had an embedded vulnerability scanner, it could better detect the vulnerabilities on different platforms in the network. It needs to integrate with other solutions to detect these vulnerabilities. It cannot detect system vulnerabilities on its own. A new trend is encrypted security solutions. Firepower can integrate with Cisco products like Stealthwatch, and Stealthwatch can primarily integrate with other Cisco products. 

    Firepower APIs that allow it to integrate with other vendors need more flexibility. For example, if I want to integrate with Forcepoint, I can't because Forcepoint cannot integrate with other sandbox vendors. This integration has become essential for the latest security solutions because most customers are now thinking about integrated security solutions. However, not every product is like that. We have to think about the integrated security solutions, so Firepower needs to improve in this area, the integrations with other vendors.

    For how long have I used the solution?

    We are a partner with Cisco and we have sold these products to multiple customers. Most of them have given us positive feedback about Cisco Firepower.

    What do I think about the stability of the solution?

    We had multiple bugs and issues on the old versions, but the new versions Cisco has recently released are much more stable. However, our customers are still facing many bugs on the system. It has matured noticeably, but we are still facing multiple stability issues on Firepower. There are more than 80 or 90 bugs for each release node. It's a considerable number of bugs. It's much better than before, but there are still too many bugs in the new versions. The R&D team needs to put more work into new releases to minimize the number of bugs.

    What do I think about the scalability of the solution?

    Cisco has some limitations in clustering if we want to upgrade the hardware currently deployed at customer sites. If Cisco can improve or optimize this clustering limitation, this will add more scalability to Firepower.

    How are customer service and support?

    Cisco's most powerful support team is based in the United States. Most cases this team handles are solved quickly, but I've had a different experience with the Indian team. It takes too much time to solve the issues. We have different experiences with tech teams in other time zones, and I prefer to communicate cases with a US-based team. It depends on when we open the ticket. Sometimes it will route to the Indian tech team. If we open the ticket between 9 a.m. and 9 p.m. Cairo time, I think it will go to the US team.

    How was the initial setup?

    Signature tuning is automated in Cisco Firepower. This is the most powerful feature, which most vendors don't have. It makes deploying the solution straightforward for the customer and us implementers as well. So the automation and the fine-tuning are effortless in Firepower.

    What was our ROI?

    Cisco Firepower is a good investment because one product can cover such a large part of the NIST security framework.

    What's my experience with pricing, setup cost, and licensing?

    The weakness of Cisco Firepower is the cost. Some of the customers see it as very expensive. 

    What other advice do I have?

    I would rate Cisco Firepower NGIPS nine out of 10. For any customers thinking about implementing this solution, I would suggest being aware of the security areas they want to cover. They need to consider the NIST cybersecurity framework and focus on each area of this framework to make sure that there are no security gaps in their environment. Firepower covers three main areas of this framework: detection, response, and identification. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Systems & Network Manager at Rocky View School Division
    Real User
    Top 10
    Works very well, very stable and scalable, and easy to use
    Pros and Cons
    • "Its ease of use and its ability to block and allow ports in and out of our organization are the most valuable features. It works very well. It gives us all the information that we need."
    • "We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower."

    What is our primary use case?

    It is our main firewall. We use it for reporting and for firewall purposes to block unwanted inputs and outputs.

    What is most valuable?

    Its ease of use and its ability to block and allow ports in and out of our organization are the most valuable features.

    It works very well. It gives us all the information that we need.

    What needs improvement?

    We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. 

    Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower.

    For how long have I used the solution?

    I have been using this solution for two years.

    What do I think about the stability of the solution?

    It has been very stable. I don't think it has gone down at all in two years.

    What do I think about the scalability of the solution?

    It is very scalable. In terms of the number of users, we have 26,000 students and 3,500 staff members. Everybody in our organization goes through it and takes advantage of it on our system. We have about five people who are managing it, and they are from the network group, infrastructure group, and storage group.

    How are customer service and technical support?

    We did have some engagement with the technical support people regarding the integration with Nexus Switches, and they were very good. They helped us out quite a bit.

    Which solution did I use previously and why did I switch?

    We were using Cisco ASAs. They were going out of service. They were going out of sale and support. So, we decided to move to Firepower. We wanted to go to the Next-Gen IPS type of stuff, and ASAs didn't have that kind of feature set.

    How was the initial setup?

    It was quite complex. It required some workarounds with other network components in our system. It could have been a lot less complicated. Nexus Switches that we had were a little bit older, and they didn't integrate as well with Firepower as they could have. So, we ended up having to buy some new switches. 

    The deployment pretty much took about three weeks. It involved moving all of our stuff from our old firewall onto the new one. Rules were a little different, so we had to work on it for a while. Fortunately, we could run them in parallel, so it worked out okay.

    What about the implementation team?

    We did it in-house.

    What was our ROI?

    It has definitely given us our return on the investment.

    What's my experience with pricing, setup cost, and licensing?

    It is expensive. It has separate licensing for all the features, and every feature set seems to require another license.

    Licensing is on a yearly basis. There are no additional costs besides the standard licensing fee.

    What other advice do I have?

    I would advise others to make sure that the rest of their equipment is completely compatible with the newest Firepowers.

    I would rate Cisco NGIPS an eight out of ten. It gives us all the information that we need. We've got to dig for it sometimes, but it is a good product.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Senior Network / ITOps Engineer at a leisure / travel company with 201-500 employees
    Real User
    Top 20
    Easy to set up with helpful technical support and good integration capabilities
    Pros and Cons
    • "You can do zero-day prevention and detection. It's quite useful."
    • "I'd like to see some cloud management. Cisco maybe already has it, however, my company doesn't use it as cloud management."

    What is our primary use case?

    The way we use it in my company is just for a basic firewall.

    It's a next-generation firewall. You can integrate it with external systems, like Cisco Talos, Cisco Umbrella, all these things. You can do threat detection, threat prevention. You can integrate with your active directory. It can block traffic based on the user or user group.

    What is most valuable?

    I use the product mainly for follow-up. I would say the most important is the integration with our directory services, the user directory services. We can block or allow traffic based on the specific users or specific user groups.

    There are other features such as the connection with the intelligence systems such as Talos on Cisco. You can do zero-day prevention and detection. It's quite useful.

    The solution is stable and the performance is good. 

    My understanding is that the initial setup is simple. 

    What needs improvement?

    I'd like to see some cloud management. Cisco maybe already has it, however, my company doesn't use it as cloud management. That said, it would be great to manage your device through the cloud instead of managing through a server on-premise.

    For how long have I used the solution?

    I've only used the solution for two months. It hasn't been that long just yet.

    What do I think about the stability of the solution?

    The product has been stable. Cisco is quite stable as a product. It doesn't crash or freeze. It's reliable. There are no bugs or glitches.

    What do I think about the scalability of the solution?

    I can't really speak to the scalability of the solution as I haven't used it for long enough.

    Due to the fact that all the traffic passes through the firewalls, I would say 500 people or maybe more use the solution in our organization.

    How are customer service and support?

    Cisco technical support is great. They are helpful and responsive. We are very happy with their capabilities. 

    Which solution did I use previously and why did I switch?

    I'm also aware of Palo Alto, which in many ways is a more solid product. We used it in my previous company as it was more mature and much simpler to use in comparison to Cisco. 

    How was the initial setup?

    While I didn't set it up, my understanding is the implementation is straightforward. You read the documentation. It's this continuation from the old Cisco ASAs. People have used it for many years. Cisco's quite easy to set it up and keep up and running. You just need to add things on top of it, however, it's all quite easy. I have done an installation of the previous Cisco firewall. It's really straightforward. The upgrade is quite simple as well.

    We have three technical personnel that can handle deployment and maintenance. We have to cover the whole globe, so we have three people on to handle everything 24/7.

    What's my experience with pricing, setup cost, and licensing?

    You do need to pay a licensing fee. If you want the additional features, like prevention or integration with extended intelligence systems, you need to pay additional licenses.

    What other advice do I have?

    I'm not sure which version of the solution we're using. It might be 6.4. It's likely whatever that latest version is.

    I would recommend Cisco, however, I do find Palo Alto to be a good product as well, and in some ways more solid. 

    I'd rate the solution at a nine out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Senior Network Security Engineer at a wellness & fitness company with 10,001+ employees
    Real User
    Top 10
    Auto-scaling, powerful software fingerprint identification, and good technical support
    Pros and Cons
    • "I think their fingerprints are good in terms of how they whitelist and blacklist."
    • "The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery."

    What is our primary use case?

    The NGIPS handles all of the IPS functionality for our security.

    What is most valuable?

    The most valuable feature for our cloud-based deployment is the autoscaling.

    For our on-premises deployment, clustering is the most valuable.

    I think their fingerprints are good in terms of how they whitelist and blacklist. This is because of Talos, which is really awesome. We use that a lot.

    The anomaly detection capabilities are awesome.

    What needs improvement?

    The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery. You need that to really handle finding anomalies properly. In the past, I've noticed that some applications are not identified correctly, based on the OS and the fingerprints that they're pulling from the host.

    In the future, we would like to see more involvement with the on-premises hybrid cloud. We want to see Cisco do more in the cloud space, and basically improving the connection between on-premises and the cloud. This including things such as automation.

    For how long have I used the solution?

    I have been using Cisco NGIPS for almost seven years.

    What do I think about the stability of the solution?

    The code is well-stabled right now and we've never had issues upgrading from one version to another. We've had it since version 2.0 and for every time we upgrade, it gets better. We're currently on version 6.6 and we're expecting that when 6.7 comes out, it will get better.

    What do I think about the scalability of the solution?

    This is a very scalable product. You can add multiple devices to the same policy and then push that out.

    In the cloud space, scaling is done automatically based on the amount of traffic and the amount of bandwidth that's generated. It scales up and down, back and forth, as needed. For example, if there is not much traffic then it drops, whereas if there is a lot of traffic then it creates another FTD, and then it just shares the load with load balancing.

    Everything is scaled properly both in the cloud and on-premises.

    How are customer service and technical support?

    Cisco's technical support is really good. I would say that they are number one. They follow up on their calls and tags, as well.

    Which solution did I use previously and why did I switch?

    I also have experience with Check Point and I find that the pricing is better with Cisco.

    How was the initial setup?

    The initial setup is straightforward. With the Firepower Threat Defense (FTD), everything is in one box. You can do everything from firewalls to IPS and more. It also includes the next-generation firewall.

    It is an easy upgrade process that is easy to understand. I would say that from version 3.0, it has improved.

    What's my experience with pricing, setup cost, and licensing?

    The cost of the license depends on the level of support that you have with Cisco. 

    What other advice do I have?

    My advice for anybody who is implementing Cisco NGIPS is to read and understand all of the documentation before you start. Whatever it is that you might need help with, reach out to Cisco support and let them help you. The documentation is available and it is very understandable so you may not need their help. I would say that if you take your time to read it then you shouldn't have any problems in deploying.

    I would rate this solution a nine out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    CASO at a tech services company with 11-50 employees
    Real User
    Top 20
    Great security intelligence will top notch technical support
    Pros and Cons
    • "The security intelligence in the product is the best feature and give us all the information that we need in our network."
    • "The SSL decrypt could be improved, but it's normal. All the devices in our platform need a lot of memory or CPU to do the SSL decrypt. This is an issue to improve in all platforms, not only in Cisco."

    What is our primary use case?

    There are both options of cloud or on-premise solutions. I usually do the on-premise solution. We have others who do the cloud solution. If you want to deploy and protect your network from threats and protect your neighbor, that's one of the uses that we employ. With that, you have Security Intelligence, you have Intelligence, you have an Intrusion Prevention System. In the recent upgrade of Firepower, we have 3.0. You can use that to protect the internal network or if you want to protect your servers. 

    What is most valuable?

    We use the Security Intelligence feature. We also use the Cisco AMP for Networks, which is used with the ITL certificate. You can use third-party integrations with the Firepower, about security. You can use the STIX format. With the STIX, you can add emergency threats to rules. This includes malware detection which has a third-party Security Intelligence platform. Included are reporting for the last seven days, V shell, and phishing tank. Cybercrime tracker is to check if any company or domain has a bad reputation on the internet. And it can give that information to the Firepower. You can use Security Intelligence to protect the network. It has preprocessors about security. They have a preprocessor for the SCADA. Cisco has evolved a lot in that area over the last few years.

    What needs improvement?

    The SSL decrypt could be improved, but it's normal. All the devices in our platform need a lot of memory or CPU to do the SSL decrypt. This is an issue to improve in all platforms, not only in Cisco. They have SecureX which can be integrated with other platforms. But I think the improvement of SecureX in the platforms is needed. SecureX is really new but I think that needs a little improvement.

    For how long have I used the solution?

    We have been using Cisco NGIPS or Firepower NGIPS for five years. We use the latest version.

    What do I think about the scalability of the solution?

    It's working correctly, it's working without problems. You can buy another Firepower, and you can do a cluster configuration. And it's really easy, we don't have any problems.

    How are customer service and technical support?

    Cisco support is really awesome. I have another vendor like Honeywell. I really hate when I call Honeywell. But when I call Cisco, I really appreciate it a lot when I talk with the support engineers because the personnel have really good skills and have a really good passion. Cisco support is awesome.

    How was the initial setup?

    I think the installation of Firepower NGIPS is really easy. You configure the device, you connect that to the Firepower Management Center, and you have deployed the Firepower.

    What other advice do I have?

    If they're looking for a platform that can protect from attack, from external or insiders who want to attack the network, I think Firepower is a good solution. With  Security Intelligence, other security features make that platform an awesome platform. I would give Cisco NGIPS a rating of nine on a scale of ten. I think no one platform is perfect. I wouldn't give a 10 to a solution ever because 10 is 100%, and I think no one solution can 100% secure. Not because the platform is not working correctly. Because I think no one platform can be 10 by 10.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.