Cisco NGIPS Reviews

The way we use it in my company is just for a basic firewall.

It's a next-generation firewall. You can integrate it with external systems, like Cisco Talos, Cisco Umbrella, all these things. You can do threat detection, threat prevention. You can integrate with your active directory. It can block traffic based on the user or user group.

I use the product mainly for follow-up. I would say the most important is the integration with our directory services, the user directory services. We can block or allow traffic based on the specific users or specific user groups.

There are other features such as the connection with the intelligence systems such as Talos on Cisco. You can do zero-day prevention and detection. It's quite useful.

The solution is stable and the performance is good. 

My understanding is that the initial setup is simple. 

I'd like to see some cloud management. Cisco maybe already has it, however, my company doesn't use it as cloud management. That said, it would be great to manage your device through the cloud instead of managing through a server on-premise.

I've only used the solution for two months. It hasn't been that long just yet.

The product has been stable. Cisco is quite stable as a product. It doesn't crash or freeze. It's reliable. There are no bugs or glitches.

I can't really speak to the scalability of the solution as I haven't used it for long enough.

Due to the fact that all the traffic passes through the firewalls, I would say 500 people or maybe more use the solution in our organization.

Cisco technical support is great. They are helpful and responsive. We are very happy with their capabilities. 

I'm also aware of Palo Alto, which in many ways is a more solid product. We used it in my previous company as it was more mature and much simpler to use in comparison to Cisco. 

While I didn't set it up, my understanding is the implementation is straightforward. You read the documentation. It's this continuation from the old Cisco ASAs. People have used it for many years. Cisco's quite easy to set it up and keep up and running. You just need to add things on top of it, however, it's all quite easy. I have done an installation of the previous Cisco firewall. It's really straightforward. The upgrade is quite simple as well.

We have three technical personnel that can handle deployment and maintenance. We have to cover the whole globe, so we have three people on to handle everything 24/7.

You do need to pay a licensing fee. If you want the additional features, like prevention or integration with extended intelligence systems, you need to pay additional licenses.

I'm not sure which version of the solution we're using. It might be 6.4. It's likely whatever that latest version is.

I would recommend Cisco, however, I do find Palo Alto to be a good product as well, and in some ways more solid. 

I'd rate the solution at a nine out of ten. 

It is our main firewall. We use it for reporting and for firewall purposes to block unwanted inputs and outputs.

Its ease of use and its ability to block and allow ports in and out of our organization are the most valuable features.

It works very well. It gives us all the information that we need.

We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. 

Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower.

I have been using this solution for two years.

It has been very stable. I don't think it has gone down at all in two years.

It is very scalable. In terms of the number of users, we have 26,000 students and 3,500 staff members. Everybody in our organization goes through it and takes advantage of it on our system. We have about five people who are managing it, and they are from the network group, infrastructure group, and storage group.

We did have some engagement with the technical support people regarding the integration with Nexus Switches, and they were very good. They helped us out quite a bit.

We were using Cisco ASAs. They were going out of service. They were going out of sale and support. So, we decided to move to Firepower. We wanted to go to the Next-Gen IPS type of stuff, and ASAs didn't have that kind of feature set.

It was quite complex. It required some workarounds with other network components in our system. It could have been a lot less complicated. Nexus Switches that we had were a little bit older, and they didn't integrate as well with Firepower as they could have. So, we ended up having to buy some new switches. 

The deployment pretty much took about three weeks. It involved moving all of our stuff from our old firewall onto the new one. Rules were a little different, so we had to work on it for a while. Fortunately, we could run them in parallel, so it worked out okay.

We did it in-house.

It has definitely given us our return on the investment.

It is expensive. It has separate licensing for all the features, and every feature set seems to require another license.

Licensing is on a yearly basis. There are no additional costs besides the standard licensing fee.

I would advise others to make sure that the rest of their equipment is completely compatible with the newest Firepowers.

I would rate Cisco NGIPS an eight out of ten. It gives us all the information that we need. We've got to dig for it sometimes, but it is a good product.

We use the solution as an intrusion prevention system to detect malicious attacks on the network.

The solution updates at regular intervals. It has the most recent definition of the attacks, including zero-day attacks.

They could provide one solution to fit all the use cases. Presently, we have purchased different solutions for total security. It has become expensive for us.

The solution is very stable. I rate its stability a nine out of ten.

The solution is scalable. It integrates with different XDR solutions. Thus, we can manage all the devices on a single pane. It is suitable for SMEs and large enterprises as well.

I rate its scalability an eight out of ten.

The solution's technical support is quite good. Although, it needs to be cohesive in terms of communication.

Positive

The solution's initial setup process is complicated. But we can manage it with the right team for installation and technical support from Cisco.

The solution is good value for money. It is highly-priced but competitive in terms of features and support services.

It is an efficient cyber security solution. I highly recommend it to others and rate it a nine out of ten.

There are both options of cloud or on-premise solutions. I usually do the on-premise solution. We have others who do the cloud solution. If you want to deploy and protect your network from threats and protect your neighbor, that's one of the uses that we employ. With that, you have Security Intelligence, you have Intelligence, you have an Intrusion Prevention System. In the recent upgrade of Firepower, we have 3.0. You can use that to protect the internal network or if you want to protect your servers. 

We use the Security Intelligence feature. We also use the Cisco AMP for Networks, which is used with the ITL certificate. You can use third-party integrations with the Firepower, about security. You can use the STIX format. With the STIX, you can add emergency threats to rules. This includes malware detection which has a third-party Security Intelligence platform. Included are reporting for the last seven days, V shell, and phishing tank. Cybercrime tracker is to check if any company or domain has a bad reputation on the internet. And it can give that information to the Firepower. You can use Security Intelligence to protect the network. It has preprocessors about security. They have a preprocessor for the SCADA. Cisco has evolved a lot in that area over the last few years.

The SSL decrypt could be improved, but it's normal. All the devices in our platform need a lot of memory or CPU to do the SSL decrypt. This is an issue to improve in all platforms, not only in Cisco. They have SecureX which can be integrated with other platforms. But I think the improvement of SecureX in the platforms is needed. SecureX is really new but I think that needs a little improvement.

We have been using Cisco NGIPS or Firepower NGIPS for five years. We use the latest version.

It's working correctly, it's working without problems. You can buy another Firepower, and you can do a cluster configuration. And it's really easy, we don't have any problems.

Cisco support is really awesome. I have another vendor like Honeywell. I really hate when I call Honeywell. But when I call Cisco, I really appreciate it a lot when I talk with the support engineers because the personnel have really good skills and have a really good passion. Cisco support is awesome.

I think the installation of Firepower NGIPS is really easy. You configure the device, you connect that to the Firepower Management Center, and you have deployed the Firepower.

If they're looking for a platform that can protect from attack, from external or insiders who want to attack the network, I think Firepower is a good solution. With  Security Intelligence, other security features make that platform an awesome platform. I would give Cisco NGIPS a rating of nine on a scale of ten. I think no one platform is perfect. I wouldn't give a 10 to a solution ever because 10 is 100%, and I think no one solution can 100% secure. Not because the platform is not working correctly. Because I think no one platform can be 10 by 10.

In the previous version, some features were not enabled. For example, you could not access the VPN. So that was one of the downsides of the product. In this latest version, after enabling these features in the previous version and using them, it's been good. Inspection, application, and inspection in the cloud, the detail in the cloud for an indication of compromise and the malicious activity re-hashing are all valuable features. It's more of the cloud and the malicious activities aspects that define this application.

The file trajectory could be improved.

We still have a web proxy but I think at some point we should not have two products. We should have only one product. Most of the features of the web proxy already exist in the UTM appliances. We have a debate as to whether it's the Cisco Firepower and UTM Appliance of next-generation firewall. But I consider both of them the same. So I would say if we have the caching and the other features which are unique features to the Web Proxy, I think Cisco will be number one if they are able to include such features in the future.

It's a really good product but I have had a really good experience with Palo Alto UTM Appliances. Which I would give a higher mark than the Firepower. It's just a little bit more expensive than the Cisco Firepower.

Scalability I would say, it has some limitations in the large deployment. I think Cisco is working to improve it.

The technical support is the most valuable part of the solution. Cisco is number one in technical support. It's good technical support and this is actually a problem when we do the recruitment for some other products. Other products you are on hold forever and the support is not as good compared to Cisco. 

I started with Juniper and the Palo Alto UTM Appliances, and many other vendors. But we do have a policy to use multiple vendors.

Three years ago the setup was very complex. We had two different cables or software. It's like two appliances and one appliance. We had to set up ASA first and then set up Firepower and do the redirect from the old HTTP traffic, from the ASA for a detailed inspection by Firepower. Initially, it was complex. That was a few years back, but now with the newer version, it's just a piece of cake. Deployment took about 40 minutes. I also handle the maintenance myself.

I do the implementation myself but in certain situations, because we have a risk assessment, it's a sort of risk transfer, so we have a contract with a certain integrator. We do have a contract, but I personally do the setup.

We have definitely experienced ROI. Because we have had many incidents where Cisco Firepower has caught malicious activities and triggered an alarm, a true positive alarm. Which is really good in our case.

The solution is extensively used. We have a policy, from a permission security perspective, that you need to have diversity in the vendors and diversity in the products. We have some areas which are using these products and other areas which is using different products.

It's a really good product, but you need to give it some time to form a sort of baseline, before enabling all the features. You need to study the product well because the product will decrease to around 35-40% of the actual product when you start to enable features. Like the application and inspection, the SSL decryption, the URL filtering, and the ITSM inspection. If you enable more features, you will decrease a little bit of the property. Whoever selects the device initially needs to plan which features they are going to use and they might have to shift the sizing of the product. They might need a high-end appliance or a smaller low-end appliance based on the features they are going to use.

I would give the solution 9 out of 10. 

This product automatically blocks any form of threat in a network. Once a threat is detected, it will notify the IT team. It will show the full threat, the target destination, and perhaps a loophole that the intruder used.

What it reports depends on how you have configured it.

It's able to map the solutions that you have, detailing how they are connected. It gives you visibility in terms of what's happening without your network.

This is the leading Cisco solution across Sub-Saharan Africa.

The most valuable feature is that it is able to detect any form of infiltration. It does this in an automated fashion so that you don't have to do anything to it. Once it is properly configured, it will act on its own.

The visibility that it gives you is very good. You're able to know what has happened within your network.

The way it pushes policy rules is very good. It makes sure that your information is reliable, and that you have the right visibility and the right intelligence.

I would like to see a more user-friendly interface. This is true for Cisco in general, with many of the products that they have.

We have been selling Cisco NGIPS for approximately four years.

This is a very stable product. In Sub-Saharan Africa, it is used by every six or seven banks out of ten.

This solution is very easy to scale, depending on your organization's roadmap. I have had customers that are using it and scaling very fast, especially in the financial sector.

Being a clustered solution, you can have 500, 1,000, or 10,000 users. In fact, one of my customers has 20,000 users of NGIPS. I have another organization that has 1,200 users. The size of the solution is set based on the number of users.

The technical support from Cisco is good, and it is not expensive. Over the past couple of years, they have really improved when it comes to service delivery.

I have worked with a variety of security solutions. I have worked with products from Trend Micro, Cisco, and others.

This product is straightforward to install. A CCMP can complete the deployment in one day.

One skilled person is suitable for deployment.

This is a very affordable product.

This is a product that I can recommend anytime. I have sold millions of dollars of it, every year. 

I would rate this solution an eight out of ten.

We replaced an ASA with Firepower managed by FMC with NGIPS, and we're also using it for advanced security, like anti-malware protection and IPS. 

We used to have different solutions integrated together between Cisco and non-Cisco, or Cisco and a third party. We now have an all-in-one which is kind of nice. 

I believe the IPS is a valuable function, because they update the signatures all the time and it's very granular. This is a good, stable solution and it's always up to date with all the security features.

I think the GUI user interface could be improved and the login is not very user friendly. They could maybe improve on that. 

The stability is good, we haven't had any problems. 

I think scalability is good although we only have a couple of people in our company that use it - the IT Manager and myself.  

The technical support is very good. I've never had issues with Cisco support, they're the best. 

The initial setup is straightforward, it took a few hours. As the consultant, I deployed the solution. 

I'm not sure of the licensing costs, I know we have a three-year subscription. 

Compared with other solutions, this is very good. 

I rate this product a nine out of 10. 

We are a system integrator, and we resell this solution to our customers.

This solution is for intrusion prevention, and the majority of deployments are on-premises.

The most valuable feature of this solution is its modularity, so whenever you need to upgrade or add another service, you don't need to buy another box. You can activate these services on the same box, which saves a lot in terms of cost because you don't need additional hardware. Moreover, it makes manageability easier because you don't have to use several different devices.

Cisco operates on an open operating system platform so it gives you the flexibility to add other things. Cisco itself is using different manufacturers, or OEM vendors to integrate with their product. For example, Radware is providing a DDoS solution for the NGIPS box.

We would like to see support for DDoS protection.

The cost of adding additional throughput is very high and is an area of concern. Competing products such as FortiGate and TippingPoint have a much larger throughput at a smaller cost.

The devices have certain limitations and to go beyond them, I need to change the hardware. For example, if I exceed the throughput on the 2000 series then I have to switch to the 4000 series. This one then has a limitation of perhaps fifty gigabytes, and if I exceed that, then I need to move to the 9000 series. By comparison, TippingPoint and FortiGate have no limit. If there was a software-based solution for scaling up then it would be much better.

This is a very stable solution. We have not heard any complaints from customers, and we have not experienced any trouble ourselves.

When it comes to scalability, there is a limitation that is set by the hardware. If you're looking for higher throughput then you have to change boxes. The 2000 series is pretty small when it comes to bandwidth, so scalability is a concern.

Technical support from Cisco is perfectly fine, and they are doing a great job.

Prior to this solution, we used TippingPoint. Although it is a very good solution, there was a problem with the product having too many acquisitions. Every time there was a new acquisition, support was a concern. For example, at one point it was taken over by HP, and then, again, HP disowned it. Support was hampered by this, and if you're not getting support on a critical security appliance then you need to look for other options. This is what led us to adopt Cisco.

The initial setup of this solution is not complex. They have a graphical user interface for managing all of these things, which helps make it easy to deploy.

The price for additional throughput is the highest in the industry.

This is a solution that I recommend for IPS.

I would rate this solution a seven out of ten.