Cisco NGIPS Reviews

I primarily use NGIPS as perimeter security firewall devices to filter traffic.

NGIPS' best feature is the separate IPSec tunnels, which makes the user's data more secure if they want to access it privately.

NGIPS' GUI interface could be improved and made more user-friendly, especially in comparison to Palo Alto's Next-Generation Firewall.

I've been using NGIPS for around five years.

The initial setup is complex and requires someone with a background in firewalls to set it up. Inexperienced users will find it very difficult to set up. For experienced users, deployment will take around forty-five minutes. I would rate the setup process five out of ten.

NGIPS is expensive.

I would recommend NGIPS to other users, but only as a second choice behind Palo Alto. I would give NGIPS a rating of eight out of ten.

Our primary use case is for the firewall and other security-related features.

I think the Cisco Firepower is the best firewall in the world and the other security features like AMP, IPS, and deep inspection packets.

The most valuable feature would be the IPS is very important in Cisco Firepower because I can configure deep configuration in IPS and tuning.

I would like to see the sanctions lifted so we could use the full solution and have the speed increased.

I have been using Cisco NGIPS for the past eight years.

The stability is evident and without issues.

The scalability is excellent. We have around one thousand two hundred users.

There is a very good community with CISCO.

The initial setup is straightforward.

The implementation can take anywhere from one day to a month for advanced tuning and firewall protection.

There is definitely a return on investment and is worth the money

When it comes to pricing you pay for a permanent licensing structure. One, three, and five-year options. There are no extra costs.

I would rate Cisco NGIPS a ten on a scale of one to ten.

We use this solution as an intrusion prevention system, as well as UI filtering, application control, and anti-malware protection.

The traffic filter feature of this solution has improved our organization. It not only provides ransomware protection, but saves us time in dealing with unnecessary traffic.

The traffic filter of this solution is very valuable to us, and to our clients.

We would like to see some improvement in the configuration process for this solution, as it is currently quite complex.

We have been working with this solution for around a year.

We have found this to be a stable solution in our experience.

This is a scalable product.

The initial setup of this solution is straightforward if it is only the standard package being installed. However, configuring this product is complex and requires a lot of time commitment.

Deployment of the solution usually only takes a few hours, but if it is being implemented in a more complicated environment it can take up to three days.

We would recommend this solution to other organizations as it is very easy to use.

I would rate this solution a seven out of ten.

At present, we are using different policies against which we gather logs. Logs that have been deleted on a first in, first out basis. The logs are only available for three to four hours max. I work in the IT department of a pharmaceutical company and we are customers of Cisco. 

We are looking for cybersecurity threats, like Pinterest and this solution has a good IPS feature as well as it's VirtualBox which helps us to time and for the QD, our daily routine tasks or issues. The solution provides a clear picture of what a user is doing at a specified time.

Because of cybersecurity threats, other security features should be available in Cisco devices. Sangfor IAM is good because this provides the logging IAM feature which you can retain for up to 12 months. But Cisco does not provide this type of logging because no third-party logging server is supported with the Cisco firewall.

I've been using this solution for three years. 

The stability is fine. We manage to resolve general bugs by updating the software or VirtualBox as well as in the hardware. That is not a big deal for us.

The scalability is fine for us, we currently have 50 users. 

Their technical support is good. We have SLA with Cisco, which will be renewed next year.

We have a somewhat complicated environment over here. We have also implemented SSG Juniper, SSG140, so basically their firewall is working as a router.

The price is a little high in comparison to other similar solutions. If we talk about Sophos Firewall with IBM software, it's cheaper in comparison to Cisco and their VirtualBox.

I recommend this latest model of Cisco firewall. In terms of the wide logging, it gives us as much as we need. We have implemented 30 to 35 policies in which loggings are gathered. 

I would rate this solution an eight out of 10. 

We have a data center and we need security products such as Cisco NGIPS to protect us from attacks that are going to impact our organization. For the purpose of completing our compliance audit and VAPT process, we have these kinds of security solutions in place.

The features that I find most valuable are the DDoS protection, IPS/IDS, and Firepower for web application filtering. These three things are pretty good and each is valuable as per the different needs of my business operations.

I would like to see better support for preventing cross-scripting and brute-force attacks that may originate from our homegrown applications. This is needed because the applications that we are developing for internal use do not go through the heavy security check that we have in place. If there is some flaw in an application, which happens every now and then, then there will be a huge cost that I may have to pay. I would like to know that if I have a security solution in place then I am at least 99% confident that problems will be prevented. As it is now, I cannot say that I am 80% secure against my applications being attacked.

Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture. Adding this type of functionality would make this product unbeatable.

We have been using Cisco NGIPS for more than five years.

This is a stable product.

Cisco NGIPS is scalable and we have about 600 users.

Technical support is outsourced and it is good.

I did not work with another solution before this one.

The initial setup is straightforward and the deployment took about three weeks.

I have ten people who take care of maintenance.

Pricing depends on negotiation with the vendor, although I can say that it is moderate. I would not say that it is very high or low, but rather, average.

I am now trying to implement a more rigorous web application firewall because I don't want to manage the bugs or attacks that are going to come from the outside. I would prefer it is managed by somebody who is an expert in web application firewalls. I want to couple it with additional software for load-balancing to improve speed. Allowing somebody else to manage this will free up my time to run my business, which is better for generating revenue for the company.

I would rate this solution a nine out of ten.

We primarily use the solution for network firewalling and intrusion prevention.

We get a bit of visibility into network threats and we can successfully mitigate those threats by using the product.

The most valuable feature would be the intrusion prevention for us for security reasons.

The setup is pretty straightforward.

The solution gives us a lot of visibility into our security.

The product is quite stable.

There are pretty good capabilities for scaling.

Currently, this product is difficult to manage. It needs to be more user-friendly.

A lot of improvements can be made into the overall architecture of the firewall. It's lacking right now. It's something they need to work hard to improve.

The reason for the lack of cohesion in the architecture is due to the fact that Cisco acquired this company and then they merged two products, the Cisco ASA and the Firepower product, into a single product. As a result, the product is not as mature as some of the other comparable products out in the industry.

The price is in the high end of the spectrum, again, comparing to other players in the industry.

The solution requires better management. When it comes to central management capabilities, improvements can be made. 

Better reporting in terms of analytics and dashboards would be very useful in future versions.

We've been using the solution for about five years now.

The stability overall has been good once we get it up and running. We've not seen any issues once we've launched everything. It isn't buggy or glitchy. It doesn't crash or freeze. It's reliable.

The scalability on the solution is good overall. They have a central management console that can assist with the process. The only issue there is we feel like there's room for improvement on the administration side of things.

When it comes to a user installing the networks, all the users essentially traverse this firewall, but when it comes to the administrators of the product, we've got five administrators in networking, they pretty much use it on a daily basis.

The technical support has been good. We're satisfied with the level of service we get. They know what they are talking about. They respond promptly. Overall, they are above-average. I'd rate them eight out of ten. 

Of course, there's always a little bit of room for improvement from any technical support service. In general, it's always about the speed of resolving an issue, responsiveness, et cetera. These are common industry wide. We always want everything resolved faster.

We previously used FortiGate. We switched as we wanted something that had easy management capabilities, so we moved to Cisco. We thought that Cisco would be a bit more mature.

The initial setup is a little bit difficult. It's pretty straightforward, although if we look at it relative to other products on the market, we feel that the other products are easier to set up compared to this one.

The pricing is actually pretty high, especially if you compare it to other solutions that are out there. They are comparable but cost less.

The advice we would give to other organizations is to look at the administrative overhead, and also to pay close attention to when the company is deploying it. We feel that there are certain feature functionalities that might not be mature depending on a company's use case. Everything depends on use cases. A company needs to evaluate its own unique use case, and look at the product feature functionality. A company also needs to look at some of the administrative overhead before they choose the product to make sure that it is suitable for their environment.

This solution overall I would rate at seven out of ten. I would say it's a good product if you look at the primary functionality, which is intrusion prevention. It's is one of the best out there, however, the issue is it's been wrapped around an administrative layer which is quite difficult compared to other products. They've got a really good engine as far as IPSs go, and that's the most important thing. 

We use it on the perimeter, for our infrastructure between our network and our bank's network.

The solution is very powerful coupled with Firepower. It's great for filtering.

The pricing is very expensive. They should make their equipment more affordable.

Cisco should offer better integration capabilities and offer an easier integration process.

This current solution is stable. Last time, we worked with Cisco ASA 6500. That solution sometimes froze and we had to reboot the system. This one, as I mentioned, seems fine. We don't have this problem.

The solution is very scalable, but the main issue surrounds the cost to do so. Scaling can be very expensive. Our network isn't too big. We have around 60 users.

Cisco offers very good technical support. I have no complaints about that. 

We attended the Cisco training, as we always do. When we buy equipment from Cisco, they also give us learning credits. With those learning credits, it makes it easy to attend training. In terms of the knowledge they share surrounding the equipment, it's very good. We don't have a doubt about what to do.

The initial setup of NGIPS was fine. Firepower took the most time. We took about three months to deploy the solution. 

You only need two people for deployment and maintenance. 

We implemented the solution by ourselves. Last time, we worked with a company that deployed for us, but it turned out not to be necessary. We realized we can deploy by ourselves, and attend the training and support by ourselves. 

The advice I would give to others thinking about implementing the solution is to make sure you have a solid knowledge of the network. 

I would rate this solution eight out of ten.

The most valuable features of Cisco NGIPS are the VPN, IPS, access policy management, EIM, and the ASA model as part of Firepower.

I have been using Cisco NGIPS for approximately three years.

Cisco NGIPS is highly stable.

Cisco NGIPS is scalable. The scalability is easy to do because if the Firepower threat defense works in the cluster mode, someone can scale up the system using two and three Firepower threat defenses at the same time in one system.

We use this solution in different companies and provide them with support. We have some clients that have 3,000 users whereas others have 700.

In our company process some team, we have three or four people and the solution can be easily maintained because it is managed in one place in the Firepower management center. In one company we have approximately 24 Firepower models and these devices are controlled by one system, the Firepower management system (FMC). It's very easy to control and maintain the solution.

The price of the solution is expensive to a degree it cannot be used by small businesses. It is best suited for medium and enterprise businesses.

I would recommend this solution to others for medium, large, and enterprise businesses only.

I rate Cisco NGIPS a ten out of ten.