Cisco NGIPS Reviews

The solution works on a base set of rules to detect malicious traffic or certain exploits, which can be done from both the outside and inside network.

In the virtual deployment, you have a couple of choices depending on your needs and how much bandwidth you have that needs to be inspected. It is quite flexible because it can be deployed on the cloud as well. All the kinks which were in the previous versions were fixed.

I do not think that Cisco has official documentation regarding use cases. They can do better on their documentation because the product is really hard to understand. You need a lot of time to change around things to understand how it works exactly and fine-tune it. If they make it less complicated, I think it will really help all the customers.

They could make the user interface of the management center more user friendly and customizable in the next release. I think they can take some pointers from Palo Alto because their user interface is really intuitive and really customizable.

I have been using the solution for approximately five years.

The solution is stable.

The solution is scalable. The management center, which controls the sensors, you can deploy it. You have two different virtual appliances, one is for managing up to 25 sensors and the bigger one is up to 300 sensors. The hardware list of the products ranges from, I think, 20 sensors and up to 500. Depending on your needs, you can scale it.

We have three administrators working on the solution and the whole organization is being protected by it.

Cisco support is really great. Especially when you have a priority case, when everything is down, you can get an engineer in 15 minutes.

The setup is easy, you do not need hardware. You can just sign up for AWS or Azure and you can deploy it there.

There are licensing fees depending on the features that you are using.

I have evaluated Palo Alto in the past.

Before this version of the solution, it was like a normal IPS. The source for IPS was bought by Cisco, and now it is integrated into the Firepower Threat Defense. The Firepower Defense is a unified image of both the previous firewall which Cisco had, the ASA, and the source for IPS. Currently, the FTD is like a UTM device, a unified threat management device, because it has firewall capabilities and IPS capabilities.

I am going to continue using this solution even though I enjoyed using their main competitors product from Palo Alto. I would recommend this solution to others.

I rate Cisco NGIPS a seven out of ten.

We are a solution provider and I am an engineer who deploys solutions. This is one of the products that I have experience with it in this capacity. The version that we use depends on the client.

Some of our clients are ISPs and they are using the firewall features in this product to replace old firewalls. It is doing the regular firewall inspections, VPN concentration, and other such things. For other customers, who replaced Sourcefire, they use it primarily as an inline IPS and a passive IDS. These customers do not choose very many of the firewall features.

Some customers use it for both; they have a firewall, VPN concentration, and then they do IPS inspection. This is the next-generation of these technologies.

The most valuable feature is the IPS engine. It has been in the security branch for decades and is now integrated into the Cisco portfolio. The difference is that it has been scaled a thousandfold. It provides a base language for intruder inspection for all of the security engineers. Now, they have the same language everywhere in the corporate and the open-source firewalls and IPS.

The configuration of this product can be simplified. I am an expert in this area because few people can do it. It requires a lot of training and documentation.

I think that some initiation scripts might be helpful because they would make the configuration easier and more user-friendly for customers.

I have been working with NGIPS for about four years, since 2016 or 2017, shortly after Cisco bought it.

Stability is something that is tricky to judge because when you have a 600-person userbase, there are always going to be issues. As we fix them, it becomes stable again.

This is suitable for organizations of all sizes; small, medium, and large-sized companies. For example, one of our clients has 600 users.

The ease of scaling depends on the number of times you scale, or to which extent. I can start by saying that scaling is easy but if you want to scale a hundredfold, then it's not going to be so easy. It's impossible.

I like Cisco's technical support and find that they are efficient. In fact, I was a technical team leader for Cisco support, and I am now a client. There is amazing support team at TAC and they help Cisco be great. 

I have worked with similar products from different vendors in the past, although I am avoiding this type of task for the moment.

The main advantages to Cisco are the scale, the integration, the training, and the possibility of finding somebody to work with. Also, the reaction time that they have in case of failure is very fast, and it is easy to replace the setup.

The initial setup is complex. It requires that NGIPS be optimized such that it has the best results with the best performance. The deployment model, be it on-premises or cloud-based, depends on the client.

The length of time required for deployment also depends on the client. In a small office, I can do it in a few hours. For an enterprise, it could take half a year. I have worked on many different scales.

I am responsible for deploying this product to our customers. When it comes to maintenance, we cooperate. They know the environment, their tools, the change management, and the internal procedures. I take care of the technical parts, and we have full cooperation until it is complete.

This is an expensive product, with the biggest cost being the license that keeps the service going.

My advice for anybody who is implementing NGIPS is to get in touch with someone who can advise them because every network is different. Properly sizing the appliances is important. 

I would rate this solution a ten out of ten.

Our primary use case is securing the network. It has a deep learning intelligence ability to filter packages and traffic coming to networks and to different workstations in networks. 

This solution is deployed on-premises. 

The most valuable feature is its IPS ability. You are able to balance security and connectivity. 

The CLI, the console line interface, of the FTD could be improved. It's very complex, so without a GUI, it doesn't work well. I would like it to be more simple. 

As far as additional features or next releases, I think the price could be cheaper. 

We have been using this solution for more than eight years. 

This product is stable. 

This product is very scalable. 

Cisco's technical support is very, very fast. 

Before implementing Cisco, we used Fortigate and Check Point. 

The installation is straightforward. You have to install the device, but if you want to actually manage it, you need a GUI for it. For deployment, you will need two engineers, maximum. 

We implemented this solution through an in-house team and deployed it ourselves. 

We pay for the IPS license to use this solution. 

I rate this product a nine out of ten, and would recommend this product to others who are considering using it. 

We use this solution for traffic inspection and searching.

It's coming to its end of life. We will be considering another solution because it is no longer scalable.

While it is stable, I would like it to be even more stable.

I have been using this solution for 10 years.

Cisco NGIPS is a stable solution. We have not had any issues since we have been using it.

It is no longer scalable because it has gone end of life.

We have approximately six locations. We have close to 2,000 users.

We are satisfied with the technical support.

I was not involved in the installation.

We have a team of four of five, including four engineers, and one supervisor to maintain this solution.

It could be less expensive.

We do pay for licensing yearly, but since it is at its end of life, there are no license implications until we purchase a new solution.

I would recommend this solution to others.

I would rate Cisco NGIPS an eight out of ten.

We use this product to prevent unwanted traffic and to define policies.

The tracking intelligence feature is very good. This solution provides us with the opportunity to detect threats in real-time. 

Some Next-Generation Firewall solutions come with Intrusion Prevention. It would be nice if Cisco NGIPS included that. 

I have been using this solution for almost one year. 

Cisco's support is unmatched. There are very few companies that can match their support. 

Overall, on a scale from one to ten, I would give this solution a rating of nine. 

We use the solution to secure our client's networks.

Overall, it lacks user-friendliness. It could be easier to manage. I can train any customer using FortiGate or Palo Alto in a few days, but with Cisco, it takes much more time because the systems aren't easy to use.

It would be very nice to get rid of FlexConfig. It's a very unhelpful element of the solution.

One feature that is lacking is full interoperability with CLI.

You can configure Palo Alto and FortiGate with a graphical interface, and you can configure it with the command line. This is not so in Cisco. For professionals, this is important because the command line allows us to configure a lot of things and copy configurations and it's much easier.

Technical support is quite good. With firewalls, the last cases I had with Cisco were professionally handled quite quickly and it was great. I can compare with some other manufacturers. FortiGate is awful, for example. I'm generally pleased with Cisco.

The solution has a moderate amount of difficulty. You need to go over and use the documentation.

Cisco has a device manager now but this device manager is not like all device managers from ASA. It lacks a lot of features, and some of these features are very important. It makes it a challenge to configure because of the graphical interface. You have to install the management center and that itself takes time and it's not so simple.

We use the on-premises deployment model.

Ten years ago, when you sold Cisco to clients, customers complained about the price but they knew they were buying the best product in the market. It is totally different now. If they want to buy the best product in the market, they buy Palo Alto or Check Point. Cisco is trying to catch up to the competition.

When we talk about just the IPS manufacturers, I would rate the solution around six or seven out of ten. If we're talking about Cisco as a whole, I would rate them eight out of ten.  

I've found the web filter and JPS the most valuable features.

There are some features not found in Firepower, like data loss prevention, and SSO, to have a connection between Cisco and Active Directory, which was introduced on other products.

In the future, I'd like the same solution in other UTM solutions. I know it has an application filter, but it's not really improving. Also, DLP needs to prevent data loss. Those two features are really important now for firewalls and for the security. The data loss prevention really is the most asked for feature from the customer. Often they ask about how we can prevent loss of emails, of data, files. It's really important.

The solution is stable. This is one of the good things about Firepower. Especially if we use ESE with it. That would make it the complete solution for Cisco for security. If it is the complete solution, it's stable and there are no issues with the product. If the user isn't connected all the time, for example, if we look at some sites or some users, sometimes the connection for the user gets disconnected with each session. Sometimes the filter doesn't work. 

The solution is good to scale.

The technical support is really good. Not only for this solution. The support of Cisco is always good. From the first call, the response is quick and there is no problem with the support.

The initial setup is not complex. There is a wizard so it's not complex. There is a difference in the complexity of the deployment. Depending on customers and infrastructure, sometimes it takes one day or two days if we're talking about a little infrastructure. Sometimes it can take eight days or more to couple the firewall with ASA, and to do some more complex architecture. If we have a complex architecture, we need 2 people to implement, but if we have an implementation that is not so complex, one person can do it.

I do the implementation myself.

Most of the time the ROI good. The customer, most of the time, is happy and is convinced of the usefulness of the solution.

If someone wants to use Cisco Firepower, the solution is easy. The complete solution is the best for having the full security of a Cisco infrastructure. If I could advise someone with the deployment, I would advise taking the complete solution, in order to have a really scalable and stable solution. Or, if you can't take the complete solution, I'd advise taking a cluster of Firepower to have the scalability and stability.

I would rate this solution a 7 or 8 out of 10. If they could add a few of the mentioned features or do something more with the application filter it would be a 9 or a 10 out of 10.

We use this solution for integration, installing, and supporting.

Cisco NGIPS dropped network Troyans and web application attac almost every day. That helps up to feel more secure.

I find the IPS feature the most valuable.

The main problem with Firepower is the time between deployment and configuration. Now, it's approximately six minutes, so If I configure something during deployment, I understand that maybe if I write up a small mistake, I need to wait twelve minutes before I can fix the configuration. So I think the main problem is the time of deployment.

The solution could add DLT, but it's already full enough of features.

The interface could be simpler and more user-friendly. More flexibility with the dashboards is needed because some of them are not fully developed. We could use more flexible base boards.

For the years we've been using Firepower we have only one or two cases of instability. There were only one or two unpredictable things.

One case was fasten with Active/standby switchover. After switchover some networks has been lost. After rebooting the standby FP next switchover was without problem.

Another case was associated with setting up of NAT. It was a FirePower nuance. Only the second TAC engineer helped us with it.

I find the solution really scalable.

I'd give technical support a five out of five. When things need to get solved, they get solved.

We used to have ASA 5520. But in time we needed more security features to secure our services and users.

The initial setup wasn't complex or complicated. Everything was clear. The initial configuration took a day, but the company that we support has a very complicated topology. During the deployment, they had a different idea about how the configuration should be. Because the customer didn't know what they wanted, the files and the deployment took approximately three or four months. 

For deployment, it depends on the company. It depends on the company's complicated topology. If it's too complicated, then maybe you need two engineers to support Firepower. For employees, you need only one, with a second as a standby in case something goes wrong with the primary engineer, so I'd say you need two engineers to maintain the solution.

I handled the implementation myself.

The company is Cisco oriented and Cisco is a leader in security Gartner Quadrant for Enterprise Network Firewalls.

My advice for anybody implementing this solution is to follow the instructions carefully.

I would rate this solution an eight out of ten.