Coming October 25: PeerSpot Awards will be announced! Learn more

Cisco NGIPS OverviewUNIXBusinessApplication

Cisco NGIPS is #4 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Cisco NGIPS an average rating of 8.4 out of 10. Cisco NGIPS is most commonly compared to Check Point IPS: Cisco NGIPS vs Check Point IPS. Cisco NGIPS is popular among the large enterprise segment, accounting for 60% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 20% of all views.
Cisco NGIPS Buyer's Guide

Download the Cisco NGIPS Buyer's Guide including reviews and more. Updated: September 2022

What is Cisco NGIPS?

Cisco Firepower NGIPS provides network visibility, threat intelligence, automation and industry leading threat effectiveness. Gartner has ranked Firepower NGIPS as a Magic Quadrant Leader for seven years running, and the independent NSS Labs testing organization consistently rates it as a “Recommended” IPS solution for eight years.

Cisco NGIPS was previously known as Sourcefire NGIPS, Firepower NGIPS.

Cisco NGIPS Customers

American Electric Power, Huntington Bank, Keycorp, Nationwide, Transunion, Marriott, Inova Health, Ford, Thomson Reuters, Dow Chemical, Equifax, Chevron, Walmart, Coca Cola

Cisco NGIPS Video

Archived Cisco NGIPS Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Associate Consultant at a computer software company with 201-500 employees
Real User
Top 20
Good intrusion prevention and easy to set up but the pricing is high
Pros and Cons
  • "The solution gives us a lot of visibility into our security."
  • "The solution requires better management. When it comes to central management capabilities, improvements can be made."

What is our primary use case?

We primarily use the solution for network firewalling and intrusion prevention.

How has it helped my organization?

We get a bit of visibility into network threats and we can successfully mitigate those threats by using the product.

What is most valuable?

The most valuable feature would be the intrusion prevention for us for security reasons.

The setup is pretty straightforward.

The solution gives us a lot of visibility into our security.

The product is quite stable.

There are pretty good capabilities for scaling.

What needs improvement?

Currently, this product is difficult to manage. It needs to be more user-friendly.

A lot of improvements can be made into the overall architecture of the firewall. It's lacking right now. It's something they need to work hard to improve.

The reason for the lack of cohesion in the architecture is due to the fact that Cisco acquired this company and then they merged two products, the Cisco ASA and the Firepower product, into a single product. As a result, the product is not as mature as some of the other comparable products out in the industry.

The price is in the high end of the spectrum, again, comparing to other players in the industry.

The solution requires better management. When it comes to central management capabilities, improvements can be made. 

Better reporting in terms of analytics and dashboards would be very useful in future versions.

Buyer's Guide
Cisco NGIPS
September 2022
Learn what your peers think about Cisco NGIPS. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,779 professionals have used our research since 2012.

For how long have I used the solution?

We've been using the solution for about five years now.

What do I think about the stability of the solution?

The stability overall has been good once we get it up and running. We've not seen any issues once we've launched everything. It isn't buggy or glitchy. It doesn't crash or freeze. It's reliable.

What do I think about the scalability of the solution?

The scalability on the solution is good overall. They have a central management console that can assist with the process. The only issue there is we feel like there's room for improvement on the administration side of things.

When it comes to a user installing the networks, all the users essentially traverse this firewall, but when it comes to the administrators of the product, we've got five administrators in networking, they pretty much use it on a daily basis.

How are customer service and support?

The technical support has been good. We're satisfied with the level of service we get. They know what they are talking about. They respond promptly. Overall, they are above-average. I'd rate them eight out of ten. 

Of course, there's always a little bit of room for improvement from any technical support service. In general, it's always about the speed of resolving an issue, responsiveness, et cetera. These are common industry wide. We always want everything resolved faster.

Which solution did I use previously and why did I switch?

We previously used FortiGate. We switched as we wanted something that had easy management capabilities, so we moved to Cisco. We thought that Cisco would be a bit more mature.

How was the initial setup?

The initial setup is a little bit difficult. It's pretty straightforward, although if we look at it relative to other products on the market, we feel that the other products are easier to set up compared to this one.

What's my experience with pricing, setup cost, and licensing?

The pricing is actually pretty high, especially if you compare it to other solutions that are out there. They are comparable but cost less.

What other advice do I have?

The advice we would give to other organizations is to look at the administrative overhead, and also to pay close attention to when the company is deploying it. We feel that there are certain feature functionalities that might not be mature depending on a company's use case. Everything depends on use cases. A company needs to evaluate its own unique use case, and look at the product feature functionality. A company also needs to look at some of the administrative overhead before they choose the product to make sure that it is suitable for their environment.

This solution overall I would rate at seven out of ten. I would say it's a good product if you look at the primary functionality, which is intrusion prevention. It's is one of the best out there, however, the issue is it's been wrapped around an administrative layer which is quite difficult compared to other products. They've got a really good engine as far as IPSs go, and that's the most important thing. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Manager IT Security at UnitedHealth Group
Real User
The anomaly baseline formation links the network, then anything that goes away from the norm is also flagged
Pros and Cons
  • "Ir's signature-based. We are also using the anomaly baseline formation, where it links the network, then anything that goes away from the norm is also flagged. Those are the two most valuable features."
  • "It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own."

What is our primary use case?

Basic IPS functionality for intrusion prevention. We have two kinds of deployment. The one that is Inline and the one that is not Inline, where it's just listening. We have like a tap to which its monitoring traffic. For the one that is kind of offline deployment but for the Inline deployment, all traffic goes through it, like for North-South traffic, towards internet to provide some real-time intrusion prevention.

What is most valuable?

Ir's signature-based. We are also using the anomaly baseline formation, where it links the network, then anything that goes away from the norm is also flagged. Those are the two most valuable features. 

What needs improvement?

It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own. It learns patterns, learns what good traffic looks like then is able to stop bad traffic, not just based on behavior but based on every other thing. I think other next-generation IPS solutions are turning towards integration of ML and AI. I need machine learning and the ability to share intelligence. 

For how long have I used the solution?

I have been using Cisco NGIPS for seven years.

What do I think about the stability of the solution?

It is pretty stable and has good throughput.

What do I think about the scalability of the solution?

It's scalable. You can add more to it as traffic requires, one cluster can do HA, so it's pretty scalable. In fact, you can cluster up to six chassis on the 4100.

If it's host-based IPS, we can count a number of users and say we have 45,0000 users but for network-based IPS, where it's just picking traffic from different connections when you're trying to go to the internet or when you're trying to come back to the internet it can support up to 10 million concurrent sessions. We have around 200,000 users but it can support 10 million concurrent sessions.

For maintenance, once you configure it, depending on what you call maintenance if it's software upgrade it doesn't take a lot to upgrade it. If it's active/standby you can upgrade the active. The standby becomes the active. Then when the active comes back on, you can upgrade the standby. So usually, at least you have an active/standby scenario, but if you have a cluster, you can take each out of production in codes. We start while others are in production. 

If you're talking about maintenance in terms of log collections and shipping of the logs, it's also easy to deploy from that perspective.

How are customer service and technical support?

Cisco has very good support. We get good support from Cisco. 

Which solution did I use previously and why did I switch?

We've been using Cisco for a while. Going from the IPS module on ASA or the IPS appliance, we've transitioned from different Cisco IPS solutions to this Cisco Next Generation IPS. 

It's been Cisco all along, it's just that this one has more visibility and it's next-generation style compared to the older IPS. 

How was the initial setup?

The initial setup was straightforward and easy to deploy. It was very quick.

Which other solutions did I evaluate?

We also looked at Sourcefire.

They bought this particular one from Sourcefire and Sourcefire was the world leader in next-generation IPS before Cisco bought it and I know it wasn't just in terms of visibility and how much it can do but in terms of cost too because it was an open-source project that was going on before Cisco bought it. Cisco bought the enterprise version so I feel it's not expensive, but I've not really checked the licensing cost.

What other advice do I have?

Sourcefire wasn't originally Cisco and it was already a world leader and if I'm not mistaken or quoting wrongly, I think it's from the Snort project. I know the open-source community is still contributing to what Cisco is presenting with FirePower or FireSIGHT IPS. It's an open-source project. You can trust it because of the originality score and with what we've used so far too, I see the difference in the old version and this new one. You get better security compared to these other next-generation IPS out there.

In the next release, I would like to see AI machine learning capabilities built into it.

I would rate it a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco NGIPS
September 2022
Learn what your peers think about Cisco NGIPS. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,779 professionals have used our research since 2012.
Network Administrator
Real User
Good for filtering and very stable with the ability to scale easily

What is our primary use case?

We use it on the perimeter, for our infrastructure between our network and our bank's network.

What is most valuable?

The solution is very powerful coupled with Firepower. It's great for filtering.

What needs improvement?

The pricing is very expensive. They should make their equipment more affordable.

Cisco should offer better integration capabilities and offer an easier integration process.

For how long have I used the solution?

We bought the solution a year ago, and finished setup a month ago.

What do I think about the stability of the solution?

This current solution is stable. Last time, we worked with Cisco ASA 6500. That solution sometimes froze and we had to reboot the system. This one, as I mentioned, seems fine. We don't have this problem.

What do I think about the scalability of the solution?

The solution is very scalable, but the main issue surrounds the cost to do so. Scaling can be very expensive. Our network isn't too big. We have around 60 users.

How are customer service and technical support?

Cisco offers very good technical support. I have no complaints about that. 

How was the initial setup?

We attended the Cisco training, as we always do. When we buy equipment from Cisco, they also give us learning credits. With those learning credits, it makes it easy to attend training. In terms of the knowledge they share surrounding the equipment, it's very good. We don't have a doubt about what to do.

The initial setup of NGIPS was fine. Firepower took the most time. We took about three months to deploy the solution. 

You only need two people for deployment and maintenance. 

What about the implementation team?

We implemented the solution by ourselves. Last time, we worked with a company that deployed for us, but it turned out not to be necessary. We realized we can deploy by ourselves, and attend the training and support by ourselves. 

What other advice do I have?

The advice I would give to others thinking about implementing the solution is to make sure you have a solid knowledge of the network. 

I would rate this solution eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
System Engineer at a tech services company with 11-50 employees
Real User
A solution with a lot of complexity but with excellent customer service
Pros and Cons
  • "Technical support is quite good. With firewalls, the last cases I had with Cisco were professionally handled quite quickly and it was great."
  • "Overall, it lacks user-friendliness. It could be easier to manage. I can train any customer using FortiGate or Palo Alto in a few days, but with Cisco, it takes much more time because the systems aren't easy to use."

What is our primary use case?

We use the solution to secure our client's networks.

What needs improvement?

Overall, it lacks user-friendliness. It could be easier to manage. I can train any customer using FortiGate or Palo Alto in a few days, but with Cisco, it takes much more time because the systems aren't easy to use.

It would be very nice to get rid of FlexConfig. It's a very unhelpful element of the solution.

One feature that is lacking is full interoperability with CLI.

You can configure Palo Alto and FortiGate with a graphical interface, and you can configure it with the command line. This is not so in Cisco. For professionals, this is important because the command line allows us to configure a lot of things and copy configurations and it's much easier.

For how long have I used the solution?

I've been using the solution for 10 to 15 years.

How are customer service and technical support?

Technical support is quite good. With firewalls, the last cases I had with Cisco were professionally handled quite quickly and it was great. I can compare with some other manufacturers. FortiGate is awful, for example. I'm generally pleased with Cisco.

How was the initial setup?

The solution has a moderate amount of difficulty. You need to go over and use the documentation.

Cisco has a device manager now but this device manager is not like all device managers from ASA. It lacks a lot of features, and some of these features are very important. It makes it a challenge to configure because of the graphical interface. You have to install the management center and that itself takes time and it's not so simple.

What other advice do I have?

We use the on-premises deployment model.

Ten years ago, when you sold Cisco to clients, customers complained about the price but they knew they were buying the best product in the market. It is totally different now. If they want to buy the best product in the market, they buy Palo Alto or Check Point. Cisco is trying to catch up to the competition.

When we talk about just the IPS manufacturers, I would rate the solution around six or seven out of ten. If we're talking about Cisco as a whole, I would rate them eight out of ten.  

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
System Engineer at Sho
Real User
A stable firewall solution that I would recommend
Pros and Cons
  • "This is a stable solution."
  • "I would like to see integration with monitoring tools such as Nagios or BMC."

What is our primary use case?

We use this solution as part of our firewall.

What is most valuable?

This is a great firewall.

What needs improvement?

I have had a lot of problems with false positives and it would be helpful if this were improved.

I would like to see integration with monitoring tools such as Nagios or BMC.

An improved dashboard would be great.

For how long have I used the solution?

I have been using this solution for almost two years.

What do I think about the stability of the solution?

This is a stable solution.

How are customer service and technical support?

I have not had contact with technical support.

Which solution did I use previously and why did I switch?

Prior to this solution, I used the Sophos XG 430.

How was the initial setup?

The initial setup for this solution is complex.

The deployment took four months.

What about the implementation team?

We had a reseller assist with our deployment.

What's my experience with pricing, setup cost, and licensing?

Cisco products are always expensive, but if you can afford the price then it's a great solution. When I compare to Sophos, for example, Sophos is cheaper.

What other advice do I have?

This is a great product. My advice for anybody who is considering this solution is that I would recommend it to anyone who can afford the price of the license.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user833742 - PeerSpot reviewer
IT Operations Officer at Kiran International
Real User
A stable system with good technical support
Pros and Cons
  • "We primarily use this solution as an application filter and for IPS."
  • "The inclusion of bandwidth management features would improve this product."

What is our primary use case?

We primarily use this solution as an application filter and for IPS. We have an on-premises deployment.

What is most valuable?

The most valuable feature of this solution is the support.

What needs improvement?

I would like to see the total performance for the users improved.

We have a need for security, so we would like to see more protection against virus attacks and ransomware attacks.

The inclusion of bandwidth management features would improve this product.

I would like to have an API for application development.

For how long have I used the solution?

We have been using this solution for about ten years, with our most recent upgrade three years ago.

What do I think about the stability of the solution?

This solution is one hundred percent stable.

How are customer service and technical support?

We are very satisfied with the technical support for this solution.

How was the initial setup?

The initial setup of this solution is straightforward.

What's my experience with pricing, setup cost, and licensing?

Licensing fees for this solution are $3,500 USD, and there are no additional costs.

What other advice do I have?

This is a good solution that I recommend, but there is room for more features to be included.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
TariqueAshraf - PeerSpot reviewer
Chief Technology Officer at a tech services company
Real User
A modular and easily managed solution, but throughput capacity is expensive and requires upgrading of hardware
Pros and Cons
  • "The most valuable feature of this solution is its modularity, so whenever you need to upgrade or add another service, you don't need to buy another box."
  • "If there was a software-based solution for scaling up then it would be much better."

What is our primary use case?

We are a system integrator, and we resell this solution to our customers.

This solution is for intrusion prevention, and the majority of deployments are on-premises.

What is most valuable?

The most valuable feature of this solution is its modularity, so whenever you need to upgrade or add another service, you don't need to buy another box. You can activate these services on the same box, which saves a lot in terms of cost because you don't need additional hardware. Moreover, it makes manageability easier because you don't have to use several different devices.

Cisco operates on an open operating system platform so it gives you the flexibility to add other things. Cisco itself is using different manufacturers, or OEM vendors to integrate with their product. For example, Radware is providing a DDoS solution for the NGIPS box.

What needs improvement?

We would like to see support for DDoS protection.

The cost of adding additional throughput is very high and is an area of concern. Competing products such as FortiGate and TippingPoint have a much larger throughput at a smaller cost.

The devices have certain limitations and to go beyond them, I need to change the hardware. For example, if I exceed the throughput on the 2000 series then I have to switch to the 4000 series. This one then has a limitation of perhaps fifty gigabytes, and if I exceed that, then I need to move to the 9000 series. By comparison, TippingPoint and FortiGate have no limit. If there was a software-based solution for scaling up then it would be much better.

For how long have I used the solution?

I have been using this solution for between two and three years.

What do I think about the stability of the solution?

This is a very stable solution. We have not heard any complaints from customers, and we have not experienced any trouble ourselves.

What do I think about the scalability of the solution?

When it comes to scalability, there is a limitation that is set by the hardware. If you're looking for higher throughput then you have to change boxes. The 2000 series is pretty small when it comes to bandwidth, so scalability is a concern.

How are customer service and technical support?

Technical support from Cisco is perfectly fine, and they are doing a great job.

Which solution did I use previously and why did I switch?

Prior to this solution, we used TippingPoint. Although it is a very good solution, there was a problem with the product having too many acquisitions. Every time there was a new acquisition, support was a concern. For example, at one point it was taken over by HP, and then, again, HP disowned it. Support was hampered by this, and if you're not getting support on a critical security appliance then you need to look for other options. This is what led us to adopt Cisco.

How was the initial setup?

The initial setup of this solution is not complex. They have a graphical user interface for managing all of these things, which helps make it easy to deploy.

What's my experience with pricing, setup cost, and licensing?

The price for additional throughput is the highest in the industry.

What other advice do I have?

This is a solution that I recommend for IPS.

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Manager, Network Infrastructure at a financial services firm with 5,001-10,000 employees
Real User
The features align to our strategic needs but the maturity cycle takes too long
Pros and Cons
  • "It has aligned the features in accordance to our strategic needs"
  • "The aspect of private party integration solutions could be improved."

What is our primary use case?

I use it for perimeter security for malware prevention.

What is most valuable?

From a cybersecurity past perspective, it has aligned the features in accordance with our strategic needs. 

What needs improvement?

The aspect of private party integration solutions could be improved. I would like to see a sandboxing feature. And the options that people buy in modules, they need to packaged better as a baseline.

For how long have I used the solution?

I've been using the solutions for the last 10 years.

What do I think about the stability of the solution?

Initially, the solution was not stable. 

What do I think about the scalability of the solution?

The system is a bit rigid. We have more than 1,000 people using the solution.

How are customer service and technical support?

Technical support is good but it can be much better.

Which solution did I use previously and why did I switch?

We didn't previously use a different solution.

How was the initial setup?

The initial setup was a bit complex. One had to read so many areas to understand the navigation feature. It took about three years to reach maturity. For deployment, we required about eight people, but for maintenance, we only require four to six.

What about the implementation team?

I had an integrator help implement; they were very professional.

What's my experience with pricing, setup cost, and licensing?

The solution has a high cost. In my opinion, the cost of renewal is a bit too high.

Which other solutions did I evaluate?

We looked at several: Imperva, Check Point, Juniper, Sophos, and SourceNET.

What other advice do I have?

We're using it continuously. We plan to increase usage.

During setup, I would advise that you must spend more time on planning. If you do, the transition is easier.

I would rate this solution 6 out of 10. The time it takes for the product to mature, the maturity journey, the product maturity cycle, takes too long.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Engineer at a tech services company with 11-50 employees
Real User
A scalable solution with good support and a straightforward setup
Pros and Cons
  • "The initial setup wasn't complex or complicated."
  • "More flexibility with the dashboards is needed because some of them are not fully developed."

What is our primary use case?

We use this solution for integration, installing, and supporting.

How has it helped my organization?

Cisco NGIPS dropped network Troyans and web application attac almost every day. That helps up to feel more secure.

What is most valuable?

I find the IPS feature the most valuable.

What needs improvement?

The main problem with Firepower is the time between deployment and configuration. Now, it's approximately six minutes, so If I configure something during deployment, I understand that maybe if I write up a small mistake, I need to wait twelve minutes before I can fix the configuration. So I think the main problem is the time of deployment.

The solution could add DLT, but it's already full enough of features.

The interface could be simpler and more user-friendly. More flexibility with the dashboards is needed because some of them are not fully developed. We could use more flexible base boards.

For how long have I used the solution?

I've been using this solution for one year.

What do I think about the stability of the solution?

For the years we've been using Firepower we have only one or two cases of instability. There were only one or two unpredictable things.

One case was fasten with Active/standby switchover. After switchover some networks has been lost. After rebooting the standby FP next switchover was without problem.

Another case was associated with setting up of NAT. It was a FirePower nuance. Only the second TAC engineer helped us with it.

What do I think about the scalability of the solution?

I find the solution really scalable.

How are customer service and technical support?

I'd give technical support a five out of five. When things need to get solved, they get solved.

Which solution did I use previously and why did I switch?

We used to have ASA 5520. But in time we needed more security features to secure our services and users.

How was the initial setup?

The initial setup wasn't complex or complicated. Everything was clear. The initial configuration took a day, but the company that we support has a very complicated topology. During the deployment, they had a different idea about how the configuration should be. Because the customer didn't know what they wanted, the files and the deployment took approximately three or four months. 

For deployment, it depends on the company. It depends on the company's complicated topology. If it's too complicated, then maybe you need two engineers to support Firepower. For employees, you need only one, with a second as a standby in case something goes wrong with the primary engineer, so I'd say you need two engineers to maintain the solution.

What about the implementation team?

I handled the implementation myself.

Which other solutions did I evaluate?

The company is Cisco oriented and Cisco is a leader in security Gartner Quadrant for Enterprise Network Firewalls.

What other advice do I have?

My advice for anybody implementing this solution is to follow the instructions carefully.

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
AymenBoumaiza - PeerSpot reviewer
Senior Consultant at Wevioo
Consultant
Offers valuable web filtering and JPS features and their technical support responds quickly
Pros and Cons
  • "The solution is stable. This is one of the good things in Firepower. Especially if we use ESE with it."
  • "There are some features not found in Firepower, like data loss prevention, and SSO, to have a connection between Cisco and Active Directory which was introduced on other products."

What is most valuable?

I've found the web filter and JPS the most valuable features.

What needs improvement?

There are some features not found in Firepower, like data loss prevention, and SSO, to have a connection between Cisco and Active Directory, which was introduced on other products.

In the future, I'd like the same solution in other UTM solutions. I know it has an application filter, but it's not really improving. Also, DLP needs to prevent data loss. Those two features are really important now for firewalls and for the security. The data loss prevention really is the most asked for feature from the customer. Often they ask about how we can prevent loss of emails, of data, files. It's really important.

For how long have I used the solution?

I've been using the solution since 2014.

What do I think about the stability of the solution?

The solution is stable. This is one of the good things about Firepower. Especially if we use ESE with it. That would make it the complete solution for Cisco for security. If it is the complete solution, it's stable and there are no issues with the product. If the user isn't connected all the time, for example, if we look at some sites or some users, sometimes the connection for the user gets disconnected with each session. Sometimes the filter doesn't work. 

What do I think about the scalability of the solution?

The solution is good to scale.

How are customer service and technical support?

The technical support is really good. Not only for this solution. The support of Cisco is always good. From the first call, the response is quick and there is no problem with the support.

How was the initial setup?

The initial setup is not complex. There is a wizard so it's not complex. There is a difference in the complexity of the deployment. Depending on customers and infrastructure, sometimes it takes one day or two days if we're talking about a little infrastructure. Sometimes it can take eight days or more to couple the firewall with ASA, and to do some more complex architecture. If we have a complex architecture, we need 2 people to implement, but if we have an implementation that is not so complex, one person can do it.

What about the implementation team?

I do the implementation myself.

What was our ROI?

Most of the time the ROI good. The customer, most of the time, is happy and is convinced of the usefulness of the solution.

What other advice do I have?

If someone wants to use Cisco Firepower, the solution is easy. The complete solution is the best for having the full security of a Cisco infrastructure. If I could advise someone with the deployment, I would advise taking the complete solution, in order to have a really scalable and stable solution. Or, if you can't take the complete solution, I'd advise taking a cluster of Firepower to have the scalability and stability.

I would rate this solution a 7 or 8 out of 10. If they could add a few of the mentioned features or do something more with the application filter it would be a 9 or a 10 out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Network Infrastructure Program Manager at a non-profit with 1,001-5,000 employees
Real User
Offers valuable SSL decryption, URL filtering, and ITSM inspection features
Pros and Cons
  • "Cisco is number one in the technical support. It's good technical support and this is actually a problem when we do the recruitment for some other products. Other products you are on hold forever and the support might be not the best compared to Cisco."
  • "The file trajectory, the trace in contamination files, could be improved."

What is most valuable?

In the previous version, some features were not enabled. For example, you could not access the VPN. So that was one of the downsides of the product. In this latest version, after enabling these features in the previous version and using them, it's been good. Inspection, application, and inspection in the cloud, the detail in the cloud for an indication of compromise and the malicious activity re-hashing are all valuable features. It's more of the cloud and the malicious activities aspects that define this application.

What needs improvement?

The file trajectory could be improved.

We still have a web proxy but I think at some point we should not have two products. We should have only one product. Most of the features of the web proxy already exist in the UTM appliances. We have a debate as to whether it's the Cisco Firepower and UTM Appliance of next-generation firewall. But I consider both of them the same. So I would say if we have the caching and the other features which are unique features to the Web Proxy, I think Cisco will be number one if they are able to include such features in the future.

For how long have I used the solution?

I have been using the solution for three years.

What do I think about the stability of the solution?

It's a really good product but I have had a really good experience with Palo Alto UTM Appliances. Which I would give a higher mark than the Firepower. It's just a little bit more expensive than the Cisco Firepower.

What do I think about the scalability of the solution?

Scalability I would say, it has some limitations in the large deployment. I think Cisco is working to improve it.

How are customer service and technical support?

The technical support is the most valuable part of the solution. Cisco is number one in technical support. It's good technical support and this is actually a problem when we do the recruitment for some other products. Other products you are on hold forever and the support is not as good compared to Cisco. 

Which solution did I use previously and why did I switch?

I started with Juniper and the Palo Alto UTM Appliances, and many other vendors. But we do have a policy to use multiple vendors.

How was the initial setup?

Three years ago the setup was very complex. We had two different cables or software. It's like two appliances and one appliance. We had to set up ASA first and then set up Firepower and do the redirect from the old HTTP traffic, from the ASA for a detailed inspection by Firepower. Initially, it was complex. That was a few years back, but now with the newer version, it's just a piece of cake. Deployment took about 40 minutes. I also handle the maintenance myself.

What about the implementation team?

I do the implementation myself but in certain situations, because we have a risk assessment, it's a sort of risk transfer, so we have a contract with a certain integrator. We do have a contract, but I personally do the setup.

What was our ROI?

We have definitely experienced ROI. Because we have had many incidents where Cisco Firepower has caught malicious activities and triggered an alarm, a true positive alarm. Which is really good in our case.

What other advice do I have?

The solution is extensively used. We have a policy, from a permission security perspective, that you need to have diversity in the vendors and diversity in the products. We have some areas which are using these products and other areas which is using different products.

It's a really good product, but you need to give it some time to form a sort of baseline, before enabling all the features. You need to study the product well because the product will decrease to around 35-40% of the actual product when you start to enable features. Like the application and inspection, the SSL decryption, the URL filtering, and the ITSM inspection. If you enable more features, you will decrease a little bit of the property. Whoever selects the device initially needs to plan which features they are going to use and they might have to shift the sizing of the product. They might need a high-end appliance or a smaller low-end appliance based on the features they are going to use.

I would give the solution 9 out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Cyber Engineer at a aerospace/defense firm with 10,001+ employees
Real User
This solution has helped improve productivity and detect attacks before they happen
Pros and Cons
  • "This solution has helped improve productivity and detect attacks before they happen."
  • "I would like to see better integration with SIEMs."

What is our primary use case?

It detects attacks from malicious intrusions and malicious activity before they happen.

How has it helped my organization?

This solution has helped improve productivity and detect attacks before they happen.

What is most valuable?

Signature rules from the Snort community around the world.

What needs improvement?

  • I would like to see better integration with SIEMs. 
  • Better rule building using other tools, like LuaH and Python.
  • Better performance.
  • Better intelligence gathering in domains, the main URLs, and endpoint solutions.

What do I think about the stability of the solution?

It's very reliable. We really like the product and will be staying with the product a while.

What do I think about the scalability of the solution?

At this point in time, it's making it a little bit difficult to scale due to the company, as the vendor is making some changes. We are waiting to see if the product is scalable or not. 

How are customer service and technical support?

Rating the technical support from one to five (where five is high), I would rate them as a two. I find them to be very bad.

Which solution did I use previously and why did I switch?

This was originally a Snort product, which was open source. So, there is a community for it worldwide.

We used ISS from IBM in the past, but it was causing many issues and was dropping packets. It was not an ideal solution, so we moved to Sourcefire FirePower NGIPS.

How was the initial setup?

The initial setup is easy because I am very familiar with the product.

What's my experience with pricing, setup cost, and licensing?

We buy the licensing on a yearly basis, when we renew our contract. It is around $14,000.

Which other solutions did I evaluate?

McAfee and Palo Alto were on our shortlist.

What other advice do I have?

The product is a ten because it is the only product in the market like this.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security at a government with 1,001-5,000 employees
Real User
Does a great job of detecting and stopping threats
Pros and Cons
  • "It has good intelligence. It does a great job at stopping threats."
  • "In the next release I would like to see better reporting. I also find it's hard to act on the data it gives you."

What is our primary use case?

We use it for threat prevention.

How has it helped my organization?

It has increased our security posture and has contributed substantially to our security maturity by stopping threats.

What is most valuable?

  • It has good intelligence.
  • It does a great job at stopping threats.

What needs improvement?

In the next release I would like to see better reporting. I also find it's hard to act on the data it gives you.

What do I think about the stability of the solution?

The stability is excellent.

What do I think about the scalability of the solution?

The scalability is excellent.

How are customer service and technical support?

Technical support has been excellent.

How was the initial setup?

The initial setup is complex. That's just the nature of that product. It's a really advanced product so it takes a lot of technical knowledge to implement it.

What about the implementation team?

We used a reseller. 

What was our ROI?

We have definitely seen ROI, but I can't quantify it.

What other advice do I have?

Get a good demo to test it out or do a proof of concept to see if it it's what you're looking for.

I rate it an eight out of ten. Eight because it's good at detecting and stopping threats. Those other two points that would make it a ten are better usability and reporting.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco NGIPS Report and get advice and tips from experienced pros sharing their opinions.
Updated: September 2022
Buyer's Guide
Download our free Cisco NGIPS Report and get advice and tips from experienced pros sharing their opinions.