Cisco Secure IPS (NGIPS) Reviews

My company is a system integrator and we deploy Cisco NGIPS in various contexts, typically in the banking environment and in other high-level security scenarios, depending on our customer requirements. 

We normally work with the most current models of Cisco products such as the Catalyst 9000 Series switches and 1000 Series routers.

The top features of Cisco NGIPS, which have been working very well, include stateful inspection and the access list-based security configuration. But from my perspective, the best part of Cisco NGIPS is the licensing process, which is very easy and straightforward. It's essentially copy-paste licensing.

The other aspect that I like is the technical support, who are highly capable. They were very good to us during the times that we used them and they tend to reply immediately to queries, even though you might not get the right engineer to help you right away. Tickets are usually assigned to junior staff at first but they do have escalation procedures, so if the support member can't solve the issue then they will immediately escalate it to higher management.

The feedback from some of our customers is that they weren't interested in Cisco because it was too complicated to deploy, especially in cloud-related areas.

Something else that our customers have commented on is that, in the current release of Cisco NGIPS that we are using, there have been some issues when they have tried to synchronize Cisco's hardware products with Cisco's management software.

If I recall correctly, the problems came from Cisco's Firepower Management software after we had proposed to our customers to use virtual machines as a cost-saving measure. After setting up the VMs, the software would start crashing, and it greatly disturbed the customers. It is possible that this was related to power issues because most of the time it would crash on power-on or power-off, but at other times it would crash due to incoming firewall traffic. I hope that in future releases, these problems will be solved.

In general, the ASA level features are working very well in Cisco products, but when it comes to the Next-Generation product, it has been somewhat unstable. To remedy this situation, Cisco needs to make the software more stable, easier to manage, and easier to update (possibly with an auto-updating mechanism). The small intricacies of the software product make the system more complicated than it needs to be for our engineers and our customers. 

I have used Cisco NGIPS for four years.

Cisco's stability issues have caused several of our customers to complain directly to the vendor, and if these issues persist into the future I will not be able to continue recommending Cisco NGIPS to our customers. In terms of cost, security, compatibility, and flexibility, there are a lot of products doing better than Cisco, so why would customers keep buying Cisco if they can get better products with more stability? Cisco has to think of their global market first and foremost and fix their issues based on their findings. In our country, Cisco has a good name because they got here first, but a lot of customers have shifted, in terms of security, to other products such as Fortinet and Palo Alto, which have their own Next-Generation firewalls.

Cisco NGIPS is not that easy to scale, in my opinion. However, it can be upgraded, depending on the design. When you propose a design to customers, you have to check their expansion capability in terms of various factors such as how much time and how much employees would have to be involved.

When it comes to the VM products, some of them might not be scalable unless you upgrade your product to the latest version, in which case you have to upgrade the versions one by one. For example, your current version might 5.1 and you are aiming to upgrade to version 10.1. In this case, you would have to upgrade each intermediate version until you reach 10.1.

Cisco's tech support is very good and it was a pleasant experience whenever we used them. They tend to reply immediately, although when it comes to the technical capability of the support you might not get an appropriately skilled engineer to help you right away. However, they do have escalation procedures such that the junior staff will escalate any unsolved issues to higher management.

The ease of installation depends on the engineer. If they aren't trained in Cisco NGIPS or they aren't skilled enough, it's not easy to implement. You have to implement with a highly skilled engineer because it's not simple to deploy Cisco products.

We had one project where we implemented Cisco NGIPS along with a few other products and it took perhaps a week to fully deploy. 

The annual licensing tends to be expensive, but in terms of implementing the licenses, it's a very uncomplicated process and as easy as copy-paste in its straightforwardness.

Regarding the affordability of the licensing, if you buy licenses on a yearly or quarterly basis, you might not find much return on investment, but at the same time you will have a better product with regular upgrades and less network interruptions, so this has to be weighed against the costs.

I have decided not to update our use of Cisco NGIPS unless they can solve their issues related to software stability, and thus I cannot fully recommend Cisco NGIPS to other customers at this time.

I would rate Cisco NGIPS a seven out of ten.

We have NGIPS deployed at the edge and use it to filter the point of presence to the Internet or other offices.

NGIPS lets you map web requests to a specific user to determine who is downloading files and what they are accessing. You can use it to identify users downloading malware or track time wasters using Facebook or something like that. It gives you visibility into what your users are doing on the Internet. 

The price is a little high. It's hard to find solutions that are easy on the budget and strike a balance between affordability and features.

I have used NGIPS since 2015.

NGIPS is quite stable. 

NGIPS is scalable. It has well-defined stacks for how much traffic it can handle. You can fully inspect traffic or use SSL decryption.

I rate Cisco support 10 out of 10. We get everything we need from them. 

Positive

I rate NGIPS nine out of 10 for ease of setup. The process was smooth and straightforward. After deployment, it requires some maintenance like updates and creating or changing the policies. We have more than a hundred policy categories now. 

We had help from professional services.

I rate Cisco NGIPS nine out of 10. We always find stuff that could be done better or that we want more of. For example, we've had some issues creating specific rules, and it's challenging to create exceptions or tweak the rules as your business evolves. It's tricky to order the rules to follow the business policies you want. You have to balance security with getting work done. You need to watch how many rules you make because you can get overwhelmed.

Our primary use case is as a firewall segregating networks and defending the perimeter.

I would consider this to be a medium product in its field across the board.

Some features, for instance, are a way for the management console to be able to manage each specific firewall, for instance. Because if we have more than one firewall configured in the management center, we cannot delegate administration, just one of the equipment. I think the part of IPS and everything else needs to be better equated to the real needs or current needs of the business compared to the other manufacturer, because it is not straightforward, a way to configure it compared to the other competitors.

I have been using Cisco NGIPS for one year.

It is more or less stable. Sometimes I have some issues normally when we need to upgrade it to newer versions. I think it does the job. The hardware does the job, and the current models do the job.

We have around four thousand users and that would be an example of its scalability.

Technical support is good. If you open a case about the support, it is good. Compared to the other manufacturer, it is very good.

The initial setup was complex and the upgrade took a lot of time with a very big image to download and everything else. We had many versions and patches that had to be installed. The deployment took between two and three hours.

In this case, we did it in-house and I was the integrator.

I think we have to have a good knowledge of the product. It is not easy to set up from the beginning. And I am also using the comparison with the other manufacturer. You need to have very good training before managing the product. I would rate Cisco NGIPS a seven on a scale of one to ten.

We predominantly use this solution to place the perimeter on the firewall, which helps us filter out inbound and outbound traffic.

Cisco is tightly engaged with threat defence called Talos, which has more threat intelligence. In addition, they are dedicated to working on updating their IPS signatures.

We have been using this solution for almost five years. It is deployed both on-premises and cloud, and we are using the latest version, Cisco 12.X.

It is a stable solution.

It is a scalable solution. We have over 100 clients.

The technical support is sound and clear.

The initial setup is pretty straightforward, and it's like a plug-and-play. The graphical user interface is understandable, and their documentations are clear. In addition, they have an SOP document that can be used as a guide.

There is an annual licensing cost. It is not a cheap solution, but it's cost-effective. Aside from costs, Cisco NGIPS provides great security. Cisco is providing more discounts to its end customers to survive in the security market.

I rate this solution a ten out of ten. I would recommend this solution. When you compare Cisco NGIPS to other solutions, it is salable and technically sound. Other solutions have very limited services and threat intelligence.

Regarding additional features, they should speed up their technology to the market because, compared with other security vendors, Cisco is a little behind on the Gartner and technical front. In addition, the integration can be more secure.

We use it at the end and the center as the core and apply a lot of policies to the firewall.

Using Cisco Firepower has helped us.

We like the Cisco product, the concept, and the tech intelligence. We are much more comfortable with Cisco products. It's a reputable organization, and we trust the products.

The next Cisco NGIPS release should include more features for production ideas and more intelligence for IDS and IPS features.

We have been using this solution for two years. 

We initially had some difficulty loading pages due to certain rules regarding performance and stability. On some websites, we had to click more than once. These issues were quite easy to fix.

Regarding scalability, the solution is not that good.

They're nice people. We don't have any issues with them. They are quick to respond, but sometimes it takes time to solve the issues.

Positive

We previously used Check Point and Cyberoam. We switched because the license expired.

We initially had some difficulties, but now we have no problems.

A Cisco vendor in Nepal helped us configure the product properly. We didn't have a strategy. The vendors supported us from the very beginning. After working with them, we had no problem using the product.

It took almost a month and a half to install the system.

I would rate our ROI as eight out of 10, with 10 being the highest ROI.

Cisco NGIPS licensing is yearly. 

I would rate the pricing four out of 10, one being very expensive and 10 very cheap. 

I would give Cisco NGIPS an overall rating of eight out of 10, 10 being the best.

We have a department of almost 50 people in our company using Cisco NGIPS. 

We have 10 people to maintain the product.

We want to cover all the systems and networks of our organization. 

I use Cisco NGIPS as a firewall.

The most valuable features of Cisco NGIPS are protection and reporting.

We have a separate management controller for Cisco NGIPS. If they have not done it already they should integrate Cisco NGIPS with the Cloud Portal.

The solution has some bugs that sometimes take time to resolve.

I have been using Cisco NGIPS for approximately two years.

The stability of Cisco NGIPS has been good since we have been using it.

The scalability of Cisco NGIPS is good.

Cisco has better technical support than other competitors, such as Check Point IPS or Palo Alto. Cisco has very good support, they are always ready to help their customer if there are any production issues.

Cisco NGIPS should add a technical person to the chat support. They correctly do not have a specialist. The knowledge base of the chat agent should be better.

I have used Check Point IPS solutions.

The implementation of Cisco NGIPS is straightforward.

You have to do your own implementation of the Cisco NGIPS hardware, but for the configuration, Cisco support can be involved from day one. That's what I have experienced. There was some exception but I have involved the Cisco support team from day one when I started configuring my firewall.

We have seen a return on investment by using Cisco NGIPS.

There is a license required to use Cisco NGIPS and it can be a one or three-year license.

I would advise others to use the support from Cisco, they are helpful.

I rate Cisco NGIPS an eight out of ten.

Cisco NGIPS offers defense mechanism and intrusion prevention for your environment. 

I like the way the tool pushes the packets from the node level. 

Cisco NGIPS' performance could be better. 

I have been working with the product for 24 years. 

Cisco NGIPS is stable. 

The tool is scalable. My company has over 2000  users for the product. 

The tool's deployment is not straightforward. You need a technical and competent person to do it. A four to five-member technical team can handle its deployment and maintenance. 

The tool's ROI is good. 

The tool's licensing costs are yearly. 

I rate Cisco NGIPS a ten out of ten. 

Some of our customers are having DDOS attacks and ransomware attacks.

Earlier in July 2019, I noted that there was an attack. To mitigate future attacks from the ransomware in Columbia Bank and other similar situations, we at Cisco Talent, which is responsible for security intelligence, provided updated security rules. We offered intrusion policies and codes through signatures to help overcome such situations.

It's a good solution.

The solution is not that bad. Next-generation firewalls work from my experience, they work. 

The URL filtering feature and the new locations feature are both valuable additions to the solution.

While the Management GUI and FMC could be improved, the devices themselves function well.

I have been using Cisco NGIPS for more than five years.

I provided support for version 6.4, but in our company, we do have Firepower version 7.0.

Cisco NGIPS is a stable solution.

Cisco has great support.

I would rate Cisco NGIPS an eight out of ten.

I am currently working with Cisco NGIPS at home as an IPS device, so I can see what's hitting the firewall and look at the logs. I'm using it as a learning environment. 

The IPS functionality is useful if you have offices all over the place. It's nice to have centralized management instead of going to a separate ASA or FirePOWER device. 

The biggest problem with most Cisco products is that the interface is lagging behind the competition. The user interface could be updated and improved.

Cisco NGIPS is stable. 

Cisco NGIPS is highly scalable. We use it to cover 15 offices.

It requires some background in IPS and IT security to fully understand it, so it is somewhat complex to deploy.

I rate Cisco NGIPS eight out of 10. 

The primary use case is for intrusion prevention. We install the solution between the firewall and the call switches.

The most valuable features are the intrusion detection ones. We channel the intrusion engine to create a policy of prevention. We only use this solution for intrusion prevention, not as a firewall.

There is room for improvement in the policy documentation. It gets confusing trying to understand what all of the policies mean. We need clear documentation explaining what each policy does.

For the Cisco STD, if we lose the connection with the SMC and STD, we can only assist with the STD via the CLI, so we can only do some troubleshooting. I think this is an area that needs improvement. In terms of the architecture, it needs to be more comfortable to change our own managed STD via the UI even if SMC is not available.

The technical support has room for improvement.

I have been using the solution for six years.

Some of the engineers within Cisco's tech support are knowledgeable and others are not. Sometimes we have to go back and forth for a week to get an answer.

Neutral

The initial setup is not complex; we only need to define the IP address and add the SMC IP. Both STD and SMC have the capability of SDM. Also if we don't have SMC, we mainly require the anti-SDM in UI. However, after we enroll the Cisco file from the SMC, we can no longer manage the STD from there. Therefore, it is very difficult to roll back if there is a connection loss between the STD and SMC, as SMC cannot manage the STD via the UI. In comparison, if there is a connection loss between Palo Alto Panorama, we can simply lock it with Palo Alto following the file and do some configuration. 

I give the solution a seven out of ten.