Cisco Secure IPS (NGIPS) Reviews

The NGIPS handles all of the IPS functionality for our security.

The most valuable feature for our cloud-based deployment is the autoscaling.

For our on-premises deployment, clustering is the most valuable.

I think their fingerprints are good in terms of how they whitelist and blacklist. This is because of Talos, which is really awesome. We use that a lot.

The anomaly detection capabilities are awesome.

The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery. You need that to really handle finding anomalies properly. In the past, I've noticed that some applications are not identified correctly, based on the OS and the fingerprints that they're pulling from the host.

In the future, we would like to see more involvement with the on-premises hybrid cloud. We want to see Cisco do more in the cloud space, and basically improving the connection between on-premises and the cloud. This including things such as automation.

I have been using Cisco NGIPS for almost seven years.

The code is well-stabled right now and we've never had issues upgrading from one version to another. We've had it since version 2.0 and for every time we upgrade, it gets better. We're currently on version 6.6 and we're expecting that when 6.7 comes out, it will get better.

This is a very scalable product. You can add multiple devices to the same policy and then push that out.

In the cloud space, scaling is done automatically based on the amount of traffic and the amount of bandwidth that's generated. It scales up and down, back and forth, as needed. For example, if there is not much traffic then it drops, whereas if there is a lot of traffic then it creates another FTD, and then it just shares the load with load balancing.

Everything is scaled properly both in the cloud and on-premises.

Cisco's technical support is really good. I would say that they are number one. They follow up on their calls and tags, as well.

I also have experience with Check Point and I find that the pricing is better with Cisco.

The initial setup is straightforward. With the Firepower Threat Defense (FTD), everything is in one box. You can do everything from firewalls to IPS and more. It also includes the next-generation firewall.

It is an easy upgrade process that is easy to understand. I would say that from version 3.0, it has improved.

The cost of the license depends on the level of support that you have with Cisco. 

My advice for anybody who is implementing Cisco NGIPS is to read and understand all of the documentation before you start. Whatever it is that you might need help with, reach out to Cisco support and let them help you. The documentation is available and it is very understandable so you may not need their help. I would say that if you take your time to read it then you shouldn't have any problems in deploying.

I would rate this solution a nine out of ten.

Basic IPS functionality for intrusion prevention. We have two kinds of deployment. The one that is Inline and the one that is not Inline, where it's just listening. We have like a tap to which its monitoring traffic. For the one that is kind of offline deployment but for the Inline deployment, all traffic goes through it, like for North-South traffic, towards internet to provide some real-time intrusion prevention.

Ir's signature-based. We are also using the anomaly baseline formation, where it links the network, then anything that goes away from the norm is also flagged. Those are the two most valuable features. 

It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own. It learns patterns, learns what good traffic looks like then is able to stop bad traffic, not just based on behavior but based on every other thing. I think other next-generation IPS solutions are turning towards integration of ML and AI. I need machine learning and the ability to share intelligence. 

I have been using Cisco NGIPS for seven years.

It is pretty stable and has good throughput.

It's scalable. You can add more to it as traffic requires, one cluster can do HA, so it's pretty scalable. In fact, you can cluster up to six chassis on the 4100.

If it's host-based IPS, we can count a number of users and say we have 45,0000 users but for network-based IPS, where it's just picking traffic from different connections when you're trying to go to the internet or when you're trying to come back to the internet it can support up to 10 million concurrent sessions. We have around 200,000 users but it can support 10 million concurrent sessions.

For maintenance, once you configure it, depending on what you call maintenance if it's software upgrade it doesn't take a lot to upgrade it. If it's active/standby you can upgrade the active. The standby becomes the active. Then when the active comes back on, you can upgrade the standby. So usually, at least you have an active/standby scenario, but if you have a cluster, you can take each out of production in codes. We start while others are in production. 

If you're talking about maintenance in terms of log collections and shipping of the logs, it's also easy to deploy from that perspective.

Cisco has very good support. We get good support from Cisco. 

We've been using Cisco for a while. Going from the IPS module on ASA or the IPS appliance, we've transitioned from different Cisco IPS solutions to this Cisco Next Generation IPS. 

It's been Cisco all along, it's just that this one has more visibility and it's next-generation style compared to the older IPS. 

The initial setup was straightforward and easy to deploy. It was very quick.

We also looked at Sourcefire.

They bought this particular one from Sourcefire and Sourcefire was the world leader in next-generation IPS before Cisco bought it and I know it wasn't just in terms of visibility and how much it can do but in terms of cost too because it was an open-source project that was going on before Cisco bought it. Cisco bought the enterprise version so I feel it's not expensive, but I've not really checked the licensing cost.

Sourcefire wasn't originally Cisco and it was already a world leader and if I'm not mistaken or quoting wrongly, I think it's from the Snort project. I know the open-source community is still contributing to what Cisco is presenting with FirePower or FireSIGHT IPS. It's an open-source project. You can trust it because of the originality score and with what we've used so far too, I see the difference in the old version and this new one. You get better security compared to these other next-generation IPS out there.

In the next release, I would like to see AI machine learning capabilities built into it.

I would rate it a nine out of ten.

In my company, the solution is used as a platform for cybersecurity. The product offers protection from malware. In general, the solution offers protection to our company's internal network.

The product's benefits experienced by the company stem from the fact that the solution provides keep abilities that help users see what is happening in their network. The solution also provides alerts.

My company does not use the URL filtering capabilities offered by Cisco NGIPS. My company prefers to use the URL filtering feature offered by a brand other than Cisco since other tools provide an easier way to use the functionality.

I wanted to look into the other products offered in the market because Cisco NGIPS is expensive. The product's high price is an area of concern where improvements are required.

I have been using Cisco NGIPS for eight years. My company has a partnership with Cisco. I am also a user of the product. My company operates as a reseller of Cisco products.

I don't remember seeing any crashes when using the solution. The product has been very stable in our company.

The scalability offered by the product is fine. My company has not faced any problems with the scalability feature. The solution is deployed in three of our company's data centers.

The first call that I had with the product's technical team was not good since it took time to provide an explanation to get the right engineer to help us with our problems. Once the user gets connected with the right engineer, the support offered is very good.

I rate the technical support a seven out of ten.

Neutral

I have experience with Fortinet. I don't remember the name of one of the solutions that I had used in the past.

The product's initial setup phase was easy.

I rate the product's initial setup phase a nine on a scale of one to ten, where one means a difficult process, and ten means that it is an easy process.

The solution is deployed on an on-premises model.

The solution can be deployed in a couple of weeks. We take care of the testing phase in our company before installing the solution only when the signatures are updated in our environment, which takes around a time frame of less than two weeks.

Around three or four engineers take care of the product's installation phase.

My company purchases professional services from Cisco's partner to take care of the installation phase.

Cisco NGIPS is an expensive product.

I have compared Fortinet FortiGate IPS against Cisco NGIPS.

With Cisco NGIPS, the rate of false positives is very low.

I would tell those who plan to use Cisco NGIPS that it is a good solution, but if they have budget constraints, they should explore the other brands in the market.

I rate the tool an eight out of ten.

We use the solution as an intrusion prevention system to detect malicious attacks on the network.

The solution updates at regular intervals. It has the most recent definition of the attacks, including zero-day attacks.

They could provide one solution to fit all the use cases. Presently, we have purchased different solutions for total security. It has become expensive for us.

The solution is very stable. I rate its stability a nine out of ten.

The solution is scalable. It integrates with different XDR solutions. Thus, we can manage all the devices on a single pane. It is suitable for SMEs and large enterprises as well.

I rate its scalability an eight out of ten.

The solution's technical support is quite good. Although, it needs to be cohesive in terms of communication.

Positive

The solution's initial setup process is complicated. But we can manage it with the right team for installation and technical support from Cisco.

The solution is good value for money. It is highly-priced but competitive in terms of features and support services.

It is an efficient cyber security solution. I highly recommend it to others and rate it a nine out of ten.

The thing about this solution that I like the most is that it's intuitive. The other features I like are the good support chain and ease of use.

My opinion is that this solution should improve the pricing.

I have been using this solution for about two years.

I would rate the technical support of this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

Positive

I would rate the pricing of this solution a seven, on a scale from one to 10, with one being the worst and 10 being the best.

We use this solution as an intrusion prevention system, as well as UI filtering, application control, and anti-malware protection.

The traffic filter feature of this solution has improved our organization. It not only provides ransomware protection, but saves us time in dealing with unnecessary traffic.

The traffic filter of this solution is very valuable to us, and to our clients.

We would like to see some improvement in the configuration process for this solution, as it is currently quite complex.

We have been working with this solution for around a year.

We have found this to be a stable solution in our experience.

This is a scalable product.

The initial setup of this solution is straightforward if it is only the standard package being installed. However, configuring this product is complex and requires a lot of time commitment.

Deployment of the solution usually only takes a few hours, but if it is being implemented in a more complicated environment it can take up to three days.

We would recommend this solution to other organizations as it is very easy to use.

I would rate this solution a seven out of ten.

We are using the WAF models to monitor the IDS and IPS also, and it is integrated with Cisco Umbrella.

Cisco NGIPS is working well overall with our current needs.

The stability of the user console and some features could be easier to access.

I have been using Cisco NGIPS for the past one and half years.

The stability can be better. The Cisco console is unstable.

The scalability is fine. I believe it covers the expectations that we have.

Technical support is very good, but you must have the expertise and technical people with Cisco NGIPS.

Positive

It is very straightforward, clear, and easy.

I usually work with Fortinet and FortiGate which is a lower cost in comparison with Cisco NGIPS.

I would rate Cisco NGIPS a nine out of ten.

The most valuable features of Cisco NGIPS are the VPN, IPS, access policy management, EIM, and the ASA model as part of Firepower.

I have been using Cisco NGIPS for approximately three years.

Cisco NGIPS is highly stable.

Cisco NGIPS is scalable. The scalability is easy to do because if the Firepower threat defense works in the cluster mode, someone can scale up the system using two and three Firepower threat defenses at the same time in one system.

We use this solution in different companies and provide them with support. We have some clients that have 3,000 users whereas others have 700.

In our company process some team, we have three or four people and the solution can be easily maintained because it is managed in one place in the Firepower management center. In one company we have approximately 24 Firepower models and these devices are controlled by one system, the Firepower management system (FMC). It's very easy to control and maintain the solution.

The price of the solution is expensive to a degree it cannot be used by small businesses. It is best suited for medium and enterprise businesses.

I would recommend this solution to others for medium, large, and enterprise businesses only.

I rate Cisco NGIPS a ten out of ten.