Cisco IOS Security and Check Point IPS compete in the network security category, where Check Point IPS seems to have an upper hand due to its extensive attack vector database and automatic update features.
Features: Cisco IOS Security focuses on network scalability, intrusion detection, and mobile device integration. It excels in VPN setup management with advanced IP services and provides extensive network security options. Check Point IPS is known for its comprehensive protection profiles that cater to different threat levels, a vast attack vector database, and ease of configuration with automatic updates.
Room for Improvement: Cisco IOS Security can benefit from improved user interfaces, simpler configurations, and easier license management. It would also be advantageous for Cisco IOS to lower its pricing and enhance built-in security features. Check Point IPS can improve by reducing performance impacts when the IPS module is active, addressing false positive issues, and providing better support and documentation, especially given the high cost associated with the solution.
Ease of Deployment and Customer Service: Cisco IOS Security offers strong support infrastructure and can be used in various environments, including hybrid and public clouds, though it suffers from long response times and variable service quality. Check Point IPS supports deployment across on-premises and cloud models with some noted support challenges. Users have praised Check Point IPS for its straightforward deployment, especially when bundled with other services, though the support response is often criticized for being slow and isolated in expertise.
Pricing and ROI: Cisco IOS Security is seen as costly, particularly for smaller organizations, but many users find value in its robust features and security capabilities, yielding a favorable return on investment. Check Point IPS also demands a high price, though bundling options may offer financial benefits. Licensing flexibility allows users to choose between annual or longer-term agreements, and despite the high costs, both products are valued for their capabilities in enhancing network security and operational efficiency.
We have seen a return on investment with Check Point IPS because we have not seen any security events, malicious activities, or any device compromised, so we are secure now, and money has been saved.
I have seen a return on investment more in the risk saved since it catches a lot of stuff security-wise that is good to catch.
I have seen a return on investment since using Check Point IPS, as evidenced by fewer incidents.
The return on investment is satisfactory with Cisco products as they have long lifespans, and our customers are satisfied with them.
Our technical teams have personal relationships with our account executives and direct support people.
Customer support for Check Point IPS is satisfactory.
The customer support for Check Point IPS is very good.
My impression is that the support quality has deteriorated over time.
We have moved to a hyper-scale master environment, allowing us to scale by adding additional gateways to the clusters.
The scalability of Check Point IPS is on point.
The scalability of Check Point IPS is great because when I deploy gateways in the cloud, I create a cluster, which offers a very scalable option.
Check Point IPS provides a very stable and reliable environment.
Check Point IPS is very stable.
We find Cisco products stable and thoroughly tested before new software or firmware versions are released.
I find Cisco IOS Security to be a very stable product.
Automated attack path correlation in SmartEvent to improve situational awareness.
At least 60% of all the alarms generated by the IPS are false positives or something that's not important to look at, and this generates a significant workload for my team.
Visual analytics and automated attack path correlation in SmartEvent to enhance situational awareness and attack identification.
Cisco changes their licensing policy quite frequently, which is becoming confusing and complicated.
Comparisons with Fortinet show that Check Point IPS is relatively more expensive, but we found it cheaper to retain it rather than switch.
My experience with pricing, setup cost, and licensing for Check Point IPS is good; it's baked into the firewall licensing, so that's very good.
My experience with pricing, setup cost, and licensing for Check Point IPS has been satisfactory.
The cost of Cisco IOS Security for customers is on the higher end of pricing compared to the competition, depending on the targeted customers.
The integration with Check Point ThreatCloud ensures the IPS engine is updated with the latest attack signatures.
The solution employs behavioral heuristic analysis to block zero-day attacks using AI-powered engines.
Whenever any zero-day attack is detected, it downloads that signature into the firewall and prevents that threat.
This solution, called Network Access Controller, handles authentication, authorization, and accounting for devices accessing the network.
The best features of Cisco IOS Security are its integration with software management tools such as Cisco DNA Center and Cisco ICE, which provide centralized policy and network access control.
| Product | Market Share (%) |
|---|---|
| Check Point IPS | 3.8% |
| Cisco IOS Security | 1.6% |
| Other | 94.6% |
| Company Size | Count |
|---|---|
| Small Business | 39 |
| Midsize Enterprise | 21 |
| Large Enterprise | 23 |
| Company Size | Count |
|---|---|
| Small Business | 19 |
| Midsize Enterprise | 14 |
| Large Enterprise | 18 |
Check Point IPS is an intrusion prevention system that aims to detect and prevent attempts to exploit weaknesses in vulnerable systems or applications. The solution provides complete, integrated, next-generation firewall intrusion prevention capabilities at multi-gigabit speeds with a low false positive rate and high security. It helps organizations secure their enterprise network, and protect servers and critical data against known and unknown automated malware, blended threats, and other threats.
Check Point IPS Features
Check Point IPS has many valuable key features. Some of the most useful ones include:
Check Point IPS Benefits
There are many benefits to implementing Check Point IPS. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Check Point IPS is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it has granularity capabilities for rule creation, quick updates of signatures, and a helpful mechanism that allows users to turn IPS signatures to a different mode automatically.
A System and Network Administrator at Auriga mentions, “The Check Point IPS module allows me granularity in creating rules. I can specify which definition to apply and to which scope or network.” The reviewer also adds, “I can create multiple profiles, which is helpful.”
“The quick updates of the signatures when a new threat is identified are great. For instance, when Microsoft releases patches, we usually see new signatures for those issues that have to be patched in a day. This gives us time to test/deploy the patches while already being protected from the threats. Also, it's very good with reporting. I can generate reports for management automatically based on the threats of the last day/week/whatever is needed,” says a Systems en networks engineer at CB.
Another PeerSpot user, a Network Engineer at VSP Vision Care, writes, “The mechanism where you can let the system automatically turn the IPS signature to a different mode (prevent / monitor / inactive) is a nice feature that allows us to easily adjust the balance between security protection and the risk of business impact.”
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
