Cisco IOS Security and Check Point IPS compete in the network security category, where Check Point IPS seems to have an upper hand due to its extensive attack vector database and automatic update features.
Features: Cisco IOS Security focuses on network scalability, intrusion detection, and mobile device integration. It excels in VPN setup management with advanced IP services and provides extensive network security options. Check Point IPS is known for its comprehensive protection profiles that cater to different threat levels, a vast attack vector database, and ease of configuration with automatic updates.
Room for Improvement: Cisco IOS Security can benefit from improved user interfaces, simpler configurations, and easier license management. It would also be advantageous for Cisco IOS to lower its pricing and enhance built-in security features. Check Point IPS can improve by reducing performance impacts when the IPS module is active, addressing false positive issues, and providing better support and documentation, especially given the high cost associated with the solution.
Ease of Deployment and Customer Service: Cisco IOS Security offers strong support infrastructure and can be used in various environments, including hybrid and public clouds, though it suffers from long response times and variable service quality. Check Point IPS supports deployment across on-premises and cloud models with some noted support challenges. Users have praised Check Point IPS for its straightforward deployment, especially when bundled with other services, though the support response is often criticized for being slow and isolated in expertise.
Pricing and ROI: Cisco IOS Security is seen as costly, particularly for smaller organizations, but many users find value in its robust features and security capabilities, yielding a favorable return on investment. Check Point IPS also demands a high price, though bundling options may offer financial benefits. Licensing flexibility allows users to choose between annual or longer-term agreements, and despite the high costs, both products are valued for their capabilities in enhancing network security and operational efficiency.
I have seen a return on investment more in the risk saved since it catches a lot of stuff security-wise that is good to catch.
I have seen a return on investment since using Check Point IPS, as evidenced by fewer incidents.
Our technical teams have personal relationships with our account executives and direct support people.
The customer support for Check Point IPS is very good.
Customer support for Check Point IPS is satisfactory.
The scalability of Check Point IPS is on point.
We have moved to a hyper-scale master environment, allowing us to scale by adding additional gateways to the clusters.
Check Point IPS provides a very stable and reliable environment.
I find Cisco IOS Security to be a very stable product.
At least 60% of all the alarms generated by the IPS are false positives or something that's not important to look at, and this generates a significant workload for my team.
Automated attack path correlation in SmartEvent to improve situational awareness.
Visual analytics and automated attack path correlation in SmartEvent to enhance situational awareness and attack identification.
My experience with pricing, setup cost, and licensing for Check Point IPS is good; it's baked into the firewall licensing, so that's very good.
Comparisons with Fortinet show that Check Point IPS is relatively more expensive, but we found it cheaper to retain it rather than switch.
My experience with pricing, setup cost, and licensing for Check Point IPS has been satisfactory.
The integration with Check Point ThreatCloud ensures the IPS engine is updated with the latest attack signatures.
The solution employs behavioral heuristic analysis to block zero-day attacks using AI-powered engines.
The best features Check Point IPS offers include finding threats hidden in encrypted data, which I find valuable.
This solution, called Network Access Controller, handles authentication, authorization, and accounting for devices accessing the network.
| Product | Market Share (%) |
|---|---|
| Check Point IPS | 5.0% |
| Cisco IOS Security | 1.7% |
| Other | 93.3% |
| Company Size | Count |
|---|---|
| Small Business | 31 |
| Midsize Enterprise | 24 |
| Large Enterprise | 23 |
| Company Size | Count |
|---|---|
| Small Business | 18 |
| Midsize Enterprise | 14 |
| Large Enterprise | 18 |
Check Point IPS is an intrusion prevention system that aims to detect and prevent attempts to exploit weaknesses in vulnerable systems or applications. The solution provides complete, integrated, next-generation firewall intrusion prevention capabilities at multi-gigabit speeds with a low false positive rate and high security. It helps organizations secure their enterprise network, and protect servers and critical data against known and unknown automated malware, blended threats, and other threats.
Check Point IPS Features
Check Point IPS has many valuable key features. Some of the most useful ones include:
Check Point IPS Benefits
There are many benefits to implementing Check Point IPS. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Check Point IPS is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it has granularity capabilities for rule creation, quick updates of signatures, and a helpful mechanism that allows users to turn IPS signatures to a different mode automatically.
A System and Network Administrator at Auriga mentions, “The Check Point IPS module allows me granularity in creating rules. I can specify which definition to apply and to which scope or network.” The reviewer also adds, “I can create multiple profiles, which is helpful.”
“The quick updates of the signatures when a new threat is identified are great. For instance, when Microsoft releases patches, we usually see new signatures for those issues that have to be patched in a day. This gives us time to test/deploy the patches while already being protected from the threats. Also, it's very good with reporting. I can generate reports for management automatically based on the threats of the last day/week/whatever is needed,” says a Systems en networks engineer at CB.
Another PeerSpot user, a Network Engineer at VSP Vision Care, writes, “The mechanism where you can let the system automatically turn the IPS signature to a different mode (prevent / monitor / inactive) is a nice feature that allows us to easily adjust the balance between security protection and the risk of business impact.”
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
