We performed a comparison between Cisco NGIPS and ExtraHop Reveal(x) based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."NGIPS lets you map web requests to a specific user to determine who is downloading files and what they are accessing. You can use it to identify users downloading malware or track time wasters using Facebook or something like that. It gives you visibility into what your users are doing on the Internet."
"It has helped to improve our cybersecurity and our network security posture."
"The most valuable feature of Cisco NGIPS is its protection."
"The most valuable feature is its IPS ability. You are able to balance security and connectivity."
"The initial setup wasn't complex or complicated."
"The solution is stable. This is one of the good things in Firepower. Especially if we use ESE with it."
"NGIPS' best feature is the separate IPSec tunnels, which makes the user's data more secure if they want to access it privately."
"The main advantages to Cisco are the scale, the integration, the training, and the possibility of finding somebody to work with."
"Reveal X integrates seamlessly with CrowdStrike. If you see something sketchy on the network, you can quarantine devices through ExtraHop and it'll push to the CrowdStrike server."
"The most valuable features of ExtraHop Reveal(x) are the detection and alerting of network behavior and anomalies."
"The solution works well for sending sensors."
"The solution's initial setup process is easy."
"Setting up the solution is relatively easy."
"With ExtraHop Reveal(x), it gives me more visibility into the packets. It doesn't provide the entire packet capture, but it offers more information on how connections are made at the network layer. This can be helpful for detecting network attacks. Additionally, I really like the customizable dashboards and reports. The incident dashboard and alerts provide a good summary initially, and diving deeper into them gives more detailed information. It's also great for analyzing specific attacks and victim logs. The feature that tracks the full attack chain makes it easier to monitor the progress of attacks. Plus, it's connected to the Netria.com app, which I find useful for certain tasks."
"It's a wire analytics tool. We use it for isolating and determining issues on our network or applications. It does a lot for crediting the network as opposed to discrediting the network. A lot of people come along and say that it's a network issue. It's always considered to be a network issue, but by using ExtraHop, we can quickly tell them that it's not a networking issue. It's something to do with your application or something at the other end. It could be a database issue. This tool gives us the ability to pinpoint with great accuracy the comings and goings on our network."
"The solution's ability to decrypt SSL traffic is its most valuable feature."
"The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery."
"If there was a software-based solution for scaling up then it would be much better."
"The feedback from some of our customers is that they weren't interested in Cisco because it was too complicated to deploy, especially in cloud-related areas."
"I would like to see the sanctions lifted so we could use the full solution and have the speed increased."
"Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture."
"The product's high price is an area of concern where improvements are required."
"The attack patterns and payloads go undetected in Cisco. We would like to see a new solution with more effective detection of attack patterns. There should be more data analyzing patterns as well which provides useful information."
"They could provide one solution to fit all the use cases."
"They used to have the ability to decode Citrix sign-on, setup, and tear down. Unfortunately, Citrix has stopped sharing that knowledge. Citrix has continued to change its model of processing, making it harder and harder to troubleshoot."
"There is a little training online, but it'd be cool if ExtraHop provided certifications. CrowdStrike does elective training that gives you a certification as a Falcon administrator. It'd be nice to see ExtraHop have something like that"
"ExtraHop Reveal(x) could improve by allowing a longer look back in the feature. Right now you have a limit of 30 days to look back on your activity. I've used Darktrace before, and they allow you the ability to play back events. This would be a good feature to have in ExtraHop Reveal(x)."
"It needs integration with more security vendors."
"The solution’s pricing could be improved."
"Netflow - Processing Netflow can be cumbersome as it requires triggers to truly gain value and insight. This in turn can add a bit of load to the hardware. The focus of ExtraHop Reveal (x) is live packet data."
"The solution should include more support protocols."
"I think the tuning capabilities could be improved. We're working on minimizing false positives. Apart from that, everything seems fine to me."
Cisco NGIPS is ranked 5th in Intrusion Detection and Prevention Software (IDPS) with 62 reviews while ExtraHop Reveal(x) is ranked 5th in Network Traffic Analysis (NTA) with 12 reviews. Cisco NGIPS is rated 8.2, while ExtraHop Reveal(x) is rated 8.6. The top reviewer of Cisco NGIPS writes "Very effective for malware and signature-based anomalies but stability needs improvement". On the other hand, the top reviewer of ExtraHop Reveal(x) writes "It helps you visualize how data moves across your network". Cisco NGIPS is most compared with Check Point IPS, Fortinet FortiGate IPS, Trend Micro TippingPoint Threat Protection System, Palo Alto Networks Advanced Threat Prevention and Cisco Sourcefire SNORT, whereas ExtraHop Reveal(x) is most compared with Darktrace, Vectra AI, Corelight, Cisco Secure Network Analytics and Arista NDR.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.