• Home
  • Cisco NGIPS vs. KerioControl

Cisco NGIPS vs KerioControl comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo

Cisco NGIPS

Read 62 Cisco NGIPS reviews
2,973 views|1,746 comparisons
93% willing to recommend
GFI Logo

KerioControl

Read 54 KerioControl reviews
891 views|588 comparisons
88% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cisco NGIPS vs. KerioControl
March 2024
Executive Summary

We performed a comparison between Cisco NGIPS and KerioControl based on real PeerSpot user reviews.

Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Cisco NGIPS vs. KerioControl Report (Updated: March 2024).
Download the complete report
767,847 professionals have used our research since 2012.
Featured Review
MahmoodAbdollahi
The best in the world, high value features, with long term reliability
I think the Cisco Firepower is the best firewall in the world and the other security features like AMP, IPS, and deep inspection packets.
Anonymous User
Researched Cisco NGIPS but chose KerioControl: Scalable with an easy initial setup but technical support is terrible
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"In the virtual deployment, you have a couple of choices depending on your needs and how much bandwidth you have that needs to be inspected.""The security intelligence in the product is the best feature and give us all the information that we need in our network.""We like the Cisco product, the concept, and the tech intelligence.""The most valuable feature of Cisco NGIPS is the centralized user interface. You have the ability to quickly push out configurations across your environment using the Cisco UI. It's a powerful capability of that solution.""Cisco NGIPS is working well overall with our current needs.""NGIPS lets you map web requests to a specific user to determine who is downloading files and what they are accessing. You can use it to identify users downloading malware or track time wasters using Facebook or something like that. It gives you visibility into what your users are doing on the Internet.""The product's initial setup phase was easy.""I have found the filter and the antivirus to be most valuable."

More Cisco NGIPS Pros →

"The flexibility of the system, the capacity to provide the right level of security, and the ability to be integrated into different kinds of infrastructures are the most valuable features.""Kerio has improved my organization's security.""The top features are ones that we're not using yet but we soon will be because we've just had broadband upgraded in Australia. We've got something called the National Broadband Network, which is forced onto you, so you have to take it when it arrives. We'll be trying the high availability out soon. We tried that with some load balancing, it didn't quite work as we expected, but I think that was more of a configuration thing rather than a product thing.""One thing we use quite a lot, as well, is the DHCP Server, because we do a lot of work where all our devices need to have static IP addresses. Rather than going around and configuring every box, we do it all through DHCP reservations. It's easier. We've got a record of it. We can manipulate it if we need to change something or change some hardware. It's all easy. Even guys who are not used to using it can pick it up quite quickly.""The reporting needs to be improved. It is hard to get a domain.""I am impressed with the tool's firewall filtering capacity.""The solution’s firewall and intrusion detection features are quite good because you can see exactly who is attacking you and who is getting blocked.""The most valuable features of KerioControl are ease of configuration, user-friendliness, and comfortable to use. It is an all-in-one solution, it comes with many features, such as a firewall, antivirus software, and network protection."

More KerioControl Pros →

Cons
"There is room for improvement in the policy documentation.""The GUI user interface could be improved and the login is not very user friendly.""I would like to see integration with monitoring tools such as Nagios or BMC.""The look and feel of the console could be updated.""We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower.""Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture.""My opinion is that this solution should improve the pricing.""The biggest problem with most Cisco products is that the interface is lagging behind the competition. The user interface could be updated and improved."

More Cisco NGIPS Cons →

"Kerio Control has just improved on their biggest problem, which was to introduce better support for high-availability requirements in production.""The antivirus seemed to be a bit laggy on the connection so I disconnected that. It's definitely good. The only issue we've had with any sort of cyber attack seemed to be coming from a couple of distinct locations, people trying to get into known ports on remote desktops and stuff like that. The fact that we can block all that traffic is just great. It simplifies it.""It has a VPN back to our data center but I don't think it has increased the number of VPN clients extended to those outside our environment""I would like it if the interface section had multiple failovers. Although I do have three connections, just in case our physical cables get disconnected, I can only set up one failover as a backup. So, if for some reason our fiber and our AFM went down together, I would have to have it search for our 4G modem. I'd love to have extra backups running.""One area that confused me a bit when I was building my current network. I use VLANs to have separate functionality on the network, and the appliance I got was the WiFi model, but I discovered that you can't assign WiFi channels to the VLAN. So, you can have WiFi, but its own subnet. You can't run that over the VLAN. Effectively, I can't use the WiFi facility in the appliance and had to purchase a separate web that supports VLANs. In the end, I had to go to GFI support. They confirmed this is just a limited functionality of that device, as it is a low-end device. I don't know if any of their high-end models have a better facility or not.""The improvement that we are looking for is for when decide to move some part of our application to the cloud.""There's also room for improvement in the Traffic Rules. We define networks to use a specific outgoing interface, say VSAT, shore, or marine WiFi, which is okay. But then all we have is a checkbox that says "Use other internet interfaces if this one is unavailable." What we would prefer would be to have a priority list. So if VSAT is unavailable, try to use 4G, etc. We haven't really found a reliable way of doing that in the current release.""I would like for them to add more security features."

More KerioControl Cons →

Pricing and Cost Advice
  • "We buy the licensing on a yearly basis, when we renew our contract. It is around $14,000."
  • "The price for additional throughput is the highest in the industry."
  • "Licensing fees for this solution are $3,500 USD, and there are no additional costs."
  • "Cisco products are always expensive, but if you can afford the price then it's a great solution."
  • "Pricing depends on negotiation with the vendor, although I can say that it is moderate."
  • "The cost of the license depends on the level of support that you have with Cisco."
  • "This is an expensive product, with the biggest cost being the license that keeps the service going."
  • "There are licensing fees depending on the features that you are using."

    • More Cisco NGIPS Pricing and Cost Advice →

  • "Search and compare."
  • "Pricing is good, but the licensing took a lot of time."
  • "The price is inexpensive."
  • "It's very affordable."
  • "The pricing is in-line with our expectations in terms of the quality that we get for it."
  • "There is a yearly upkeep fee."
  • "My advice is to use your own hardware, and do not use theirs."
  • "It is a good fit for SMBs because of its maintainability. When you want to keep your costs low, then Kerio Control is a very good solution. It's not an expensive product that is well integrated. It has a complete set of features within it that make it a very strong product."

    • More KerioControl Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
    See Recommendations
    767,847 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Cisco NGIPS?
    Top Answer:The product's initial setup phase was easy.
    Read all 49 answers   →
    What is your experience regarding pricing and costs for Cisco NGIPS?
    Top Answer:Cisco NGIPS is an expensive product.
    Read all 34 answers   →
    What needs improvement with Cisco NGIPS?
    Top Answer:My company does not use the URL filtering capabilities offered by Cisco NGIPS. My company prefers to use the URL filtering feature offered by a brand other than Cisco since other tools provide an… more »
    Read all 49 answers   →
    What do you like most about KerioControl?
    Top Answer:The solution provides feasibility regarding cyber privacy.
    Read all 48 answers   →
    What is your experience regarding pricing and costs for KerioControl?
    Top Answer:The pricing is reasonable. We have to pay approximately EUR 175 for the product.
    Read all 40 answers   →
    What needs improvement with KerioControl?
    Top Answer:The pricing of the product can be improved. The trial duration of the product should also be extended.
    Read all 46 answers   →
    Ranking
    5th
    out of 42 in Intrusion Detection and Prevention Software (IDPS)
    Views
    2,973
    Comparisons
    1,746
    Reviews
    25
    Average Words per Review
    329
    Rating
    8.2
    16th
    out of 42 in Intrusion Detection and Prevention Software (IDPS)
    Views
    891
    Comparisons
    588
    Reviews
    7
    Average Words per Review
    276
    Rating
    7.7
    Comparisons
    Also Known As
    Sourcefire NGIPS, Firepower NGIPS
    Learn More
    Cisco
    GFI
    Overview

    Cisco NGIPS (Next-Generation IPS) is a highly effective intrusion detection and prevention solution. It is designed to secure a user’s system from end to end and ensure that users are equipped to handle even the most sophisticated threats by offering them a high level of network visibility, threat intelligence, and security automation. Organizations across a wide variety of industries trust IPS to help them prevent unwanted intrusions from harming their networks.

    Cisco NGIPS Benefits

    Some of the ways that organizations can benefit by choosing to deploy Cisco NGIPS include:

    • Increased visibility. Cisco NGIPS enables users to gain a real-time view of all of the events that are taking place in their network. It gathers data from all corners of the network and uses it to provide organizations with context that can aid them in both proactively keeping themselves safe from harm and reactively addressing potential issues.
    • Increased threat protection. NGIPS’ backbone is the core open Snort technology. This is the most widely used intrusion prevention software on the planet. It leverages this software to search for and detect vulnerabilities and anomalies that might otherwise go unnoticed. IPS is 99.7% effective at stopping threats.
    • Flexibility. NGIPS can be customized so as to fit an organization’s specific security needs. Users can set the system so that it recognizes and seeks out threats that the organization defines as being of the highest level of concern.

    Cisco NGIPS Features

    • Security automation. NGIPS offers users a variety of powerful automation tools that can be leveraged to maximize a network’s protection. Analytics tools automatically examine intrusions and correlate them with known vulnerabilities in a user’s network.
    • Integration suite. NGIPS enables users to integrate their security with many different cloud and application security services. Organizations can seamlessly combine the features that NGIPS offers with other platforms to bolster their effectiveness. This gives users the option to plug any feature hole that they might perceive.
    • URL filter. NGIPS comes with a built-in filter that allows businesses to specify sources that the system should flag and block. This prevents known threats from causing significant harm to an organization’s network.

    Reviews from Real Users

    Cisco NGIPS is a highly effective solution that stands out when compared to many of its competitors. Two major advantages are its easy-to-use GUI interface and the highly effective technical support that it offers users.

    Aankit G., a consultant at Pi DATACENTERS, said, “The FTD has a GUI interface, which is very easy to work around with all the configurations. It is a client-based software based on Java. Now we have the GUI web interface, and it's very interactive and easy to navigate.”

    Gebremichael T., a networking and security engineer at IE Network Solutions PLC, says, “The other aspect that I like is the technical support, who are highly capable. They were very good to us during the times that we used them and they tend to reply immediately to queries, even though you might not get the right engineer to help you right away. Tickets are usually assigned to junior staff at first but they do have escalation procedures, so if the support member can't solve the issue then they will immediately escalate it to higher management.”

    Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.

    With Kerio Control you can:

    • Preserve the integrity of your network.
    • Manage bandwidth to streamline traffic flows.
    • Improve productivity with filtering capabilities.

    Kerio Control Features

    Some of Kerio Control’s most valuable features include:

    High availability, deployment flexibility, deep packet inspection, advanced routing, usage reporting, quick administering, intrusion detection and prevention (IPS), gateway anti-virus, VPN, web and content application filtering, and centralized administration with MyKerio.

    Kerio Control Benefits

    • Eliminate downtime risks: Because Kerio Control offers high availability and failover protection, you can eliminate the risk and cost of connectivity or threat protection downtime.

    • Detailed reports: Kerio Control makes it easy to view individual users’ internet activity through detailed reports.

    • Traffic monitoring: Traffic monitoring allows you to manage bandwidth and makes it possible for you to control access to streaming video and peer-to-peer networks.

    • Server protection: Using Kerio Control’s advanced networking routing and deep packet inspection, you can protect servers.

    • Easily create policies: With Kerio Control, you can create both inbound and outbound traffic policies, and can also restrict communication by specific URLs, applications, traffic type, content category, or even time of day.

    • Snort-based analysis: Kerio Control gives you the ability to add a transparent layer of intrusion prevention with snort-based analysis along with a database of rule and blacklisted IP addresses that is regularly refreshed.

    • Optionally integrated anti-virus: WIth this feature, you can prevent viruses, Trojans, or spyware from entering your networks.

    Reviews from Real Users

    Here is some feedback from some of our users who are currently using the solution:

    PeerSpot user Brian C., Senior Technology Specialist, VP at Unified Technology Solutions, writes "It is very comprehensive and simple. It has all the active protections. It's updated. We love that you can set how often it is updated so you can work on what is right for you. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios."

    Andy D., IT Manager at Flare Technologies, praises how easy it is to use and says, "One thing we use quite a lot, as well, is the DHCP Server, because we do a lot of work where all our devices need to have static IP addresses. Rather than going around and configuring every box, we do it all through DHCP reservations. It's easier. We've got a record of it. We can manipulate it if we need to change something or change some hardware. It's all easy. Even guys who are not used to using it can pick it up quite quickly."



    Sample Customers
    American Electric Power, Huntington Bank, Keycorp, Nationwide, Transunion, Marriott, Inova Health, Ford, Thomson Reuters, Dow Chemical, Equifax, Chevron, Walmart, Coca Cola
    Triton Technical, McDonald's
    Top Industries
    REVIEWERS
    Financial Services Firm19%
    Computer Software Company14%
    Government11%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company19%
    University10%
    Government9%
    Financial Services Firm9%
    REVIEWERS
    Computer Software Company15%
    Financial Services Firm12%
    Manufacturing Company12%
    Comms Service Provider12%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Comms Service Provider13%
    Media Company7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise27%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise16%
    Large Enterprise64%
    REVIEWERS
    Small Business80%
    Midsize Enterprise17%
    Large Enterprise4%
    VISITORS READING REVIEWS
    Small Business37%
    Midsize Enterprise17%
    Large Enterprise45%
    Buyer's Guide
    Cisco NGIPS vs. KerioControl
    March 2024
    Free Report: Cisco NGIPS vs. KerioControl
    Find out what your peers are saying about Cisco NGIPS vs. KerioControl and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    767,847 professionals have used our research since 2012.

    Cisco NGIPS is ranked 5th in Intrusion Detection and Prevention Software (IDPS) with 62 reviews while KerioControl is ranked 16th in Intrusion Detection and Prevention Software (IDPS) with 54 reviews. Cisco NGIPS is rated 8.2, while KerioControl is rated 8.0. The top reviewer of Cisco NGIPS writes "Very effective for malware and signature-based anomalies but stability needs improvement". On the other hand, the top reviewer of KerioControl writes "With VPN, any of our guys can log in to the system and effectively be on board; helps with our customers all over the world". Cisco NGIPS is most compared with Check Point IPS, Fortinet FortiGate IPS, Trend Micro TippingPoint Threat Protection System and Cisco Sourcefire SNORT, whereas KerioControl is most compared with Netgate pfSense, Fortinet FortiGate, OPNsense, Sophos XG and Sophos UTM. See our Cisco NGIPS vs. KerioControl report.

    See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.

    We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.