We performed a comparison between Cisco NGIPS and KerioControl based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In the virtual deployment, you have a couple of choices depending on your needs and how much bandwidth you have that needs to be inspected."
"The security intelligence in the product is the best feature and give us all the information that we need in our network."
"We like the Cisco product, the concept, and the tech intelligence."
"The most valuable feature of Cisco NGIPS is the centralized user interface. You have the ability to quickly push out configurations across your environment using the Cisco UI. It's a powerful capability of that solution."
"Cisco NGIPS is working well overall with our current needs."
"NGIPS lets you map web requests to a specific user to determine who is downloading files and what they are accessing. You can use it to identify users downloading malware or track time wasters using Facebook or something like that. It gives you visibility into what your users are doing on the Internet."
"The product's initial setup phase was easy."
"I have found the filter and the antivirus to be most valuable."
"The flexibility of the system, the capacity to provide the right level of security, and the ability to be integrated into different kinds of infrastructures are the most valuable features."
"Kerio has improved my organization's security."
"The top features are ones that we're not using yet but we soon will be because we've just had broadband upgraded in Australia. We've got something called the National Broadband Network, which is forced onto you, so you have to take it when it arrives. We'll be trying the high availability out soon. We tried that with some load balancing, it didn't quite work as we expected, but I think that was more of a configuration thing rather than a product thing."
"One thing we use quite a lot, as well, is the DHCP Server, because we do a lot of work where all our devices need to have static IP addresses. Rather than going around and configuring every box, we do it all through DHCP reservations. It's easier. We've got a record of it. We can manipulate it if we need to change something or change some hardware. It's all easy. Even guys who are not used to using it can pick it up quite quickly."
"The reporting needs to be improved. It is hard to get a domain."
"I am impressed with the tool's firewall filtering capacity."
"The solution’s firewall and intrusion detection features are quite good because you can see exactly who is attacking you and who is getting blocked."
"The most valuable features of KerioControl are ease of configuration, user-friendliness, and comfortable to use. It is an all-in-one solution, it comes with many features, such as a firewall, antivirus software, and network protection."
"There is room for improvement in the policy documentation."
"The GUI user interface could be improved and the login is not very user friendly."
"I would like to see integration with monitoring tools such as Nagios or BMC."
"The look and feel of the console could be updated."
"We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower."
"Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture."
"My opinion is that this solution should improve the pricing."
"The biggest problem with most Cisco products is that the interface is lagging behind the competition. The user interface could be updated and improved."
"Kerio Control has just improved on their biggest problem, which was to introduce better support for high-availability requirements in production."
"The antivirus seemed to be a bit laggy on the connection so I disconnected that. It's definitely good. The only issue we've had with any sort of cyber attack seemed to be coming from a couple of distinct locations, people trying to get into known ports on remote desktops and stuff like that. The fact that we can block all that traffic is just great. It simplifies it."
"It has a VPN back to our data center but I don't think it has increased the number of VPN clients extended to those outside our environment"
"I would like it if the interface section had multiple failovers. Although I do have three connections, just in case our physical cables get disconnected, I can only set up one failover as a backup. So, if for some reason our fiber and our AFM went down together, I would have to have it search for our 4G modem. I'd love to have extra backups running."
"One area that confused me a bit when I was building my current network. I use VLANs to have separate functionality on the network, and the appliance I got was the WiFi model, but I discovered that you can't assign WiFi channels to the VLAN. So, you can have WiFi, but its own subnet. You can't run that over the VLAN. Effectively, I can't use the WiFi facility in the appliance and had to purchase a separate web that supports VLANs. In the end, I had to go to GFI support. They confirmed this is just a limited functionality of that device, as it is a low-end device. I don't know if any of their high-end models have a better facility or not."
"The improvement that we are looking for is for when decide to move some part of our application to the cloud."
"There's also room for improvement in the Traffic Rules. We define networks to use a specific outgoing interface, say VSAT, shore, or marine WiFi, which is okay. But then all we have is a checkbox that says "Use other internet interfaces if this one is unavailable." What we would prefer would be to have a priority list. So if VSAT is unavailable, try to use 4G, etc. We haven't really found a reliable way of doing that in the current release."
"I would like for them to add more security features."
Cisco NGIPS is ranked 5th in Intrusion Detection and Prevention Software (IDPS) with 62 reviews while KerioControl is ranked 16th in Intrusion Detection and Prevention Software (IDPS) with 54 reviews. Cisco NGIPS is rated 8.2, while KerioControl is rated 8.0. The top reviewer of Cisco NGIPS writes "Very effective for malware and signature-based anomalies but stability needs improvement". On the other hand, the top reviewer of KerioControl writes "With VPN, any of our guys can log in to the system and effectively be on board; helps with our customers all over the world". Cisco NGIPS is most compared with Check Point IPS, Fortinet FortiGate IPS, Trend Micro TippingPoint Threat Protection System and Cisco Sourcefire SNORT, whereas KerioControl is most compared with Netgate pfSense, Fortinet FortiGate, OPNsense, Sophos XG and Sophos UTM. See our Cisco NGIPS vs. KerioControl report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.