Coming October 25: PeerSpot Awards will be announced! Learn more
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 13

What needs improvement with Cisco NGIPS?

Please share with the community what you think needs improvement with Cisco NGIPS.

What are its weaknesses? What would you like to see changed in a future version?

PeerSpot user
24 Answers
Networking Security Consultant at a tech services company with 51-200 employees
Top 10
05 April 21

Multi-internet line load balancing should be supported. It is available from other vendors and should be included with this product.

Hozaifa Samad - PeerSpot reviewer
Networking & Security Consultant at LayerZoom
Top 10
01 April 21

I think the GUI user interface could be improved and the login is not very user friendly. They could maybe improve on that.

Systems & Network Manager at Rocky View School Division
Real User
Top 10
24 February 21

We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower.

CASO at a tech services company with 11-50 employees
Real User
Top 10
22 February 21

The SSL decrypt could be improved, but it's normal. All the devices in our platform need a lot of memory or CPU to do the SSL decrypt. This is an issue to improve in all platforms, not only in Cisco. They have SecureX which can be integrated with other platforms. But I think the improvement of SecureX in the platforms is needed. SecureX is really new but I think that needs a little improvement.

IT Manager at a financial services firm with 51-200 employees
Real User
Top 10
14 February 21

The user interface needs some improvement, it is a little rudimentary and not very intuitive. If you are not very technical inclined you may need to be assisted or might struggle to set it up. The newer version tends to use a lot of system resources. For example, your processor and RAM.

Manager - Automation, Electrical, IT and Networking at a mining and metals company with 1-10 employees
Real User
Top 10
11 February 21

The onboarding process could be made a little bit better.

Learn what your peers think about Cisco NGIPS. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,572 professionals have used our research since 2012.
ZhulienKeremedchiev - PeerSpot reviewer
Lead Network Security Engineer at TECHNOCORE LTD
Real User
Top 5
02 February 21

I do not think that Cisco has official documentation regarding use cases. They can do better on their documentation because the product is really hard to understand. You need a lot of time to change around things to understand how it works exactly and fine-tune it. If they make it less complicated, I think it will really help all the customers. They could make the user interface of the management center more user friendly and customizable in the next release. I think they can take some pointers from Palo Alto because their user interface is really intuitive and really customizable.

Senior Network Security Engineer at a wellness & fitness company with 10,001+ employees
Real User
Top 10
19 October 20

The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery. You need that to really handle finding anomalies properly. In the past, I've noticed that some applications are not identified correctly, based on the OS and the fingerprints that they're pulling from the host. In the future, we would like to see more involvement with the on-premises hybrid cloud. We want to see Cisco do more in the cloud space, and basically improving the connection between on-premises and the cloud. This including things such as automation.

Muhammad Aneel - PeerSpot reviewer
Distribution officer at Wilshirelabs
Real User
Top 10
14 October 20

Because of cybersecurity threats, other security features should be available in Cisco devices. Sangfor IAM is good because this provides the logging IAM feature which you can retain for up to 12 months. But Cisco does not provide this type of logging because no third-party logging server is supported with the Cisco firewall.

DGM IT Infra & Facility at a tech services company with 1-10 employees
Real User
Top 5
08 October 20

I would like to see better support for preventing cross-scripting and brute-force attacks that may originate from our homegrown applications. This is needed because the applications that we are developing for internal use do not go through the heavy security check that we have in place. If there is some flaw in an application, which happens every now and then, then there will be a huge cost that I may have to pay. I would like to know that if I have a security solution in place then I am at least 99% confident that problems will be prevented. As it is now, I cannot say that I am 80% secure against my applications being attacked. Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture. Adding this type of functionality would make this product unbeatable.

Ivan Radev - PeerSpot reviewer
Network Security Consultant at Societe Generale Global Solution Centre
Real User
Top 5
07 October 20

The configuration of this product can be simplified. I am an expert in this area because few people can do it. It requires a lot of training and documentation. I think that some initiation scripts might be helpful because they would make the configuration easier and more user-friendly for customers.

Associate Consultant at NTT Security
Real User
Top 20
21 September 20

Currently, this product is difficult to manage. It needs to be more user-friendly. A lot of improvements can be made into the overall architecture of the firewall. It's lacking right now. It's something they need to work hard to improve. The reason for the lack of cohesion in the architecture is due to the fact that Cisco acquired this company and then they merged two products, the Cisco ASA and the Firepower product, into a single product. As a result, the product is not as mature as some of the other comparable products out in the industry. The price is in the high end of the spectrum, again, comparing to other players in the industry. The solution requires better management. When it comes to central management capabilities, improvements can be made. Better reporting in terms of analytics and dashboards would be very useful in future versions.

Manager IT Security at UnitedHealth Group
Real User
26 July 20

It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own. It learns patterns, learns what good traffic looks like then is able to stop bad traffic, not just based on behavior but based on every other thing. I think other next-generation IPS solutions are turning towards integration of ML and AI. I need machine learning and the ability to share intelligence.

Network Administrator
Real User
02 September 19

The pricing is very expensive. They should make their equipment more affordable. Cisco should offer better integration capabilities and offer an easier integration process.

System Engineer at a tech services company with 11-50 employees
Real User
30 August 19

Overall, it lacks user-friendliness. It could be easier to manage. I can train any customer using FortiGate or Palo Alto in a few days, but with Cisco, it takes much more time because the systems aren't easy to use. It would be very nice to get rid of FlexConfig. It's a very unhelpful element of the solution. One feature that is lacking is full interoperability with CLI. You can configure Palo Alto and FortiGate with a graphical interface, and you can configure it with the command line. This is not so in Cisco. For professionals, this is important because the command line allows us to configure a lot of things and copy configurations and it's much easier.

System Engineer at Sho
Real User
28 August 19

I have had a lot of problems with false positives and it would be helpful if this were improved. I would like to see integration with monitoring tools such as Nagios or BMC. An improved dashboard would be great.

it_user833742 - PeerSpot reviewer
IT Operations Officer at Kiran International
Real User
26 August 19

I would like to see the total performance for the users improved. We have a need for security, so we would like to see more protection against virus attacks and ransomware attacks. The inclusion of bandwidth management features would improve this product. I would like to have an API for application development.

TariqueAshraf - PeerSpot reviewer
Chief Technology Officer at a tech services company
Real User
29 July 19

We would like to see support for DDoS protection. The cost of adding additional throughput is very high and is an area of concern. Competing products such as FortiGate and TippingPoint have a much larger throughput at a smaller cost. The devices have certain limitations and to go beyond them, I need to change the hardware. For example, if I exceed the throughput on the 2000 series then I have to switch to the 4000 series. This one then has a limitation of perhaps fifty gigabytes, and if I exceed that, then I need to move to the 9000 series. By comparison, TippingPoint and FortiGate have no limit. If there was a software-based solution for scaling up then it would be much better.

Network Infrastructure Program Manager at a non-profit with 1,001-5,000 employees
Real User
07 July 19

The file trajectory could be improved. We still have a web proxy but I think at some point we should not have two products. We should have only one product. Most of the features of the web proxy already exist in the UTM appliances. We have a debate as to whether it's the Cisco Firepower and UTM Appliance of next-generation firewall. But I consider both of them the same. So I would say if we have the caching and the other features which are unique features to the Web Proxy, I think Cisco will be number one if they are able to include such features in the future.

AymenBoumaiza - PeerSpot reviewer
Senior Consultant at Wevioo
07 July 19

There are some features not found in Firepower, like data loss prevention, and SSO, to have a connection between Cisco and Active Directory, which was introduced on other products. In the future, I'd like the same solution in other UTM solutions. I know it has an application filter, but it's not really improving. Also, DLP needs to prevent data loss. Those two features are really important now for firewalls and for the security. The data loss prevention really is the most asked for feature from the customer. Often they ask about how we can prevent loss of emails, of data, files. It's really important.

IT Engineer at a tech services company with 11-50 employees
Real User
30 June 19

The main problem with Firepower is the time between deployment and configuration. Now, it's approximately six minutes, so If I configure something during deployment, I understand that maybe if I write up a small mistake, I need to wait twelve minutes before I can fix the configuration. So I think the main problem is the time of deployment. The solution could add DLT, but it's already full enough of features. The interface could be simpler and more user-friendly. More flexibility with the dashboards is needed because some of them are not fully developed. We could use more flexible base boards.

Senior Manager, Network Infrastructure at a financial services firm with 5,001-10,000 employees
Real User
26 June 19

The aspect of private party integration solutions could be improved. I would like to see a sandboxing feature. And the options that people buy in modules, they need to packaged better as a baseline.

Cyber Engineer at a aerospace/defense firm with 10,001+ employees
Real User
11 March 19

* I would like to see better integration with SIEMs. * Better rule building using other tools, like LuaH and Python. * Better performance. * Better intelligence gathering in domains, the main URLs, and endpoint solutions.

Security at a government with 1,001-5,000 employees
Real User
11 March 19

In the next release I would like to see better reporting. I also find it's hard to act on the data it gives you.

Related Questions
Julia Frohwein - PeerSpot reviewer
Senior Director of Delivery at PeerSpot (formerly IT Central Station)
Aug 06, 2022
Hi Everyone, What do you like most about Cisco NGIPS? Thanks for sharing your thoughts with the community!
2 out of 34 answers
Senior Manager, Network Infrastructure at a financial services firm with 5,001-10,000 employees
26 June 19
It has aligned the features in accordance to our strategic needs
IT Engineer at a tech services company with 11-50 employees
30 June 19
The initial setup wasn't complex or complicated.
Nurit Sherman - PeerSpot reviewer
Content Operations Manager at PeerSpot (formerly IT Central Station)
May 15, 2018
On a scale from 1-10, how would you rate Rapid7 InsightIDR and why?
2 out of 3 answers
CISO at a religious institution with 501-1,000 employees
14 May 18
Have not implemented at yet the InsightDR solution. Am reviewing the system
Database Administrator with 501-1,000 employees
14 May 18
Nine out of ten. Great feature set out of the box; can be run by small or large teams; prompt support and new features added continually. Able to scale to meet the demands of the data that it ingests and storage costs are included in the subscription model.
Related Solutions
Download Free Report
Download our free Cisco NGIPS Report and get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,572 professionals have used our research since 2012.