We use the solution for cybersecurity purposes. The tool helps us to identify anomalies that come from internal or external networks.
Cyber Security at a financial services firm with 10,001+ employees
A cybersecurity solution that helps to identify anomalies that come from internal or external networks
Pros and Cons
- "We use the solution for cybersecurity purposes. The tool helps us to identify anomalies that come from internal or external networks."
- "The attack patterns and payloads go undetected in Cisco. We would like to see a new solution with more effective detection of attack patterns. There should be more data analyzing patterns as well which provides useful information."
What is our primary use case?
What needs improvement?
The attack patterns and payloads go undetected in Cisco. We would like to see a new solution with more effective detection of attack patterns. There should be more data analyzing patterns as well which provides useful information.
For how long have I used the solution?
I have been using the product for two years.
What do I think about the stability of the solution?
I would rate the solution's stability an eight out of ten.
Buyer's Guide
Cisco Secure IPS (NGIPS)
December 2024
Learn what your peers think about Cisco Secure IPS (NGIPS). Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,052 professionals have used our research since 2012.
What do I think about the scalability of the solution?
The tool's scalability is not an issue. We have a lot of people using the product even in our subsidiaries. We have a couple of thousand users for the solution.
How are customer service and support?
We have residence engineers for support. We mainly use level two support. Cisco's support in the local region is up to the level. However, we have issue with country-level support.
Which solution did I use previously and why did I switch?
I use Darktrace simultaneously.
How was the initial setup?
The product's setup was smooth and easy. The implementation was not a big deal and took two weeks to complete.
What about the implementation team?
A Cisco consultant helped us with the tool's implementation. They were competent, helpful, and confident.
What's my experience with pricing, setup cost, and licensing?
We get cut in price since we use other Cisco products. We have the whole bundle of Cisco solutions.
What other advice do I have?
I would rate the product a six out of ten. The solution is easy to maintain. We are looking for a solution that is powered by AI which gives enhanced protection and detection.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Consultant at Velocis Systems
A solution with an understandable graphical user interface with great security
Pros and Cons
- "It is salable and technically sound."
- "The integration can be more secure."
What is our primary use case?
We predominantly use this solution to place the perimeter on the firewall, which helps us filter out inbound and outbound traffic.
Cisco is tightly engaged with threat defence called Talos, which has more threat intelligence. In addition, they are dedicated to working on updating their IPS signatures.
For how long have I used the solution?
We have been using this solution for almost five years. It is deployed both on-premises and cloud, and we are using the latest version, Cisco 12.X.
What do I think about the stability of the solution?
It is a stable solution.
What do I think about the scalability of the solution?
It is a scalable solution. We have over 100 clients.
How are customer service and support?
The technical support is sound and clear.
How was the initial setup?
The initial setup is pretty straightforward, and it's like a plug-and-play. The graphical user interface is understandable, and their documentations are clear. In addition, they have an SOP document that can be used as a guide.
What's my experience with pricing, setup cost, and licensing?
There is an annual licensing cost. It is not a cheap solution, but it's cost-effective. Aside from costs, Cisco NGIPS provides great security. Cisco is providing more discounts to its end customers to survive in the security market.
What other advice do I have?
I rate this solution a ten out of ten. I would recommend this solution. When you compare Cisco NGIPS to other solutions, it is salable and technically sound. Other solutions have very limited services and threat intelligence.
Regarding additional features, they should speed up their technology to the market because, compared with other security vendors, Cisco is a little behind on the Gartner and technical front. In addition, the integration can be more secure.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Cisco Secure IPS (NGIPS)
December 2024
Learn what your peers think about Cisco Secure IPS (NGIPS). Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,052 professionals have used our research since 2012.
Senior Network Security Engineer at a wellness & fitness company with 10,001+ employees
Auto-scaling, powerful software fingerprint identification, and good technical support
Pros and Cons
- "I think their fingerprints are good in terms of how they whitelist and blacklist."
- "The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery."
What is our primary use case?
The NGIPS handles all of the IPS functionality for our security.
What is most valuable?
The most valuable feature for our cloud-based deployment is the autoscaling.
For our on-premises deployment, clustering is the most valuable.
I think their fingerprints are good in terms of how they whitelist and blacklist. This is because of Talos, which is really awesome. We use that a lot.
The anomaly detection capabilities are awesome.
What needs improvement?
The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery. You need that to really handle finding anomalies properly. In the past, I've noticed that some applications are not identified correctly, based on the OS and the fingerprints that they're pulling from the host.
In the future, we would like to see more involvement with the on-premises hybrid cloud. We want to see Cisco do more in the cloud space, and basically improving the connection between on-premises and the cloud. This including things such as automation.
For how long have I used the solution?
I have been using Cisco NGIPS for almost seven years.
What do I think about the stability of the solution?
The code is well-stabled right now and we've never had issues upgrading from one version to another. We've had it since version 2.0 and for every time we upgrade, it gets better. We're currently on version 6.6 and we're expecting that when 6.7 comes out, it will get better.
What do I think about the scalability of the solution?
This is a very scalable product. You can add multiple devices to the same policy and then push that out.
In the cloud space, scaling is done automatically based on the amount of traffic and the amount of bandwidth that's generated. It scales up and down, back and forth, as needed. For example, if there is not much traffic then it drops, whereas if there is a lot of traffic then it creates another FTD, and then it just shares the load with load balancing.
Everything is scaled properly both in the cloud and on-premises.
How are customer service and technical support?
Cisco's technical support is really good. I would say that they are number one. They follow up on their calls and tags, as well.
Which solution did I use previously and why did I switch?
I also have experience with Check Point and I find that the pricing is better with Cisco.
How was the initial setup?
The initial setup is straightforward. With the Firepower Threat Defense (FTD), everything is in one box. You can do everything from firewalls to IPS and more. It also includes the next-generation firewall.
It is an easy upgrade process that is easy to understand. I would say that from version 3.0, it has improved.
What's my experience with pricing, setup cost, and licensing?
The cost of the license depends on the level of support that you have with Cisco.
What other advice do I have?
My advice for anybody who is implementing Cisco NGIPS is to read and understand all of the documentation before you start. Whatever it is that you might need help with, reach out to Cisco support and let them help you. The documentation is available and it is very understandable so you may not need their help. I would say that if you take your time to read it then you shouldn't have any problems in deploying.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Technology Manager at AGRI-CORP
Has good malware detection, threat defense, sandboxing, VPN, and mail security features
Pros and Cons
- "The Malware Detection, threat defense, sandboxing, VPN and mail security have all been valuable features of Cisco NGIPS."
- "I would like to see Cisco NGIPS to include home office support in one single product."
What is our primary use case?
We use Cisco as a firewall. It is an intrusion detection and prevention solution.
What is most valuable?
The malware detection, threat defense, sandboxing, VPN, and mail security have all been valuable features of Cisco NGIPS.
What needs improvement?
The performance of CISCO Firepower could be improved.
We moved from Sophos to Cisco before the pandemic. During the pandemic, there was an increase in VPN connections. We had a layer of security within CISCO Umbrella, and now with Cloud. The firewall protects the internal system, but we needed to add another layer of security for the endpoints that are outside the local area network. We needed another product to cover this lack of security.
We prefer to have integration with the points that are outside our local area networks using the same brand using one single console. Because the firewall only protects the people inside the network, we required another solution.
I would like to see Cisco NGIPS include home office support in one single product.
For how long have I used the solution?
Our organization has been using Cisco NGIPS for two years.
What do I think about the stability of the solution?
Cisco NGIPS is stable most of the time.
What do I think about the scalability of the solution?
This solution is not easily scaled. I would like Cisco NGIPS to be easier to scale. With the increase in work from home, we needed to add another layer of security to ensure we can meet the demand of stability, high availability, and connection.
How are customer service and support?
Our company has two layers of support with Cisco. One is the local support, which is very good. The second support is directly from Cisco. They are quick to respond and have quick solutions to the problems.
Which solution did I use previously and why did I switch?
We moved from Sophos to Cisco Firewall because we were looking for better integration between all the appliances and data center. All of our core switches, our wireless system, and other tools are the Cisco brand, meaning that all our monitoring options are integrated under Cisco.
What about the implementation team?
We hired a professional service to install this solution.
What other advice do I have?
With the increase in work from home, companies may need more than just a firewall. I recommend anyone considering Cisco NGIPS evaluate all the demands from their in-home offices and determine if their solution needs to be bigger, or wider, for security and performance.
I would rate this product a 9 out of 10, particularly if you work in a LAN environment.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Networking and Security Engineer at IE Network Solutions PLC (Ethiopia)
Straightforward licensing with good support, but plagued by stability issues
Pros and Cons
- "The top features of Cisco NGIPS, which have been working very well, include stateful inspection and the access list-based security configuration. But from my perspective, the best part of Cisco NGIPS is the licensing process, which is very easy and straightforward. It's essentially copy-paste licensing."
- "The feedback from some of our customers is that they weren't interested in Cisco because it was too complicated to deploy, especially in cloud-related areas."
What is our primary use case?
My company is a system integrator and we deploy Cisco NGIPS in various contexts, typically in the banking environment and in other high-level security scenarios, depending on our customer requirements.
We normally work with the most current models of Cisco products such as the Catalyst 9000 Series switches and 1000 Series routers.
What is most valuable?
The top features of Cisco NGIPS, which have been working very well, include stateful inspection and the access list-based security configuration. But from my perspective, the best part of Cisco NGIPS is the licensing process, which is very easy and straightforward. It's essentially copy-paste licensing.
The other aspect that I like is the technical support, who are highly capable. They were very good to us during the times that we used them and they tend to reply immediately to queries, even though you might not get the right engineer to help you right away. Tickets are usually assigned to junior staff at first but they do have escalation procedures, so if the support member can't solve the issue then they will immediately escalate it to higher management.
What needs improvement?
The feedback from some of our customers is that they weren't interested in Cisco because it was too complicated to deploy, especially in cloud-related areas.
Something else that our customers have commented on is that, in the current release of Cisco NGIPS that we are using, there have been some issues when they have tried to synchronize Cisco's hardware products with Cisco's management software.
If I recall correctly, the problems came from Cisco's Firepower Management software after we had proposed to our customers to use virtual machines as a cost-saving measure. After setting up the VMs, the software would start crashing, and it greatly disturbed the customers. It is possible that this was related to power issues because most of the time it would crash on power-on or power-off, but at other times it would crash due to incoming firewall traffic. I hope that in future releases, these problems will be solved.
In general, the ASA level features are working very well in Cisco products, but when it comes to the Next-Generation product, it has been somewhat unstable. To remedy this situation, Cisco needs to make the software more stable, easier to manage, and easier to update (possibly with an auto-updating mechanism). The small intricacies of the software product make the system more complicated than it needs to be for our engineers and our customers.
For how long have I used the solution?
I have used Cisco NGIPS for four years.
What do I think about the stability of the solution?
Cisco's stability issues have caused several of our customers to complain directly to the vendor, and if these issues persist into the future I will not be able to continue recommending Cisco NGIPS to our customers. In terms of cost, security, compatibility, and flexibility, there are a lot of products doing better than Cisco, so why would customers keep buying Cisco if they can get better products with more stability? Cisco has to think of their global market first and foremost and fix their issues based on their findings. In our country, Cisco has a good name because they got here first, but a lot of customers have shifted, in terms of security, to other products such as Fortinet and Palo Alto, which have their own Next-Generation firewalls.
What do I think about the scalability of the solution?
Cisco NGIPS is not that easy to scale, in my opinion. However, it can be upgraded, depending on the design. When you propose a design to customers, you have to check their expansion capability in terms of various factors such as how much time and how much employees would have to be involved.
When it comes to the VM products, some of them might not be scalable unless you upgrade your product to the latest version, in which case you have to upgrade the versions one by one. For example, your current version might 5.1 and you are aiming to upgrade to version 10.1. In this case, you would have to upgrade each intermediate version until you reach 10.1.
How are customer service and support?
Cisco's tech support is very good and it was a pleasant experience whenever we used them. They tend to reply immediately, although when it comes to the technical capability of the support you might not get an appropriately skilled engineer to help you right away. However, they do have escalation procedures such that the junior staff will escalate any unsolved issues to higher management.
How was the initial setup?
The ease of installation depends on the engineer. If they aren't trained in Cisco NGIPS or they aren't skilled enough, it's not easy to implement. You have to implement with a highly skilled engineer because it's not simple to deploy Cisco products.
We had one project where we implemented Cisco NGIPS along with a few other products and it took perhaps a week to fully deploy.
What's my experience with pricing, setup cost, and licensing?
The annual licensing tends to be expensive, but in terms of implementing the licenses, it's a very uncomplicated process and as easy as copy-paste in its straightforwardness.
Regarding the affordability of the licensing, if you buy licenses on a yearly or quarterly basis, you might not find much return on investment, but at the same time you will have a better product with regular upgrades and less network interruptions, so this has to be weighed against the costs.
What other advice do I have?
I have decided not to update our use of Cisco NGIPS unless they can solve their issues related to software stability, and thus I cannot fully recommend Cisco NGIPS to other customers at this time.
I would rate Cisco NGIPS a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Manager IT & Security at mCarbon Tech Innovations Pvt., Ltd.
Beneficial reports, good protection, and straightforward setup
Pros and Cons
- "The most valuable features of Cisco NGIPS are protection and reporting."
- "We have a separate management controller for Cisco NGIPS. If they have not done it already they should integrate Cisco NGIPS with the Cloud Portal."
What is our primary use case?
I use Cisco NGIPS as a firewall.
What is most valuable?
The most valuable features of Cisco NGIPS are protection and reporting.
What needs improvement?
We have a separate management controller for Cisco NGIPS. If they have not done it already they should integrate Cisco NGIPS with the Cloud Portal.
The solution has some bugs that sometimes take time to resolve.
For how long have I used the solution?
I have been using Cisco NGIPS for approximately two years.
What do I think about the stability of the solution?
The stability of Cisco NGIPS has been good since we have been using it.
What do I think about the scalability of the solution?
The scalability of Cisco NGIPS is good.
How are customer service and support?
Cisco has better technical support than other competitors, such as Check Point IPS or Palo Alto. Cisco has very good support, they are always ready to help their customer if there are any production issues.
Cisco NGIPS should add a technical person to the chat support. They correctly do not have a specialist. The knowledge base of the chat agent should be better.
Which solution did I use previously and why did I switch?
I have used Check Point IPS solutions.
How was the initial setup?
The implementation of Cisco NGIPS is straightforward.
What about the implementation team?
You have to do your own implementation of the Cisco NGIPS hardware, but for the configuration, Cisco support can be involved from day one. That's what I have experienced. There was some exception but I have involved the Cisco support team from day one when I started configuring my firewall.
What was our ROI?
We have seen a return on investment by using Cisco NGIPS.
What's my experience with pricing, setup cost, and licensing?
There is a license required to use Cisco NGIPS and it can be a one or three-year license.
What other advice do I have?
I would advise others to use the support from Cisco, they are helpful.
I rate Cisco NGIPS an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Solutions Architect at a outsourcing company with 1,001-5,000 employees
Beneficial documentation, overall good design, and responsive support
Pros and Cons
- "Among all the different solutions I have worked with, such as Palo Alto many other firewalls. Cisco has the support, documentation, and design. The documentation is widely available and it can help you a lot with implementation. It makes the implementation much easier."
- "What I don't like about Cisco recently is they keep changing the names, which makes it hard for customers and sometimes even us as engineers to know what is the solution they are speaking about. For example, with AMP, now they call it Secure Endpoint and I don't know if in the next couple of years they're going to change it to something else. They should keep the names the same."
What is our primary use case?
The Cisco NGIPS and IGS are used as network firewalls for IPS and IGS protection. I have both the Cisco Firepower and Cisco Meraki solutions in different customers' locations. They have the capability of the NGIPS built into it. We have different customers that they are using it. For example, on Edge, data centers, and campus networks.
What is most valuable?
Among all the different solutions I have worked with, such as Palo Alto many other firewalls. Cisco has the support, documentation, and design. The documentation is widely available and it can help you a lot with implementation. It makes the implementation much easier.
What needs improvement?
What I don't like about Cisco recently is they keep changing the names, which makes it hard for customers and sometimes even us as engineers to know what is the solution they are speaking about. For example, with AMP, now they call it Secure Endpoint and I don't know if in the next couple of years they're going to change it to something else. They should keep the names the same.
For how long have I used the solution?
I have been using Cisco NGIPS for approximately 10 years.
What do I think about the stability of the solution?
Cisco NGIPS is stable, however, it is nothing special.
What do I think about the scalability of the solution?
The scalability of Cisco NGIPS I am not too familiar with. The solution can do clustering and other operations. With the Orchestrator, I haven't worked with it yet but I hope that will help to make standard policies all run better. The most important part about scalability is how do you want to apply the same policy all around and across the different locations that you have. This is something that is not easy with any firewall unless you have a Secure Orchestrator. I don't see any issues with the scalability at this time.
How are customer service and support?
The support from Cisco NGIPS is very good.
Which solution did I use previously and why did I switch?
I have used many other solutions, such as Palo Alto.
What's my experience with pricing, setup cost, and licensing?
I would rate the price of Cisco NGIPS a three out of five.
They are very expensive in some places and not reasonable at times for many customers. I have had customers choose another solution because of the high price.
What other advice do I have?
When speaking about the features of Cisco NGIPS, what makes the feature good is dependent on what the customer likes and the skillset that they have. I cannot say what is the best feature because it depends on the use case.
There are times I see customers spend a lot of money on something which they really don't use. Whether this solution is good or not depends on what exactly the customer wants to implement and protect. They should pick the right solution with the skillset that they have.
I rate Cisco NGIPS nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network Security Engineer at New Era Technology
Has great security intelligence features
Pros and Cons
- "I like the security solutions from Cisco."
- "There are certain limitations that need to be addressed."
What is our primary use case?
People still aggregate these functions. We have files that only serve the purpose of NextGen NGIPS. They have no rules that just allow pure source running and execution. We need regular firewall protection with NetGen. It's nice because we can lease both firewall and IPS system functions. We have both running on the network.
What is most valuable?
Apex IPaaS functions itself. You can create an intrusion rule that can be used for blocking purposes.
I like the security solutions from Cisco. They don't only give you the IPS itself, but you also have another database and other applications.
They also have the security intelligence feature. This is one of the first software lines. This brings you the URLs, IPs, etc. This is even before the access control.
What needs improvement?
There are certain limitations that need to be addressed.
For how long have I used the solution?
I have been using the Cisco NGIPS for two years.
How are customer service and support?
Cisco support is very good.
How would you rate customer service and support?
Positive
What other advice do I have?
For the time being, I never received a complaint about a policy, but this may happen in the future. This can be due to consistent integration.
They filter even between different companies and stuff and cloud providers and I've never received any complaints about the speed.
Overall, I rate the solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: May 16, 2024
Flag as inappropriateBuyer's Guide
Download our free Cisco Secure IPS (NGIPS) Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Intrusion Detection and Prevention Software (IDPS)Popular Comparisons
KerioControl
Palo Alto Networks Advanced Threat Prevention
Trend Micro TippingPoint Threat Protection System
Check Point IPS
Fortinet FortiGate IPS
Cisco Sourcefire SNORT
Trellix Intrusion Prevention System
Gatewatcher
Hillstone S-Series Network Intrusion Prevention System
Buyer's Guide
Download our free Cisco Secure IPS (NGIPS) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- When evaluating Intrusion Detection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- What product do you recommend for a Campus IPS appliance implementation?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which alternative solutions (other than Darktrace) do you recommend for an SMB?
- Which is the best intrusion detection and prevention solution?
- What is the best IDPS security tool and why?
- What is Cognitive Cybersecurity and what is it used for?