Cisco Secure IPS (NGIPS) Reviews

We have NGIPS deployed at the edge and use it to filter the point of presence to the Internet or other offices.

NGIPS lets you map web requests to a specific user to determine who is downloading files and what they are accessing. You can use it to identify users downloading malware or track time wasters using Facebook or something like that. It gives you visibility into what your users are doing on the Internet. 

The price is a little high. It's hard to find solutions that are easy on the budget and strike a balance between affordability and features.

I have used NGIPS since 2015.

NGIPS is quite stable. 

NGIPS is scalable. It has well-defined stacks for how much traffic it can handle. You can fully inspect traffic or use SSL decryption.

I rate Cisco support 10 out of 10. We get everything we need from them. 

Positive

I rate NGIPS nine out of 10 for ease of setup. The process was smooth and straightforward. After deployment, it requires some maintenance like updates and creating or changing the policies. We have more than a hundred policy categories now. 

We had help from professional services.

I rate Cisco NGIPS nine out of 10. We always find stuff that could be done better or that we want more of. For example, we've had some issues creating specific rules, and it's challenging to create exceptions or tweak the rules as your business evolves. It's tricky to order the rules to follow the business policies you want. You have to balance security with getting work done. You need to watch how many rules you make because you can get overwhelmed.

Cisco NGIPS offers defense mechanism and intrusion prevention for your environment. 

I like the way the tool pushes the packets from the node level. 

Cisco NGIPS' performance could be better. 

I have been working with the product for 24 years. 

Cisco NGIPS is stable. 

The tool is scalable. My company has over 2000  users for the product. 

The tool's deployment is not straightforward. You need a technical and competent person to do it. A four to five-member technical team can handle its deployment and maintenance. 

The tool's ROI is good. 

The tool's licensing costs are yearly. 

I rate Cisco NGIPS a ten out of ten. 

We use the solution for cybersecurity purposes. The tool helps us to identify anomalies that come from internal or external networks. 

The attack patterns and payloads go undetected in Cisco. We would like to see a new solution with more effective detection of attack patterns. There should be more data analyzing patterns as well which provides useful information. 

I have been using the product for two years. 

I would rate the solution's stability an eight out of ten. 

The tool's scalability is not an issue. We have a lot of people using the product even in our subsidiaries. We have a couple of thousand users for the solution.

We have residence engineers for support. We mainly use level two support. Cisco's support in the local region is up to the level. However, we have issue with country-level support.  

I use Darktrace simultaneously. 

The product's setup was smooth and easy. The implementation was not a big deal and took two weeks to complete.

A Cisco consultant helped us with the tool's implementation. They were competent, helpful, and confident. 

We get cut in price since we use other Cisco products. We have the whole bundle of Cisco solutions. 

I would rate the product a six out of ten. The solution is easy to maintain. We are looking for a solution that is powered by AI which gives enhanced protection and detection. 

I am currently working with Cisco NGIPS at home as an IPS device, so I can see what's hitting the firewall and look at the logs. I'm using it as a learning environment. 

The IPS functionality is useful if you have offices all over the place. It's nice to have centralized management instead of going to a separate ASA or FirePOWER device. 

The biggest problem with most Cisco products is that the interface is lagging behind the competition. The user interface could be updated and improved.

Cisco NGIPS is stable. 

Cisco NGIPS is highly scalable. We use it to cover 15 offices.

It requires some background in IPS and IT security to fully understand it, so it is somewhat complex to deploy.

I rate Cisco NGIPS eight out of 10. 

We predominantly use this solution to place the perimeter on the firewall, which helps us filter out inbound and outbound traffic.

Cisco is tightly engaged with threat defence called Talos, which has more threat intelligence. In addition, they are dedicated to working on updating their IPS signatures.

We have been using this solution for almost five years. It is deployed both on-premises and cloud, and we are using the latest version, Cisco 12.X.

It is a stable solution.

It is a scalable solution. We have over 100 clients.

The technical support is sound and clear.

The initial setup is pretty straightforward, and it's like a plug-and-play. The graphical user interface is understandable, and their documentations are clear. In addition, they have an SOP document that can be used as a guide.

There is an annual licensing cost. It is not a cheap solution, but it's cost-effective. Aside from costs, Cisco NGIPS provides great security. Cisco is providing more discounts to its end customers to survive in the security market.

I rate this solution a ten out of ten. I would recommend this solution. When you compare Cisco NGIPS to other solutions, it is salable and technically sound. Other solutions have very limited services and threat intelligence.

Regarding additional features, they should speed up their technology to the market because, compared with other security vendors, Cisco is a little behind on the Gartner and technical front. In addition, the integration can be more secure.

It's a cheap way of terminating internet circuits so that you don't use expensive routers.

It's mainly deployed on-premises.

The cost is the most valuable feature.

The GUI could be improved. The pain point is really only focused toward the security engineer who configures it and the operation engineer who manages it. Those are the guys that have the pain points because the GUI is so bad.

I have been using this solution for two years.

It's stable.

It's not scalable on a single device. If you need to scale up, you have to buy another one.

For any of these devices, this is the irritating part. A customer comes to me and says, "I need a gig of internet access at a location." If I see a Firepower that handles up to a gig, I'm not buying it because I can't scale. If the customer comes back to me six months later and says, "We're packing that gig, and I need two gigs," then he's going to get angry at me for undersizing his firewall, so I need to go to a four gig model. 

If I absolutely need to lock down somebody's network in the most secure manner, I'm going to use Palo Alto.

The initial setup was extremely complex for a firewall that did nothing but accept traffic and filter it. It provides IPS, IDS, and it provides URL filtering, which isn't as good. The categorization leaves a bit to be desired. That leaves you to do extensive whitelist blacklisting.

I would rate the ROI 2 out of 5. You have to take into account the number of hours you pay an engineer to set it up and the number of hours you have to pay an engineer to manage it. You're spending more money on engineering and less money on a firewall. So, your return on investment is going to take significantly longer than with a competitor.

I would rate the pricing 4 out of 5.

I would rate this solution 4 out of 10.

Take into account how long it's going to take you to perfect the configuration and how long it's going to take you to find a problem before you buy this product.

Some of our customers are having DDOS attacks and ransomware attacks.

Earlier in July 2019, I noted that there was an attack. To mitigate future attacks from the ransomware in Columbia Bank and other similar situations, we at Cisco Talent, which is responsible for security intelligence, provided updated security rules. We offered intrusion policies and codes through signatures to help overcome such situations.

It's a good solution.

The solution is not that bad. Next-generation firewalls work from my experience, they work. 

The URL filtering feature and the new locations feature are both valuable additions to the solution.

While the Management GUI and FMC could be improved, the devices themselves function well.

I have been using Cisco NGIPS for more than five years.

I provided support for version 6.4, but in our company, we do have Firepower version 7.0.

Cisco NGIPS is a stable solution.

Cisco has great support.

I would rate Cisco NGIPS an eight out of ten.

I primarily use NGIPS as perimeter security firewall devices to filter traffic.

NGIPS' best feature is the separate IPSec tunnels, which makes the user's data more secure if they want to access it privately.

NGIPS' GUI interface could be improved and made more user-friendly, especially in comparison to Palo Alto's Next-Generation Firewall.

I've been using NGIPS for around five years.

The initial setup is complex and requires someone with a background in firewalls to set it up. Inexperienced users will find it very difficult to set up. For experienced users, deployment will take around forty-five minutes. I would rate the setup process five out of ten.

NGIPS is expensive.

I would recommend NGIPS to other users, but only as a second choice behind Palo Alto. I would give NGIPS a rating of eight out of ten.