Cisco Secure IPS (NGIPS) Reviews

The Cisco NGIPS and IGS are used as network firewalls for IPS and IGS protection. I have both the Cisco Firepower and Cisco Meraki solutions in different customers' locations. They have the capability of the NGIPS built into it. We have different customers that they are using it. For example, on Edge, data centers, and campus networks.

Among all the different solutions I have worked with, such as Palo Alto many other firewalls. Cisco has the support, documentation, and design. The documentation is widely available and it can help you a lot with implementation. It makes the implementation much easier.

What I don't like about Cisco recently is they keep changing the names, which makes it hard for customers and sometimes even us as engineers to know what is the solution they are speaking about. For example, with AMP, now they call it Secure Endpoint and I don't know if in the next couple of years they're going to change it to something else. They should keep the names the same.

I have been using Cisco NGIPS for approximately 10 years.

Cisco NGIPS is stable, however, it is nothing special.

The scalability of Cisco NGIPS I am not too familiar with. The solution can do clustering and other operations. With the Orchestrator, I haven't worked with it yet but I hope that will help to make standard policies all run better. The most important part about scalability is how do you want to apply the same policy all around and across the different locations that you have. This is something that is not easy with any firewall unless you have a Secure Orchestrator. I don't see any issues with the scalability at this time.

The support from Cisco NGIPS is very good.

I have used many other solutions, such as Palo Alto.

I would rate the price of Cisco NGIPS a three out of five.

They are very expensive in some places and not reasonable at times for many customers. I have had customers choose another solution because of the high price.

When speaking about the features of Cisco NGIPS, what makes the feature good is dependent on what the customer likes and the skillset that they have. I cannot say what is the best feature because it depends on the use case.

There are times I see customers spend a lot of money on something which they really don't use. Whether this solution is good or not depends on what exactly the customer wants to implement and protect. They should pick the right solution with the skillset that they have.

I rate Cisco NGIPS nine out of ten.

People still aggregate these functions. We have files that only serve the purpose of NextGen NGIPS.  They have no rules that just allow pure source running and execution. We need regular firewall protection with NetGen. It's nice because we can lease both firewall and IPS system functions. We have both running on the network.

Apex IPaaS functions itself. You can create an intrusion rule that can be used for blocking purposes.

I like the security solutions from Cisco. They don't only give you the IPS itself, but you also have another database and other applications. 

They also have the security intelligence feature. This is one of the first software lines. This brings you the URLs, IPs, etc. This is even before the access control.

There are certain limitations that need to be addressed. 

I have been using the Cisco NGIPS for two years. 

Cisco support is very good. 

Positive

For the time being, I never received a complaint about a policy, but this may happen in the future. This can be due to consistent integration. 

They filter even between different companies and stuff and cloud providers and I've never received any complaints about the speed.

Overall, I rate the solution an eight out of ten. 

I am currently working with Cisco NGIPS at home as an IPS device, so I can see what's hitting the firewall and look at the logs. I'm using it as a learning environment. 

The IPS functionality is useful if you have offices all over the place. It's nice to have centralized management instead of going to a separate ASA or FirePOWER device. 

The biggest problem with most Cisco products is that the interface is lagging behind the competition. The user interface could be updated and improved.

Cisco NGIPS is stable. 

Cisco NGIPS is highly scalable. We use it to cover 15 offices.

It requires some background in IPS and IT security to fully understand it, so it is somewhat complex to deploy.

I rate Cisco NGIPS eight out of 10. 

It detects attacks from malicious intrusions and malicious activity before they happen.

This solution has helped improve productivity and detect attacks before they happen.

Signature rules from the Snort community around the world.

• I would like to see better integration with SIEMs. 
• Better rule building using other tools, like LuaH and Python.
• Better performance.
• Better intelligence gathering in domains, the main URLs, and endpoint solutions.

It's very reliable. We really like the product and will be staying with the product a while.

At this point in time, it's making it a little bit difficult to scale due to the company, as the vendor is making some changes. We are waiting to see if the product is scalable or not. 

Rating the technical support from one to five (where five is high), I would rate them as a two. I find them to be very bad.

This was originally a Snort product, which was open source. So, there is a community for it worldwide.

We used ISS from IBM in the past, but it was causing many issues and was dropping packets. It was not an ideal solution, so we moved to Sourcefire FirePower NGIPS.

The initial setup is easy because I am very familiar with the product.

We buy the licensing on a yearly basis, when we renew our contract. It is around $14,000.

McAfee and Palo Alto were on our shortlist.

The product is a ten because it is the only product in the market like this.

In my company, the solution is used as a platform for cybersecurity. The product offers protection from malware. In general, the solution offers protection to our company's internal network.

The product's benefits experienced by the company stem from the fact that the solution provides keep abilities that help users see what is happening in their network. The solution also provides alerts.

My company does not use the URL filtering capabilities offered by Cisco NGIPS. My company prefers to use the URL filtering feature offered by a brand other than Cisco since other tools provide an easier way to use the functionality.

I wanted to look into the other products offered in the market because Cisco NGIPS is expensive. The product's high price is an area of concern where improvements are required.

I have been using Cisco NGIPS for eight years. My company has a partnership with Cisco. I am also a user of the product. My company operates as a reseller of Cisco products.

I don't remember seeing any crashes when using the solution. The product has been very stable in our company.

The scalability offered by the product is fine. My company has not faced any problems with the scalability feature. The solution is deployed in three of our company's data centers.

The first call that I had with the product's technical team was not good since it took time to provide an explanation to get the right engineer to help us with our problems. Once the user gets connected with the right engineer, the support offered is very good.

I rate the technical support a seven out of ten.

Neutral

I have experience with Fortinet. I don't remember the name of one of the solutions that I had used in the past.

The product's initial setup phase was easy.

I rate the product's initial setup phase a nine on a scale of one to ten, where one means a difficult process, and ten means that it is an easy process.

The solution is deployed on an on-premises model.

The solution can be deployed in a couple of weeks. We take care of the testing phase in our company before installing the solution only when the signatures are updated in our environment, which takes around a time frame of less than two weeks.

Around three or four engineers take care of the product's installation phase.

My company purchases professional services from Cisco's partner to take care of the installation phase.

Cisco NGIPS is an expensive product.

I have compared Fortinet FortiGate IPS against Cisco NGIPS.

With Cisco NGIPS, the rate of false positives is very low.

I would tell those who plan to use Cisco NGIPS that it is a good solution, but if they have budget constraints, they should explore the other brands in the market.

I rate the tool an eight out of ten.

Some of our customers are having DDOS attacks and ransomware attacks.

Earlier in July 2019, I noted that there was an attack. To mitigate future attacks from the ransomware in Columbia Bank and other similar situations, we at Cisco Talent, which is responsible for security intelligence, provided updated security rules. We offered intrusion policies and codes through signatures to help overcome such situations.

It's a good solution.

The solution is not that bad. Next-generation firewalls work from my experience, they work. 

The URL filtering feature and the new locations feature are both valuable additions to the solution.

While the Management GUI and FMC could be improved, the devices themselves function well.

I have been using Cisco NGIPS for more than five years.

I provided support for version 6.4, but in our company, we do have Firepower version 7.0.

Cisco NGIPS is a stable solution.

Cisco has great support.

I would rate Cisco NGIPS an eight out of ten.

The way we use it in my company is just for a basic firewall.

It's a next-generation firewall. You can integrate it with external systems, like Cisco Talos, Cisco Umbrella, all these things. You can do threat detection, threat prevention. You can integrate with your active directory. It can block traffic based on the user or user group.

I use the product mainly for follow-up. I would say the most important is the integration with our directory services, the user directory services. We can block or allow traffic based on the specific users or specific user groups.

There are other features such as the connection with the intelligence systems such as Talos on Cisco. You can do zero-day prevention and detection. It's quite useful.

The solution is stable and the performance is good. 

My understanding is that the initial setup is simple. 

I'd like to see some cloud management. Cisco maybe already has it, however, my company doesn't use it as cloud management. That said, it would be great to manage your device through the cloud instead of managing through a server on-premise.

I've only used the solution for two months. It hasn't been that long just yet.

The product has been stable. Cisco is quite stable as a product. It doesn't crash or freeze. It's reliable. There are no bugs or glitches.

I can't really speak to the scalability of the solution as I haven't used it for long enough.

Due to the fact that all the traffic passes through the firewalls, I would say 500 people or maybe more use the solution in our organization.

Cisco technical support is great. They are helpful and responsive. We are very happy with their capabilities. 

I'm also aware of Palo Alto, which in many ways is a more solid product. We used it in my previous company as it was more mature and much simpler to use in comparison to Cisco. 

While I didn't set it up, my understanding is the implementation is straightforward. You read the documentation. It's this continuation from the old Cisco ASAs. People have used it for many years. Cisco's quite easy to set it up and keep up and running. You just need to add things on top of it, however, it's all quite easy. I have done an installation of the previous Cisco firewall. It's really straightforward. The upgrade is quite simple as well.

We have three technical personnel that can handle deployment and maintenance. We have to cover the whole globe, so we have three people on to handle everything 24/7.

You do need to pay a licensing fee. If you want the additional features, like prevention or integration with extended intelligence systems, you need to pay additional licenses.

I'm not sure which version of the solution we're using. It might be 6.4. It's likely whatever that latest version is.

I would recommend Cisco, however, I do find Palo Alto to be a good product as well, and in some ways more solid. 

I'd rate the solution at a nine out of ten. 

It is our main firewall. We use it for reporting and for firewall purposes to block unwanted inputs and outputs.

Its ease of use and its ability to block and allow ports in and out of our organization are the most valuable features.

It works very well. It gives us all the information that we need.

We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. 

Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower.

I have been using this solution for two years.

It has been very stable. I don't think it has gone down at all in two years.

It is very scalable. In terms of the number of users, we have 26,000 students and 3,500 staff members. Everybody in our organization goes through it and takes advantage of it on our system. We have about five people who are managing it, and they are from the network group, infrastructure group, and storage group.

We did have some engagement with the technical support people regarding the integration with Nexus Switches, and they were very good. They helped us out quite a bit.

We were using Cisco ASAs. They were going out of service. They were going out of sale and support. So, we decided to move to Firepower. We wanted to go to the Next-Gen IPS type of stuff, and ASAs didn't have that kind of feature set.

It was quite complex. It required some workarounds with other network components in our system. It could have been a lot less complicated. Nexus Switches that we had were a little bit older, and they didn't integrate as well with Firepower as they could have. So, we ended up having to buy some new switches. 

The deployment pretty much took about three weeks. It involved moving all of our stuff from our old firewall onto the new one. Rules were a little different, so we had to work on it for a while. Fortunately, we could run them in parallel, so it worked out okay.

We did it in-house.

It has definitely given us our return on the investment.

It is expensive. It has separate licensing for all the features, and every feature set seems to require another license.

Licensing is on a yearly basis. There are no additional costs besides the standard licensing fee.

I would advise others to make sure that the rest of their equipment is completely compatible with the newest Firepowers.

I would rate Cisco NGIPS an eight out of ten. It gives us all the information that we need. We've got to dig for it sometimes, but it is a good product.