Cisco Secure IPS (NGIPS) Reviews

Cisco NGIPS offers defense mechanism and intrusion prevention for your environment. 

I like the way the tool pushes the packets from the node level. 

Cisco NGIPS' performance could be better. 

I have been working with the product for 24 years. 

Cisco NGIPS is stable. 

The tool is scalable. My company has over 2000  users for the product. 

The tool's deployment is not straightforward. You need a technical and competent person to do it. A four to five-member technical team can handle its deployment and maintenance. 

The tool's ROI is good. 

The tool's licensing costs are yearly. 

I rate Cisco NGIPS a ten out of ten. 

We use it at the end and the center as the core and apply a lot of policies to the firewall.

Using Cisco Firepower has helped us.

We like the Cisco product, the concept, and the tech intelligence. We are much more comfortable with Cisco products. It's a reputable organization, and we trust the products.

The next Cisco NGIPS release should include more features for production ideas and more intelligence for IDS and IPS features.

We have been using this solution for two years. 

We initially had some difficulty loading pages due to certain rules regarding performance and stability. On some websites, we had to click more than once. These issues were quite easy to fix.

Regarding scalability, the solution is not that good.

They're nice people. We don't have any issues with them. They are quick to respond, but sometimes it takes time to solve the issues.

Positive

We previously used Check Point and Cyberoam. We switched because the license expired.

We initially had some difficulties, but now we have no problems.

A Cisco vendor in Nepal helped us configure the product properly. We didn't have a strategy. The vendors supported us from the very beginning. After working with them, we had no problem using the product.

It took almost a month and a half to install the system.

I would rate our ROI as eight out of 10, with 10 being the highest ROI.

Cisco NGIPS licensing is yearly. 

I would rate the pricing four out of 10, one being very expensive and 10 very cheap. 

I would give Cisco NGIPS an overall rating of eight out of 10, 10 being the best.

We have a department of almost 50 people in our company using Cisco NGIPS. 

We have 10 people to maintain the product.

We want to cover all the systems and networks of our organization. 

I use Cisco NGIPS as a firewall.

The most valuable features of Cisco NGIPS are protection and reporting.

We have a separate management controller for Cisco NGIPS. If they have not done it already they should integrate Cisco NGIPS with the Cloud Portal.

The solution has some bugs that sometimes take time to resolve.

I have been using Cisco NGIPS for approximately two years.

The stability of Cisco NGIPS has been good since we have been using it.

The scalability of Cisco NGIPS is good.

Cisco has better technical support than other competitors, such as Check Point IPS or Palo Alto. Cisco has very good support, they are always ready to help their customer if there are any production issues.

Cisco NGIPS should add a technical person to the chat support. They correctly do not have a specialist. The knowledge base of the chat agent should be better.

I have used Check Point IPS solutions.

The implementation of Cisco NGIPS is straightforward.

You have to do your own implementation of the Cisco NGIPS hardware, but for the configuration, Cisco support can be involved from day one. That's what I have experienced. There was some exception but I have involved the Cisco support team from day one when I started configuring my firewall.

We have seen a return on investment by using Cisco NGIPS.

There is a license required to use Cisco NGIPS and it can be a one or three-year license.

I would advise others to use the support from Cisco, they are helpful.

I rate Cisco NGIPS an eight out of ten.

The Cisco NGIPS and IGS are used as network firewalls for IPS and IGS protection. I have both the Cisco Firepower and Cisco Meraki solutions in different customers' locations. They have the capability of the NGIPS built into it. We have different customers that they are using it. For example, on Edge, data centers, and campus networks.

Among all the different solutions I have worked with, such as Palo Alto many other firewalls. Cisco has the support, documentation, and design. The documentation is widely available and it can help you a lot with implementation. It makes the implementation much easier.

What I don't like about Cisco recently is they keep changing the names, which makes it hard for customers and sometimes even us as engineers to know what is the solution they are speaking about. For example, with AMP, now they call it Secure Endpoint and I don't know if in the next couple of years they're going to change it to something else. They should keep the names the same.

I have been using Cisco NGIPS for approximately 10 years.

Cisco NGIPS is stable, however, it is nothing special.

The scalability of Cisco NGIPS I am not too familiar with. The solution can do clustering and other operations. With the Orchestrator, I haven't worked with it yet but I hope that will help to make standard policies all run better. The most important part about scalability is how do you want to apply the same policy all around and across the different locations that you have. This is something that is not easy with any firewall unless you have a Secure Orchestrator. I don't see any issues with the scalability at this time.

The support from Cisco NGIPS is very good.

I have used many other solutions, such as Palo Alto.

I would rate the price of Cisco NGIPS a three out of five.

They are very expensive in some places and not reasonable at times for many customers. I have had customers choose another solution because of the high price.

When speaking about the features of Cisco NGIPS, what makes the feature good is dependent on what the customer likes and the skillset that they have. I cannot say what is the best feature because it depends on the use case.

There are times I see customers spend a lot of money on something which they really don't use. Whether this solution is good or not depends on what exactly the customer wants to implement and protect. They should pick the right solution with the skillset that they have.

I rate Cisco NGIPS nine out of ten.

People still aggregate these functions. We have files that only serve the purpose of NextGen NGIPS.  They have no rules that just allow pure source running and execution. We need regular firewall protection with NetGen. It's nice because we can lease both firewall and IPS system functions. We have both running on the network.

Apex IPaaS functions itself. You can create an intrusion rule that can be used for blocking purposes.

I like the security solutions from Cisco. They don't only give you the IPS itself, but you also have another database and other applications. 

They also have the security intelligence feature. This is one of the first software lines. This brings you the URLs, IPs, etc. This is even before the access control.

There are certain limitations that need to be addressed. 

I have been using the Cisco NGIPS for two years. 

Cisco support is very good. 

Positive

For the time being, I never received a complaint about a policy, but this may happen in the future. This can be due to consistent integration. 

They filter even between different companies and stuff and cloud providers and I've never received any complaints about the speed.

Overall, I rate the solution an eight out of ten. 

In my company, the solution is used as a platform for cybersecurity. The product offers protection from malware. In general, the solution offers protection to our company's internal network.

The product's benefits experienced by the company stem from the fact that the solution provides keep abilities that help users see what is happening in their network. The solution also provides alerts.

My company does not use the URL filtering capabilities offered by Cisco NGIPS. My company prefers to use the URL filtering feature offered by a brand other than Cisco since other tools provide an easier way to use the functionality.

I wanted to look into the other products offered in the market because Cisco NGIPS is expensive. The product's high price is an area of concern where improvements are required.

I have been using Cisco NGIPS for eight years. My company has a partnership with Cisco. I am also a user of the product. My company operates as a reseller of Cisco products.

I don't remember seeing any crashes when using the solution. The product has been very stable in our company.

The scalability offered by the product is fine. My company has not faced any problems with the scalability feature. The solution is deployed in three of our company's data centers.

The first call that I had with the product's technical team was not good since it took time to provide an explanation to get the right engineer to help us with our problems. Once the user gets connected with the right engineer, the support offered is very good.

I rate the technical support a seven out of ten.

Neutral

I have experience with Fortinet. I don't remember the name of one of the solutions that I had used in the past.

The product's initial setup phase was easy.

I rate the product's initial setup phase a nine on a scale of one to ten, where one means a difficult process, and ten means that it is an easy process.

The solution is deployed on an on-premises model.

The solution can be deployed in a couple of weeks. We take care of the testing phase in our company before installing the solution only when the signatures are updated in our environment, which takes around a time frame of less than two weeks.

Around three or four engineers take care of the product's installation phase.

My company purchases professional services from Cisco's partner to take care of the installation phase.

Cisco NGIPS is an expensive product.

I have compared Fortinet FortiGate IPS against Cisco NGIPS.

With Cisco NGIPS, the rate of false positives is very low.

I would tell those who plan to use Cisco NGIPS that it is a good solution, but if they have budget constraints, they should explore the other brands in the market.

I rate the tool an eight out of ten.

The primary use case is for intrusion prevention. We install the solution between the firewall and the call switches.

The most valuable features are the intrusion detection ones. We channel the intrusion engine to create a policy of prevention. We only use this solution for intrusion prevention, not as a firewall.

There is room for improvement in the policy documentation. It gets confusing trying to understand what all of the policies mean. We need clear documentation explaining what each policy does.

For the Cisco STD, if we lose the connection with the SMC and STD, we can only assist with the STD via the CLI, so we can only do some troubleshooting. I think this is an area that needs improvement. In terms of the architecture, it needs to be more comfortable to change our own managed STD via the UI even if SMC is not available.

The technical support has room for improvement.

I have been using the solution for six years.

Some of the engineers within Cisco's tech support are knowledgeable and others are not. Sometimes we have to go back and forth for a week to get an answer.

Neutral

The initial setup is not complex; we only need to define the IP address and add the SMC IP. Both STD and SMC have the capability of SDM. Also if we don't have SMC, we mainly require the anti-SDM in UI. However, after we enroll the Cisco file from the SMC, we can no longer manage the STD from there. Therefore, it is very difficult to roll back if there is a connection loss between the STD and SMC, as SMC cannot manage the STD via the UI. In comparison, if there is a connection loss between Palo Alto Panorama, we can simply lock it with Palo Alto following the file and do some configuration. 

I give the solution a seven out of ten.

Some of our customers are having DDOS attacks and ransomware attacks.

Earlier in July 2019, I noted that there was an attack. To mitigate future attacks from the ransomware in Columbia Bank and other similar situations, we at Cisco Talent, which is responsible for security intelligence, provided updated security rules. We offered intrusion policies and codes through signatures to help overcome such situations.

It's a good solution.

The solution is not that bad. Next-generation firewalls work from my experience, they work. 

The URL filtering feature and the new locations feature are both valuable additions to the solution.

While the Management GUI and FMC could be improved, the devices themselves function well.

I have been using Cisco NGIPS for more than five years.

I provided support for version 6.4, but in our company, we do have Firepower version 7.0.

Cisco NGIPS is a stable solution.

Cisco has great support.

I would rate Cisco NGIPS an eight out of ten.