Cisco Secure IPS (NGIPS) Reviews

It is our main firewall. We use it for reporting and for firewall purposes to block unwanted inputs and outputs.

Its ease of use and its ability to block and allow ports in and out of our organization are the most valuable features.

It works very well. It gives us all the information that we need.

We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. 

Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower.

I have been using this solution for two years.

It has been very stable. I don't think it has gone down at all in two years.

It is very scalable. In terms of the number of users, we have 26,000 students and 3,500 staff members. Everybody in our organization goes through it and takes advantage of it on our system. We have about five people who are managing it, and they are from the network group, infrastructure group, and storage group.

We did have some engagement with the technical support people regarding the integration with Nexus Switches, and they were very good. They helped us out quite a bit.

We were using Cisco ASAs. They were going out of service. They were going out of sale and support. So, we decided to move to Firepower. We wanted to go to the Next-Gen IPS type of stuff, and ASAs didn't have that kind of feature set.

It was quite complex. It required some workarounds with other network components in our system. It could have been a lot less complicated. Nexus Switches that we had were a little bit older, and they didn't integrate as well with Firepower as they could have. So, we ended up having to buy some new switches. 

The deployment pretty much took about three weeks. It involved moving all of our stuff from our old firewall onto the new one. Rules were a little different, so we had to work on it for a while. Fortunately, we could run them in parallel, so it worked out okay.

We did it in-house.

It has definitely given us our return on the investment.

It is expensive. It has separate licensing for all the features, and every feature set seems to require another license.

Licensing is on a yearly basis. There are no additional costs besides the standard licensing fee.

I would advise others to make sure that the rest of their equipment is completely compatible with the newest Firepowers.

I would rate Cisco NGIPS an eight out of ten. It gives us all the information that we need. We've got to dig for it sometimes, but it is a good product.

We use the solution for traffic filtering, security, and antivirus capabilities.

I have found the filter and the antivirus to be most valuable.

The user interface needs some improvement, it is a little rudimentary and not very intuitive. If you are not very technical inclined you may need to be assisted or might struggle to set it up.

The newer version tends to use a lot of system resources. For example, your processor and RAM.

I have been using the solution for approximately four years.

The solution is stable and reliable, it does the job well.

The scalability is excellent, they can support a large environment. However, a large size organization will need its own dedicated appliance.

The customer support is very good.

We have used and still use Darktrace. We do not use it to replace Cisco's NGIPS solution but we use it predominantly as an in-network snooper.

The installation is complex.

We used an in-house team to do the deployment and it takes roughly a day and a half depending on the size of your organization and the configuration. Setting up the rules, all the features, and the licensing takes time.

To do the maintenance you need somebody familiar with Cisco and networking technologies.

By using this solution we have received a return on our investment. 

Cisco products are not cheap and this solution is no different. However, the price of all of the Firepower is part of a bundle when you buy the actual firewall, the Cisco firewall. It is part of the whole bundle package, but Firepower IPS itself has its own costs.

We are on a yearly license and the price depends on the environment, we pay approximately $33,000. The solution has additional components, and each one of the components cost extra.

For those wanting to implement this solution, I was advice before deploying the solution, understand exactly what you want it to do for you. The product has a couple of different capabilities, do you want to expand, or you may not want to expand. These are scenarios that you have to take into account. I would not recommend the solution for small organizations, it would be too time-consuming for that.

I rate Cisco NGIPS an eight out of ten.

We have a Cisco ASA firewall, which is like a standard firewall. We upgraded to Firepower Threat Defense, and it is like a next-generation capability, like NGIPS and NGAV, and has that kind of functionality. It also improves network security and threat defence.

It has helped to improve our cybersecurity and our network security posture.

The FTD has a GUI interface, which is very easy to work around with all the configurations. It is a client-based software based on Java. Now we have the GUI web interface, and it's very interactive and easy to navigate.

Cisco NGIPS runs the backend as a Snort engine, so it is like they customize it with Cisco. So they need to have an engine for threat defence.

We have been using this solution for two years and are using version 9.6. It is deployed on-premises.

It is a stable solution.

It is scalable. NGIPS is based on our user base, so we have around 2000 users. We require two network and security administrators for deployment and maintenance. We do not plan to increase usage because we have already upgraded.

I rate the technical support a ten out of ten.

Positive

We updated from Cisco ASA to NGIPS FTD.

The initial setup is a bit complex because it requires a lot of configuration, firewall and zoning. The deployment was done in-house. We just purchased a box and installed it on our own.

We have seen a return on investment in improving security and defending the threats in our network.

I do not have details about the licensing costs. It has a user-based license and a different model license because it is modular software.

I rate this solution an eight out of ten. From a recommendation perspective, before deploying the NGIPS solution, you need to work with your internal environment. It can minimize the load on the NGIPS, so you should do your IPS signature before moving to production.

It should have a network and content processor and a security process for additional features. Other OEMs have these capabilities to enhance the throughput and performance.

We use it at the end and the center as the core and apply a lot of policies to the firewall.

Using Cisco Firepower has helped us.

We like the Cisco product, the concept, and the tech intelligence. We are much more comfortable with Cisco products. It's a reputable organization, and we trust the products.

The next Cisco NGIPS release should include more features for production ideas and more intelligence for IDS and IPS features.

We have been using this solution for two years. 

We initially had some difficulty loading pages due to certain rules regarding performance and stability. On some websites, we had to click more than once. These issues were quite easy to fix.

Regarding scalability, the solution is not that good.

They're nice people. We don't have any issues with them. They are quick to respond, but sometimes it takes time to solve the issues.

Positive

We previously used Check Point and Cyberoam. We switched because the license expired.

We initially had some difficulties, but now we have no problems.

A Cisco vendor in Nepal helped us configure the product properly. We didn't have a strategy. The vendors supported us from the very beginning. After working with them, we had no problem using the product.

It took almost a month and a half to install the system.

I would rate our ROI as eight out of 10, with 10 being the highest ROI.

Cisco NGIPS licensing is yearly. 

I would rate the pricing four out of 10, one being very expensive and 10 very cheap. 

I would give Cisco NGIPS an overall rating of eight out of 10, 10 being the best.

We have a department of almost 50 people in our company using Cisco NGIPS. 

We have 10 people to maintain the product.

We want to cover all the systems and networks of our organization. 

The thing about this solution that I like the most is that it's intuitive. The other features I like are the good support chain and ease of use.

My opinion is that this solution should improve the pricing.

I have been using this solution for about two years.

I would rate the technical support of this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

Positive

I would rate the pricing of this solution a seven, on a scale from one to 10, with one being the worst and 10 being the best.

Customers who are trying to replace their internal firewall with good visibility at the application-level content level use Cisco NGIPS. It has the ability to do packet inspection and the customer can check their users while they're searching the web and going to different websites. Cisco NGIPS has the ability to connect to your firewall with advanced intrusion prevention.  

The most valuable feature of Cisco NGIPS is the centralized user interface. You have the ability to quickly push out configurations across your environment using the Cisco UI. It's a powerful capability of that solution.

Cisco NGIPS could improve its ability to do SSL inspections. Sometimes the ability to do SSL inspection is not scalable and you might not be able to get the installment required if you don't size the right hardware.

I have been using Cisco NGIPS for approximately five years.

Cisco NGIPS is stable, but I there is more that can be done.

Cisco is particularly strong when it comes to firewalls and the IPS, IBS, or next-generation firewalls. When I was working as a system architect we went from Cisco to Palo Alto or Fortinet. I don't know if they've made some recent improvements or maybe it's in the roadmap, but I would say there's still room for improvement with Cisco security appliances.

Cisco NGIPS is scalable. However, the cost to the customer is always high, because it's still a hardware base. After the resource cycle of three or five years, you have to replace them. From that perspective, they are not the greatest solution out there.

Our networking team of approximately 50 people that are mostly using this solution in my organization.

The support from Cisco NGIPS is good.

The initial setup of Cisco NGIPS is of a medium difficulty level.

My advice to others is they should look into other vendors and cloud-based solutions. Solutions that don't require you to refresh and get hardware, because nowadays there are new problems for hardware. It's getting more difficult, try to get a more software-based, cloud-centric model solution.

I rate Cisco NGIPS a six out of ten.

In the previous version, some features were not enabled. For example, you could not access the VPN. So that was one of the downsides of the product. In this latest version, after enabling these features in the previous version and using them, it's been good. Inspection, application, and inspection in the cloud, the detail in the cloud for an indication of compromise and the malicious activity re-hashing are all valuable features. It's more of the cloud and the malicious activities aspects that define this application.

The file trajectory could be improved.

We still have a web proxy but I think at some point we should not have two products. We should have only one product. Most of the features of the web proxy already exist in the UTM appliances. We have a debate as to whether it's the Cisco Firepower and UTM Appliance of next-generation firewall. But I consider both of them the same. So I would say if we have the caching and the other features which are unique features to the Web Proxy, I think Cisco will be number one if they are able to include such features in the future.

It's a really good product but I have had a really good experience with Palo Alto UTM Appliances. Which I would give a higher mark than the Firepower. It's just a little bit more expensive than the Cisco Firepower.

Scalability I would say, it has some limitations in the large deployment. I think Cisco is working to improve it.

The technical support is the most valuable part of the solution. Cisco is number one in technical support. It's good technical support and this is actually a problem when we do the recruitment for some other products. Other products you are on hold forever and the support is not as good compared to Cisco. 

I started with Juniper and the Palo Alto UTM Appliances, and many other vendors. But we do have a policy to use multiple vendors.

Three years ago the setup was very complex. We had two different cables or software. It's like two appliances and one appliance. We had to set up ASA first and then set up Firepower and do the redirect from the old HTTP traffic, from the ASA for a detailed inspection by Firepower. Initially, it was complex. That was a few years back, but now with the newer version, it's just a piece of cake. Deployment took about 40 minutes. I also handle the maintenance myself.

I do the implementation myself but in certain situations, because we have a risk assessment, it's a sort of risk transfer, so we have a contract with a certain integrator. We do have a contract, but I personally do the setup.

We have definitely experienced ROI. Because we have had many incidents where Cisco Firepower has caught malicious activities and triggered an alarm, a true positive alarm. Which is really good in our case.

The solution is extensively used. We have a policy, from a permission security perspective, that you need to have diversity in the vendors and diversity in the products. We have some areas which are using these products and other areas which is using different products.

It's a really good product, but you need to give it some time to form a sort of baseline, before enabling all the features. You need to study the product well because the product will decrease to around 35-40% of the actual product when you start to enable features. Like the application and inspection, the SSL decryption, the URL filtering, and the ITSM inspection. If you enable more features, you will decrease a little bit of the property. Whoever selects the device initially needs to plan which features they are going to use and they might have to shift the sizing of the product. They might need a high-end appliance or a smaller low-end appliance based on the features they are going to use.

I would give the solution 9 out of 10. 

This product automatically blocks any form of threat in a network. Once a threat is detected, it will notify the IT team. It will show the full threat, the target destination, and perhaps a loophole that the intruder used.

What it reports depends on how you have configured it.

It's able to map the solutions that you have, detailing how they are connected. It gives you visibility in terms of what's happening without your network.

This is the leading Cisco solution across Sub-Saharan Africa.

The most valuable feature is that it is able to detect any form of infiltration. It does this in an automated fashion so that you don't have to do anything to it. Once it is properly configured, it will act on its own.

The visibility that it gives you is very good. You're able to know what has happened within your network.

The way it pushes policy rules is very good. It makes sure that your information is reliable, and that you have the right visibility and the right intelligence.

I would like to see a more user-friendly interface. This is true for Cisco in general, with many of the products that they have.

We have been selling Cisco NGIPS for approximately four years.

This is a very stable product. In Sub-Saharan Africa, it is used by every six or seven banks out of ten.

This solution is very easy to scale, depending on your organization's roadmap. I have had customers that are using it and scaling very fast, especially in the financial sector.

Being a clustered solution, you can have 500, 1,000, or 10,000 users. In fact, one of my customers has 20,000 users of NGIPS. I have another organization that has 1,200 users. The size of the solution is set based on the number of users.

The technical support from Cisco is good, and it is not expensive. Over the past couple of years, they have really improved when it comes to service delivery.

I have worked with a variety of security solutions. I have worked with products from Trend Micro, Cisco, and others.

This product is straightforward to install. A CCMP can complete the deployment in one day.

One skilled person is suitable for deployment.

This is a very affordable product.

This is a product that I can recommend anytime. I have sold millions of dollars of it, every year. 

I would rate this solution an eight out of ten.