Cisco Secure IPS (NGIPS) Reviews

We use the solution for traffic filtering, security, and antivirus capabilities.

I have found the filter and the antivirus to be most valuable.

The user interface needs some improvement, it is a little rudimentary and not very intuitive. If you are not very technical inclined you may need to be assisted or might struggle to set it up.

The newer version tends to use a lot of system resources. For example, your processor and RAM.

I have been using the solution for approximately four years.

The solution is stable and reliable, it does the job well.

The scalability is excellent, they can support a large environment. However, a large size organization will need its own dedicated appliance.

The customer support is very good.

We have used and still use Darktrace. We do not use it to replace Cisco's NGIPS solution but we use it predominantly as an in-network snooper.

The installation is complex.

We used an in-house team to do the deployment and it takes roughly a day and a half depending on the size of your organization and the configuration. Setting up the rules, all the features, and the licensing takes time.

To do the maintenance you need somebody familiar with Cisco and networking technologies.

By using this solution we have received a return on our investment. 

Cisco products are not cheap and this solution is no different. However, the price of all of the Firepower is part of a bundle when you buy the actual firewall, the Cisco firewall. It is part of the whole bundle package, but Firepower IPS itself has its own costs.

We are on a yearly license and the price depends on the environment, we pay approximately $33,000. The solution has additional components, and each one of the components cost extra.

For those wanting to implement this solution, I was advice before deploying the solution, understand exactly what you want it to do for you. The product has a couple of different capabilities, do you want to expand, or you may not want to expand. These are scenarios that you have to take into account. I would not recommend the solution for small organizations, it would be too time-consuming for that.

I rate Cisco NGIPS an eight out of ten.

The thing about this solution that I like the most is that it's intuitive. The other features I like are the good support chain and ease of use.

My opinion is that this solution should improve the pricing.

I have been using this solution for about two years.

I would rate the technical support of this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

Positive

I would rate the pricing of this solution a seven, on a scale from one to 10, with one being the worst and 10 being the best.

Customers who are trying to replace their internal firewall with good visibility at the application-level content level use Cisco NGIPS. It has the ability to do packet inspection and the customer can check their users while they're searching the web and going to different websites. Cisco NGIPS has the ability to connect to your firewall with advanced intrusion prevention.  

The most valuable feature of Cisco NGIPS is the centralized user interface. You have the ability to quickly push out configurations across your environment using the Cisco UI. It's a powerful capability of that solution.

Cisco NGIPS could improve its ability to do SSL inspections. Sometimes the ability to do SSL inspection is not scalable and you might not be able to get the installment required if you don't size the right hardware.

I have been using Cisco NGIPS for approximately five years.

Cisco NGIPS is stable, but I there is more that can be done.

Cisco is particularly strong when it comes to firewalls and the IPS, IBS, or next-generation firewalls. When I was working as a system architect we went from Cisco to Palo Alto or Fortinet. I don't know if they've made some recent improvements or maybe it's in the roadmap, but I would say there's still room for improvement with Cisco security appliances.

Cisco NGIPS is scalable. However, the cost to the customer is always high, because it's still a hardware base. After the resource cycle of three or five years, you have to replace them. From that perspective, they are not the greatest solution out there.

Our networking team of approximately 50 people that are mostly using this solution in my organization.

The support from Cisco NGIPS is good.

The initial setup of Cisco NGIPS is of a medium difficulty level.

My advice to others is they should look into other vendors and cloud-based solutions. Solutions that don't require you to refresh and get hardware, because nowadays there are new problems for hardware. It's getting more difficult, try to get a more software-based, cloud-centric model solution.

I rate Cisco NGIPS a six out of ten.

There are both options of cloud or on-premise solutions. I usually do the on-premise solution. We have others who do the cloud solution. If you want to deploy and protect your network from threats and protect your neighbor, that's one of the uses that we employ. With that, you have Security Intelligence, you have Intelligence, you have an Intrusion Prevention System. In the recent upgrade of Firepower, we have 3.0. You can use that to protect the internal network or if you want to protect your servers. 

We use the Security Intelligence feature. We also use the Cisco AMP for Networks, which is used with the ITL certificate. You can use third-party integrations with the Firepower, about security. You can use the STIX format. With the STIX, you can add emergency threats to rules. This includes malware detection which has a third-party Security Intelligence platform. Included are reporting for the last seven days, V shell, and phishing tank. Cybercrime tracker is to check if any company or domain has a bad reputation on the internet. And it can give that information to the Firepower. You can use Security Intelligence to protect the network. It has preprocessors about security. They have a preprocessor for the SCADA. Cisco has evolved a lot in that area over the last few years.

The SSL decrypt could be improved, but it's normal. All the devices in our platform need a lot of memory or CPU to do the SSL decrypt. This is an issue to improve in all platforms, not only in Cisco. They have SecureX which can be integrated with other platforms. But I think the improvement of SecureX in the platforms is needed. SecureX is really new but I think that needs a little improvement.

We have been using Cisco NGIPS or Firepower NGIPS for five years. We use the latest version.

It's working correctly, it's working without problems. You can buy another Firepower, and you can do a cluster configuration. And it's really easy, we don't have any problems.

Cisco support is really awesome. I have another vendor like Honeywell. I really hate when I call Honeywell. But when I call Cisco, I really appreciate it a lot when I talk with the support engineers because the personnel have really good skills and have a really good passion. Cisco support is awesome.

I think the installation of Firepower NGIPS is really easy. You configure the device, you connect that to the Firepower Management Center, and you have deployed the Firepower.

If they're looking for a platform that can protect from attack, from external or insiders who want to attack the network, I think Firepower is a good solution. With  Security Intelligence, other security features make that platform an awesome platform. I would give Cisco NGIPS a rating of nine on a scale of ten. I think no one platform is perfect. I wouldn't give a 10 to a solution ever because 10 is 100%, and I think no one solution can 100% secure. Not because the platform is not working correctly. Because I think no one platform can be 10 by 10.

In the previous version, some features were not enabled. For example, you could not access the VPN. So that was one of the downsides of the product. In this latest version, after enabling these features in the previous version and using them, it's been good. Inspection, application, and inspection in the cloud, the detail in the cloud for an indication of compromise and the malicious activity re-hashing are all valuable features. It's more of the cloud and the malicious activities aspects that define this application.

The file trajectory could be improved.

We still have a web proxy but I think at some point we should not have two products. We should have only one product. Most of the features of the web proxy already exist in the UTM appliances. We have a debate as to whether it's the Cisco Firepower and UTM Appliance of next-generation firewall. But I consider both of them the same. So I would say if we have the caching and the other features which are unique features to the Web Proxy, I think Cisco will be number one if they are able to include such features in the future.

It's a really good product but I have had a really good experience with Palo Alto UTM Appliances. Which I would give a higher mark than the Firepower. It's just a little bit more expensive than the Cisco Firepower.

Scalability I would say, it has some limitations in the large deployment. I think Cisco is working to improve it.

The technical support is the most valuable part of the solution. Cisco is number one in technical support. It's good technical support and this is actually a problem when we do the recruitment for some other products. Other products you are on hold forever and the support is not as good compared to Cisco. 

I started with Juniper and the Palo Alto UTM Appliances, and many other vendors. But we do have a policy to use multiple vendors.

Three years ago the setup was very complex. We had two different cables or software. It's like two appliances and one appliance. We had to set up ASA first and then set up Firepower and do the redirect from the old HTTP traffic, from the ASA for a detailed inspection by Firepower. Initially, it was complex. That was a few years back, but now with the newer version, it's just a piece of cake. Deployment took about 40 minutes. I also handle the maintenance myself.

I do the implementation myself but in certain situations, because we have a risk assessment, it's a sort of risk transfer, so we have a contract with a certain integrator. We do have a contract, but I personally do the setup.

We have definitely experienced ROI. Because we have had many incidents where Cisco Firepower has caught malicious activities and triggered an alarm, a true positive alarm. Which is really good in our case.

The solution is extensively used. We have a policy, from a permission security perspective, that you need to have diversity in the vendors and diversity in the products. We have some areas which are using these products and other areas which is using different products.

It's a really good product, but you need to give it some time to form a sort of baseline, before enabling all the features. You need to study the product well because the product will decrease to around 35-40% of the actual product when you start to enable features. Like the application and inspection, the SSL decryption, the URL filtering, and the ITSM inspection. If you enable more features, you will decrease a little bit of the property. Whoever selects the device initially needs to plan which features they are going to use and they might have to shift the sizing of the product. They might need a high-end appliance or a smaller low-end appliance based on the features they are going to use.

I would give the solution 9 out of 10. 

This product automatically blocks any form of threat in a network. Once a threat is detected, it will notify the IT team. It will show the full threat, the target destination, and perhaps a loophole that the intruder used.

What it reports depends on how you have configured it.

It's able to map the solutions that you have, detailing how they are connected. It gives you visibility in terms of what's happening without your network.

This is the leading Cisco solution across Sub-Saharan Africa.

The most valuable feature is that it is able to detect any form of infiltration. It does this in an automated fashion so that you don't have to do anything to it. Once it is properly configured, it will act on its own.

The visibility that it gives you is very good. You're able to know what has happened within your network.

The way it pushes policy rules is very good. It makes sure that your information is reliable, and that you have the right visibility and the right intelligence.

I would like to see a more user-friendly interface. This is true for Cisco in general, with many of the products that they have.

We have been selling Cisco NGIPS for approximately four years.

This is a very stable product. In Sub-Saharan Africa, it is used by every six or seven banks out of ten.

This solution is very easy to scale, depending on your organization's roadmap. I have had customers that are using it and scaling very fast, especially in the financial sector.

Being a clustered solution, you can have 500, 1,000, or 10,000 users. In fact, one of my customers has 20,000 users of NGIPS. I have another organization that has 1,200 users. The size of the solution is set based on the number of users.

The technical support from Cisco is good, and it is not expensive. Over the past couple of years, they have really improved when it comes to service delivery.

I have worked with a variety of security solutions. I have worked with products from Trend Micro, Cisco, and others.

This product is straightforward to install. A CCMP can complete the deployment in one day.

One skilled person is suitable for deployment.

This is a very affordable product.

This is a product that I can recommend anytime. I have sold millions of dollars of it, every year. 

I would rate this solution an eight out of ten.

We are a system integrator, and we resell this solution to our customers.

This solution is for intrusion prevention, and the majority of deployments are on-premises.

The most valuable feature of this solution is its modularity, so whenever you need to upgrade or add another service, you don't need to buy another box. You can activate these services on the same box, which saves a lot in terms of cost because you don't need additional hardware. Moreover, it makes manageability easier because you don't have to use several different devices.

Cisco operates on an open operating system platform so it gives you the flexibility to add other things. Cisco itself is using different manufacturers, or OEM vendors to integrate with their product. For example, Radware is providing a DDoS solution for the NGIPS box.

We would like to see support for DDoS protection.

The cost of adding additional throughput is very high and is an area of concern. Competing products such as FortiGate and TippingPoint have a much larger throughput at a smaller cost.

The devices have certain limitations and to go beyond them, I need to change the hardware. For example, if I exceed the throughput on the 2000 series then I have to switch to the 4000 series. This one then has a limitation of perhaps fifty gigabytes, and if I exceed that, then I need to move to the 9000 series. By comparison, TippingPoint and FortiGate have no limit. If there was a software-based solution for scaling up then it would be much better.

This is a very stable solution. We have not heard any complaints from customers, and we have not experienced any trouble ourselves.

When it comes to scalability, there is a limitation that is set by the hardware. If you're looking for higher throughput then you have to change boxes. The 2000 series is pretty small when it comes to bandwidth, so scalability is a concern.

Technical support from Cisco is perfectly fine, and they are doing a great job.

Prior to this solution, we used TippingPoint. Although it is a very good solution, there was a problem with the product having too many acquisitions. Every time there was a new acquisition, support was a concern. For example, at one point it was taken over by HP, and then, again, HP disowned it. Support was hampered by this, and if you're not getting support on a critical security appliance then you need to look for other options. This is what led us to adopt Cisco.

The initial setup of this solution is not complex. They have a graphical user interface for managing all of these things, which helps make it easy to deploy.

The price for additional throughput is the highest in the industry.

This is a solution that I recommend for IPS.

I would rate this solution a seven out of ten.

We are using Cisco NGIPS for our company network. We are comparing how it works with the other companies.

The most valuable feature of Cisco NGIPS is its protection.

The price of Cisco NGIPS could improve.

I have been using Cisco NGIPS for approximately four years.

Cisco NGIPS is stable.

The scalability of Cisco NGIPS is good.

We have approximately 100 people using this solution in my company.

I did not use the support.

We previously used a Russian-based solution that was not popular.

The initial setup of Cisco NGIPS was straightforward.

We used a consultant for the implementation of the solution.

I have not seen a return on investment.

The price of Cisco NGIPS could be reduced. It is more expensive than other solutions.

The solution only requires one person for maintenance.

I would recommend this solution to others but it depends on their budget. It is expensive.

I rate Cisco NGIPS a seven out of ten.