We have a data center and we need security products such as Cisco NGIPS to protect us from attacks that are going to impact our organization. For the purpose of completing our compliance audit and VAPT process, we have these kinds of security solutions in place.
DGM IT Infra & Facility at a tech services company with 1-10 employees
Good DDoS protection and IPS/IDS functionality, and it is easy to set up
Pros and Cons
- "The features that I find most valuable are the DDoS protection, IPS/IDS, and Firepower for web application filtering."
- "Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture."
What is our primary use case?
What is most valuable?
The features that I find most valuable are the DDoS protection, IPS/IDS, and Firepower for web application filtering. These three things are pretty good and each is valuable as per the different needs of my business operations.
What needs improvement?
I would like to see better support for preventing cross-scripting and brute-force attacks that may originate from our homegrown applications. This is needed because the applications that we are developing for internal use do not go through the heavy security check that we have in place. If there is some flaw in an application, which happens every now and then, then there will be a huge cost that I may have to pay. I would like to know that if I have a security solution in place then I am at least 99% confident that problems will be prevented. As it is now, I cannot say that I am 80% secure against my applications being attacked.
Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture. Adding this type of functionality would make this product unbeatable.
For how long have I used the solution?
We have been using Cisco NGIPS for more than five years.
Buyer's Guide
Cisco Secure IPS (NGIPS)
November 2024
Learn what your peers think about Cisco Secure IPS (NGIPS). Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.
What do I think about the stability of the solution?
This is a stable product.
What do I think about the scalability of the solution?
Cisco NGIPS is scalable and we have about 600 users.
How are customer service and support?
Technical support is outsourced and it is good.
Which solution did I use previously and why did I switch?
I did not work with another solution before this one.
How was the initial setup?
The initial setup is straightforward and the deployment took about three weeks.
What about the implementation team?
I have ten people who take care of maintenance.
What's my experience with pricing, setup cost, and licensing?
Pricing depends on negotiation with the vendor, although I can say that it is moderate. I would not say that it is very high or low, but rather, average.
What other advice do I have?
I am now trying to implement a more rigorous web application firewall because I don't want to manage the bugs or attacks that are going to come from the outside. I would prefer it is managed by somebody who is an expert in web application firewalls. I want to couple it with additional software for load-balancing to improve speed. Allowing somebody else to manage this will free up my time to run my business, which is better for generating revenue for the company.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Associate Consultant at a computer software company with 201-500 employees
Good intrusion prevention and easy to set up but the pricing is high
Pros and Cons
- "The solution gives us a lot of visibility into our security."
- "The solution requires better management. When it comes to central management capabilities, improvements can be made."
What is our primary use case?
We primarily use the solution for network firewalling and intrusion prevention.
How has it helped my organization?
We get a bit of visibility into network threats and we can successfully mitigate those threats by using the product.
What is most valuable?
The most valuable feature would be the intrusion prevention for us for security reasons.
The setup is pretty straightforward.
The solution gives us a lot of visibility into our security.
The product is quite stable.
There are pretty good capabilities for scaling.
What needs improvement?
Currently, this product is difficult to manage. It needs to be more user-friendly.
A lot of improvements can be made into the overall architecture of the firewall. It's lacking right now. It's something they need to work hard to improve.
The reason for the lack of cohesion in the architecture is due to the fact that Cisco acquired this company and then they merged two products, the Cisco ASA and the Firepower product, into a single product. As a result, the product is not as mature as some of the other comparable products out in the industry.
The price is in the high end of the spectrum, again, comparing to other players in the industry.
The solution requires better management. When it comes to central management capabilities, improvements can be made.
Better reporting in terms of analytics and dashboards would be very useful in future versions.
For how long have I used the solution?
We've been using the solution for about five years now.
What do I think about the stability of the solution?
The stability overall has been good once we get it up and running. We've not seen any issues once we've launched everything. It isn't buggy or glitchy. It doesn't crash or freeze. It's reliable.
What do I think about the scalability of the solution?
The scalability on the solution is good overall. They have a central management console that can assist with the process. The only issue there is we feel like there's room for improvement on the administration side of things.
When it comes to a user installing the networks, all the users essentially traverse this firewall, but when it comes to the administrators of the product, we've got five administrators in networking, they pretty much use it on a daily basis.
How are customer service and technical support?
The technical support has been good. We're satisfied with the level of service we get. They know what they are talking about. They respond promptly. Overall, they are above-average. I'd rate them eight out of ten.
Of course, there's always a little bit of room for improvement from any technical support service. In general, it's always about the speed of resolving an issue, responsiveness, et cetera. These are common industry wide. We always want everything resolved faster.
Which solution did I use previously and why did I switch?
We previously used FortiGate. We switched as we wanted something that had easy management capabilities, so we moved to Cisco. We thought that Cisco would be a bit more mature.
How was the initial setup?
The initial setup is a little bit difficult. It's pretty straightforward, although if we look at it relative to other products on the market, we feel that the other products are easier to set up compared to this one.
What's my experience with pricing, setup cost, and licensing?
The pricing is actually pretty high, especially if you compare it to other solutions that are out there. They are comparable but cost less.
What other advice do I have?
The advice we would give to other organizations is to look at the administrative overhead, and also to pay close attention to when the company is deploying it. We feel that there are certain feature functionalities that might not be mature depending on a company's use case. Everything depends on use cases. A company needs to evaluate its own unique use case, and look at the product feature functionality. A company also needs to look at some of the administrative overhead before they choose the product to make sure that it is suitable for their environment.
This solution overall I would rate at seven out of ten. I would say it's a good product if you look at the primary functionality, which is intrusion prevention. It's is one of the best out there, however, the issue is it's been wrapped around an administrative layer which is quite difficult compared to other products. They've got a really good engine as far as IPSs go, and that's the most important thing.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Cisco Secure IPS (NGIPS)
November 2024
Learn what your peers think about Cisco Secure IPS (NGIPS). Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.
Network Administrator at MP Tech
Good for filtering and very stable with the ability to scale easily
Pros and Cons
- "The solution is very powerful coupled with Firepower."
- "The pricing is very expensive. They should make their equipment more affordable."
What is our primary use case?
We use it on the perimeter, for our infrastructure between our network and our bank's network.
What is most valuable?
The solution is very powerful coupled with Firepower. It's great for filtering.
What needs improvement?
The pricing is very expensive. They should make their equipment more affordable.
Cisco should offer better integration capabilities and offer an easier integration process.
For how long have I used the solution?
We bought the solution a year ago, and finished setup a month ago.
What do I think about the stability of the solution?
This current solution is stable. Last time, we worked with Cisco ASA 6500. That solution sometimes froze and we had to reboot the system. This one, as I mentioned, seems fine. We don't have this problem.
What do I think about the scalability of the solution?
The solution is very scalable, but the main issue surrounds the cost to do so. Scaling can be very expensive. Our network isn't too big. We have around 60 users.
How are customer service and technical support?
Cisco offers very good technical support. I have no complaints about that.
How was the initial setup?
We attended the Cisco training, as we always do. When we buy equipment from Cisco, they also give us learning credits. With those learning credits, it makes it easy to attend training. In terms of the knowledge they share surrounding the equipment, it's very good. We don't have a doubt about what to do.
The initial setup of NGIPS was fine. Firepower took the most time. We took about three months to deploy the solution.
You only need two people for deployment and maintenance.
What about the implementation team?
We implemented the solution by ourselves. Last time, we worked with a company that deployed for us, but it turned out not to be necessary. We realized we can deploy by ourselves, and attend the training and support by ourselves.
What other advice do I have?
The advice I would give to others thinking about implementing the solution is to make sure you have a solid knowledge of the network.
I would rate this solution eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Networking & Security Consultant at LayerZoom
Great all-in-one integration with valuable IPS function
Pros and Cons
- "IPS is a valuable function, because they update the signatures all the time and it's very granular."
- "The GUI user interface could be improved and the login is not very user friendly."
What is our primary use case?
We replaced an ASA with Firepower managed by FMC with NGIPS, and we're also using it for advanced security, like anti-malware protection and IPS.
How has it helped my organization?
We used to have different solutions integrated together between Cisco and non-Cisco, or Cisco and a third party. We now have an all-in-one which is kind of nice.
What is most valuable?
I believe the IPS is a valuable function, because they update the signatures all the time and it's very granular. This is a good, stable solution and it's always up to date with all the security features.
What needs improvement?
I think the GUI user interface could be improved and the login is not very user friendly. They could maybe improve on that.
What do I think about the stability of the solution?
The stability is good, we haven't had any problems.
What do I think about the scalability of the solution?
I think scalability is good although we only have a couple of people in our company that use it - the IT Manager and myself.
How are customer service and technical support?
The technical support is very good. I've never had issues with Cisco support, they're the best.
How was the initial setup?
The initial setup is straightforward, it took a few hours. As the consultant, I deployed the solution.
What's my experience with pricing, setup cost, and licensing?
I'm not sure of the licensing costs, I know we have a three-year subscription.
What other advice do I have?
Compared with other solutions, this is very good.
I rate this product a nine out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Lead Network Security Engineer at TECHNOCORE LTD
Flexible, scalable, and stable, but needs more intuitive interface
Pros and Cons
- "In the virtual deployment, you have a couple of choices depending on your needs and how much bandwidth you have that needs to be inspected."
- "Cisco can do better on their documentation because the product is really hard to understand."
What is our primary use case?
The solution works on a base set of rules to detect malicious traffic or certain exploits, which can be done from both the outside and inside network.
What is most valuable?
In the virtual deployment, you have a couple of choices depending on your needs and how much bandwidth you have that needs to be inspected. It is quite flexible because it can be deployed on the cloud as well. All the kinks which were in the previous versions were fixed.
What needs improvement?
I do not think that Cisco has official documentation regarding use cases. They can do better on their documentation because the product is really hard to understand. You need a lot of time to change around things to understand how it works exactly and fine-tune it. If they make it less complicated, I think it will really help all the customers.
They could make the user interface of the management center more user friendly and customizable in the next release. I think they can take some pointers from Palo Alto because their user interface is really intuitive and really customizable.
For how long have I used the solution?
I have been using the solution for approximately five years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable. The management center, which controls the sensors, you can deploy it. You have two different virtual appliances, one is for managing up to 25 sensors and the bigger one is up to 300 sensors. The hardware list of the products ranges from, I think, 20 sensors and up to 500. Depending on your needs, you can scale it.
We have three administrators working on the solution and the whole organization is being protected by it.
How are customer service and technical support?
Cisco support is really great. Especially when you have a priority case, when everything is down, you can get an engineer in 15 minutes.
How was the initial setup?
The setup is easy, you do not need hardware. You can just sign up for AWS or Azure and you can deploy it there.
What's my experience with pricing, setup cost, and licensing?
There are licensing fees depending on the features that you are using.
Which other solutions did I evaluate?
I have evaluated Palo Alto in the past.
What other advice do I have?
Before this version of the solution, it was like a normal IPS. The source for IPS was bought by Cisco, and now it is integrated into the Firepower Threat Defense. The Firepower Defense is a unified image of both the previous firewall which Cisco had, the ASA, and the source for IPS. Currently, the FTD is like a UTM device, a unified threat management device, because it has firewall capabilities and IPS capabilities.
I am going to continue using this solution even though I enjoyed using their main competitors product from Palo Alto. I would recommend this solution to others.
I rate Cisco NGIPS a seven out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Ceo & Creative Director at Redstout
Scalable expectations, clear and easy implementation, and meeting our current needs
Pros and Cons
- "Cisco NGIPS is working well overall with our current needs."
- "The stability of the user console and some features could be easier to access."
What is our primary use case?
We are using the WAF models to monitor the IDS and IPS also, and it is integrated with Cisco Umbrella.
What is most valuable?
Cisco NGIPS is working well overall with our current needs.
What needs improvement?
The stability of the user console and some features could be easier to access.
For how long have I used the solution?
I have been using Cisco NGIPS for the past one and half years.
What do I think about the stability of the solution?
The stability can be better. The Cisco console is unstable.
What do I think about the scalability of the solution?
The scalability is fine. I believe it covers the expectations that we have.
How are customer service and support?
Technical support is very good, but you must have the expertise and technical people with Cisco NGIPS.
How would you rate customer service and support?
Positive
How was the initial setup?
It is very straightforward, clear, and easy.
What's my experience with pricing, setup cost, and licensing?
I usually work with Fortinet and FortiGate which is a lower cost in comparison with Cisco NGIPS.
What other advice do I have?
I would rate Cisco NGIPS a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network Security Consultant at Societe Generale Global Solution Centre
Boosts network security using inline IPS and passive IDS, and they have efficient technical support
Pros and Cons
- "The main advantages to Cisco are the scale, the integration, the training, and the possibility of finding somebody to work with."
- "I think that some initiation scripts might be helpful because they would make the configuration easier and more user-friendly for customers."
What is our primary use case?
We are a solution provider and I am an engineer who deploys solutions. This is one of the products that I have experience with it in this capacity. The version that we use depends on the client.
Some of our clients are ISPs and they are using the firewall features in this product to replace old firewalls. It is doing the regular firewall inspections, VPN concentration, and other such things. For other customers, who replaced Sourcefire, they use it primarily as an inline IPS and a passive IDS. These customers do not choose very many of the firewall features.
Some customers use it for both; they have a firewall, VPN concentration, and then they do IPS inspection. This is the next-generation of these technologies.
What is most valuable?
The most valuable feature is the IPS engine. It has been in the security branch for decades and is now integrated into the Cisco portfolio. The difference is that it has been scaled a thousandfold. It provides a base language for intruder inspection for all of the security engineers. Now, they have the same language everywhere in the corporate and the open-source firewalls and IPS.
What needs improvement?
The configuration of this product can be simplified. I am an expert in this area because few people can do it. It requires a lot of training and documentation.
I think that some initiation scripts might be helpful because they would make the configuration easier and more user-friendly for customers.
For how long have I used the solution?
I have been working with NGIPS for about four years, since 2016 or 2017, shortly after Cisco bought it.
What do I think about the stability of the solution?
Stability is something that is tricky to judge because when you have a 600-person userbase, there are always going to be issues. As we fix them, it becomes stable again.
What do I think about the scalability of the solution?
This is suitable for organizations of all sizes; small, medium, and large-sized companies. For example, one of our clients has 600 users.
The ease of scaling depends on the number of times you scale, or to which extent. I can start by saying that scaling is easy but if you want to scale a hundredfold, then it's not going to be so easy. It's impossible.
How are customer service and technical support?
I like Cisco's technical support and find that they are efficient. In fact, I was a technical team leader for Cisco support, and I am now a client. There is amazing support team at TAC and they help Cisco be great.
Which solution did I use previously and why did I switch?
I have worked with similar products from different vendors in the past, although I am avoiding this type of task for the moment.
The main advantages to Cisco are the scale, the integration, the training, and the possibility of finding somebody to work with. Also, the reaction time that they have in case of failure is very fast, and it is easy to replace the setup.
How was the initial setup?
The initial setup is complex. It requires that NGIPS be optimized such that it has the best results with the best performance. The deployment model, be it on-premises or cloud-based, depends on the client.
The length of time required for deployment also depends on the client. In a small office, I can do it in a few hours. For an enterprise, it could take half a year. I have worked on many different scales.
What about the implementation team?
I am responsible for deploying this product to our customers. When it comes to maintenance, we cooperate. They know the environment, their tools, the change management, and the internal procedures. I take care of the technical parts, and we have full cooperation until it is complete.
What's my experience with pricing, setup cost, and licensing?
This is an expensive product, with the biggest cost being the license that keeps the service going.
What other advice do I have?
My advice for anybody who is implementing NGIPS is to get in touch with someone who can advise them because every network is different. Properly sizing the appliances is important.
I would rate this solution a ten out of ten.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Administrator at a retailer with 51-200 employees
A stable solution with excellent IPS detection functionality
Pros and Cons
- "We have found the IPS detection to be a very valuable feature of this solution. It is easy to use to stop policy violations."
- "We would like an option to search through the logs to be added to this solution."
What is our primary use case?
We use this product for IPS detection and reporting purposes.
What is most valuable?
We have found the IPS detection to be a very valuable feature of this solution. It is easy to use to stop policy violations.
What needs improvement?
We would like an option to search through the logs to be added to this solution.
For how long have I used the solution?
We have been working with this solution for three years.
What do I think about the stability of the solution?
The current version of this solution is proving to be very stable.
What do I think about the scalability of the solution?
We believe this to be a scalable solution.
How are customer service and support?
The technical support for this product is good. They respond to tickets quickly when they are raised, and they generally respond within 24 hours.
How was the initial setup?
The initial setup and configuration of this solution was straightforward.
What's my experience with pricing, setup cost, and licensing?
Licenses for this product are available for either one, or three year terms.
What other advice do I have?
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Cisco Secure IPS (NGIPS) Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Intrusion Detection and Prevention Software (IDPS)Popular Comparisons
KerioControl
Palo Alto Networks Advanced Threat Prevention
Check Point IPS
Trend Micro TippingPoint Threat Protection System
Fortinet FortiGate IPS
Cisco Sourcefire SNORT
Trellix Intrusion Prevention System
Gatewatcher
Hillstone S-Series Network Intrusion Prevention System
Buyer's Guide
Download our free Cisco Secure IPS (NGIPS) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- When evaluating Intrusion Detection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- What product do you recommend for a Campus IPS appliance implementation?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which alternative solutions (other than Darktrace) do you recommend for an SMB?
- Which is the best intrusion detection and prevention solution?
- What is the best IDPS security tool and why?
- What is Cognitive Cybersecurity and what is it used for?