Cisco Secure IPS (NGIPS) Reviews

Our primary use case is for the firewall and other security-related features.

I think the Cisco Firepower is the best firewall in the world and the other security features like AMP, IPS, and deep inspection packets.

The most valuable feature would be the IPS is very important in Cisco Firepower because I can configure deep configuration in IPS and tuning.

I would like to see the sanctions lifted so we could use the full solution and have the speed increased.

I have been using Cisco NGIPS for the past eight years.

The stability is evident and without issues.

The scalability is excellent. We have around one thousand two hundred users.

There is a very good community with CISCO.

The initial setup is straightforward.

The implementation can take anywhere from one day to a month for advanced tuning and firewall protection.

There is definitely a return on investment and is worth the money

When it comes to pricing you pay for a permanent licensing structure. One, three, and five-year options. There are no extra costs.

I would rate Cisco NGIPS a ten on a scale of one to ten.

Customers who are trying to replace their internal firewall with good visibility at the application-level content level use Cisco NGIPS. It has the ability to do packet inspection and the customer can check their users while they're searching the web and going to different websites. Cisco NGIPS has the ability to connect to your firewall with advanced intrusion prevention.  

The most valuable feature of Cisco NGIPS is the centralized user interface. You have the ability to quickly push out configurations across your environment using the Cisco UI. It's a powerful capability of that solution.

Cisco NGIPS could improve its ability to do SSL inspections. Sometimes the ability to do SSL inspection is not scalable and you might not be able to get the installment required if you don't size the right hardware.

I have been using Cisco NGIPS for approximately five years.

Cisco NGIPS is stable, but I there is more that can be done.

Cisco is particularly strong when it comes to firewalls and the IPS, IBS, or next-generation firewalls. When I was working as a system architect we went from Cisco to Palo Alto or Fortinet. I don't know if they've made some recent improvements or maybe it's in the roadmap, but I would say there's still room for improvement with Cisco security appliances.

Cisco NGIPS is scalable. However, the cost to the customer is always high, because it's still a hardware base. After the resource cycle of three or five years, you have to replace them. From that perspective, they are not the greatest solution out there.

Our networking team of approximately 50 people that are mostly using this solution in my organization.

The support from Cisco NGIPS is good.

The initial setup of Cisco NGIPS is of a medium difficulty level.

My advice to others is they should look into other vendors and cloud-based solutions. Solutions that don't require you to refresh and get hardware, because nowadays there are new problems for hardware. It's getting more difficult, try to get a more software-based, cloud-centric model solution.

I rate Cisco NGIPS a six out of ten.

Our customers use it for VBN and network as well.

I've found the performance and stability to be the most valuable features of Cisco NGIPS. It is scalable as well.

The price could be improved.

I've been providing this solution for about five years.

It is a stable solution.

It is scalable.

My experience with technical support has been okay.

Installation is straightforward and took half a day.

The pricing could be improved. Our customers have a yearly license.

It is a good product, and I would recommend it. I would rate it at eight on a scale from one to ten.

I work for a system integrator and Cisco NGIPS is one of the products that we implement for our clients. This is a solution for enterprise networks and it has a lot of advanced features including security intelligence feeds and DNS security.

This product can be integrated with other solutions from the Cisco portfolio including Cisco ISE and SecureX. The integration with the Cisco portfolio is very helpful. Cisco ISE will give full control in any network and it can be used to isolate any infected or misbehaving users automatically.

Multi-internet line load balancing should be supported. It is available from other vendors and should be included with this product.

This is one of the most stable solutions in the firewall world. 

Cisco takes scalability into consideration. My clients vary in size from small and medium-sized businesses to enterprises.

The best support that I have ever dealt with is from Cisco. I am very satisfied with their service.

I have experience with a lot of network security products. These include solutions by Cisco, Palo Alto, Fortinet, and Forcepoint.

The initial setup is very simple and in one or two hours, it can be up and running.

The licensing can be billed annually or in multi-year contracts such as three, four, or five years.

I would rate this solution a nine out of ten.

We use this solution as an intrusion prevention system, as well as UI filtering, application control, and anti-malware protection.

The traffic filter feature of this solution has improved our organization. It not only provides ransomware protection, but saves us time in dealing with unnecessary traffic.

The traffic filter of this solution is very valuable to us, and to our clients.

We would like to see some improvement in the configuration process for this solution, as it is currently quite complex.

We have been working with this solution for around a year.

We have found this to be a stable solution in our experience.

This is a scalable product.

The initial setup of this solution is straightforward if it is only the standard package being installed. However, configuring this product is complex and requires a lot of time commitment.

Deployment of the solution usually only takes a few hours, but if it is being implemented in a more complicated environment it can take up to three days.

We would recommend this solution to other organizations as it is very easy to use.

I would rate this solution a seven out of ten.

I like Firepower's automation, and the security intelligence is a powerful feature. 

If Firepower had an embedded vulnerability scanner, it could better detect the vulnerabilities on different platforms in the network. It needs to integrate with other solutions to detect these vulnerabilities. It cannot detect system vulnerabilities on its own. A new trend is encrypted security solutions. Firepower can integrate with Cisco products like Stealthwatch, and Stealthwatch can primarily integrate with other Cisco products. 

Firepower APIs that allow it to integrate with other vendors need more flexibility. For example, if I want to integrate with Forcepoint, I can't because Forcepoint cannot integrate with other sandbox vendors. This integration has become essential for the latest security solutions because most customers are now thinking about integrated security solutions. However, not every product is like that. We have to think about the integrated security solutions, so Firepower needs to improve in this area, the integrations with other vendors.

We are a partner with Cisco and we have sold these products to multiple customers. Most of them have given us positive feedback about Cisco Firepower.

We had multiple bugs and issues on the old versions, but the new versions Cisco has recently released are much more stable. However, our customers are still facing many bugs on the system. It has matured noticeably, but we are still facing multiple stability issues on Firepower. There are more than 80 or 90 bugs for each release node. It's a considerable number of bugs. It's much better than before, but there are still too many bugs in the new versions. The R&D team needs to put more work into new releases to minimize the number of bugs.

Cisco has some limitations in clustering if we want to upgrade the hardware currently deployed at customer sites. If Cisco can improve or optimize this clustering limitation, this will add more scalability to Firepower.

Cisco's most powerful support team is based in the United States. Most cases this team handles are solved quickly, but I've had a different experience with the Indian team. It takes too much time to solve the issues. We have different experiences with tech teams in other time zones, and I prefer to communicate cases with a US-based team. It depends on when we open the ticket. Sometimes it will route to the Indian tech team. If we open the ticket between 9 a.m. and 9 p.m. Cairo time, I think it will go to the US team.

Signature tuning is automated in Cisco Firepower. This is the most powerful feature, which most vendors don't have. It makes deploying the solution straightforward for the customer and us implementers as well. So the automation and the fine-tuning are effortless in Firepower.

Cisco Firepower is a good investment because one product can cover such a large part of the NIST security framework.

The weakness of Cisco Firepower is the cost. Some of the customers see it as very expensive. 

I would rate Cisco Firepower NGIPS nine out of 10. For any customers thinking about implementing this solution, I would suggest being aware of the security areas they want to cover. They need to consider the NIST cybersecurity framework and focus on each area of this framework to make sure that there are no security gaps in their environment. Firepower covers three main areas of this framework: detection, response, and identification. 

We use this solution for traffic inspection and searching.

It's coming to its end of life. We will be considering another solution because it is no longer scalable.

While it is stable, I would like it to be even more stable.

I have been using this solution for 10 years.

Cisco NGIPS is a stable solution. We have not had any issues since we have been using it.

It is no longer scalable because it has gone end of life.

We have approximately six locations. We have close to 2,000 users.

We are satisfied with the technical support.

I was not involved in the installation.

We have a team of four of five, including four engineers, and one supervisor to maintain this solution.

It could be less expensive.

We do pay for licensing yearly, but since it is at its end of life, there are no license implications until we purchase a new solution.

I would recommend this solution to others.

I would rate Cisco NGIPS an eight out of ten.

We use NGIPS for monitoring and firewall purposes. We have about 3,000 users. 

I like how NGIPS has everything in one console.  

The look and feel of the console could be updated. 

I have used NGIPS for about five years.

NGIPS is stable.

Setting up NGIPS was complex. We needed help from a Cisco specialist. 

I rate Cisco NGIPS eight out of 10 overall.