Cisco Secure IPS (NGIPS) Reviews

The most valuable features of Cisco NGIPS are the VPN, IPS, access policy management, EIM, and the ASA model as part of Firepower.

I have been using Cisco NGIPS for approximately three years.

Cisco NGIPS is highly stable.

Cisco NGIPS is scalable. The scalability is easy to do because if the Firepower threat defense works in the cluster mode, someone can scale up the system using two and three Firepower threat defenses at the same time in one system.

We use this solution in different companies and provide them with support. We have some clients that have 3,000 users whereas others have 700.

In our company process some team, we have three or four people and the solution can be easily maintained because it is managed in one place in the Firepower management center. In one company we have approximately 24 Firepower models and these devices are controlled by one system, the Firepower management system (FMC). It's very easy to control and maintain the solution.

The price of the solution is expensive to a degree it cannot be used by small businesses. It is best suited for medium and enterprise businesses.

I would recommend this solution to others for medium, large, and enterprise businesses only.

I rate Cisco NGIPS a ten out of ten.

I like Firepower's automation, and the security intelligence is a powerful feature. 

If Firepower had an embedded vulnerability scanner, it could better detect the vulnerabilities on different platforms in the network. It needs to integrate with other solutions to detect these vulnerabilities. It cannot detect system vulnerabilities on its own. A new trend is encrypted security solutions. Firepower can integrate with Cisco products like Stealthwatch, and Stealthwatch can primarily integrate with other Cisco products. 

Firepower APIs that allow it to integrate with other vendors need more flexibility. For example, if I want to integrate with Forcepoint, I can't because Forcepoint cannot integrate with other sandbox vendors. This integration has become essential for the latest security solutions because most customers are now thinking about integrated security solutions. However, not every product is like that. We have to think about the integrated security solutions, so Firepower needs to improve in this area, the integrations with other vendors.

We are a partner with Cisco and we have sold these products to multiple customers. Most of them have given us positive feedback about Cisco Firepower.

We had multiple bugs and issues on the old versions, but the new versions Cisco has recently released are much more stable. However, our customers are still facing many bugs on the system. It has matured noticeably, but we are still facing multiple stability issues on Firepower. There are more than 80 or 90 bugs for each release node. It's a considerable number of bugs. It's much better than before, but there are still too many bugs in the new versions. The R&D team needs to put more work into new releases to minimize the number of bugs.

Cisco has some limitations in clustering if we want to upgrade the hardware currently deployed at customer sites. If Cisco can improve or optimize this clustering limitation, this will add more scalability to Firepower.

Cisco's most powerful support team is based in the United States. Most cases this team handles are solved quickly, but I've had a different experience with the Indian team. It takes too much time to solve the issues. We have different experiences with tech teams in other time zones, and I prefer to communicate cases with a US-based team. It depends on when we open the ticket. Sometimes it will route to the Indian tech team. If we open the ticket between 9 a.m. and 9 p.m. Cairo time, I think it will go to the US team.

Signature tuning is automated in Cisco Firepower. This is the most powerful feature, which most vendors don't have. It makes deploying the solution straightforward for the customer and us implementers as well. So the automation and the fine-tuning are effortless in Firepower.

Cisco Firepower is a good investment because one product can cover such a large part of the NIST security framework.

The weakness of Cisco Firepower is the cost. Some of the customers see it as very expensive. 

I would rate Cisco Firepower NGIPS nine out of 10. For any customers thinking about implementing this solution, I would suggest being aware of the security areas they want to cover. They need to consider the NIST cybersecurity framework and focus on each area of this framework to make sure that there are no security gaps in their environment. Firepower covers three main areas of this framework: detection, response, and identification. 

We use this product for intrusion protection.

The most valuable feature is security.

The onboarding process could be made a little bit better.

I have been working with Cisco NGIPS for one year.

We haven't had any problems with this product.

I configured the system myself and the process was okay.

In general, I have nothing negative to say about this product.

I would rate this solution an eight out of ten.

We use this solution for traffic inspection and searching.

It's coming to its end of life. We will be considering another solution because it is no longer scalable.

While it is stable, I would like it to be even more stable.

I have been using this solution for 10 years.

Cisco NGIPS is a stable solution. We have not had any issues since we have been using it.

It is no longer scalable because it has gone end of life.

We have approximately six locations. We have close to 2,000 users.

We are satisfied with the technical support.

I was not involved in the installation.

We have a team of four of five, including four engineers, and one supervisor to maintain this solution.

It could be less expensive.

We do pay for licensing yearly, but since it is at its end of life, there are no license implications until we purchase a new solution.

I would recommend this solution to others.

I would rate Cisco NGIPS an eight out of ten.

We use this product to prevent unwanted traffic and to define policies.

The tracking intelligence feature is very good. This solution provides us with the opportunity to detect threats in real-time. 

Some Next-Generation Firewall solutions come with Intrusion Prevention. It would be nice if Cisco NGIPS included that. 

I have been using this solution for almost one year. 

Cisco's support is unmatched. There are very few companies that can match their support. 

Overall, on a scale from one to ten, I would give this solution a rating of nine. 

We use it for threat prevention.

It has increased our security posture and has contributed substantially to our security maturity by stopping threats.

• It has good intelligence.
• It does a great job at stopping threats.

In the next release I would like to see better reporting. I also find it's hard to act on the data it gives you.

The stability is excellent.

The scalability is excellent.

Technical support has been excellent.

The initial setup is complex. That's just the nature of that product. It's a really advanced product so it takes a lot of technical knowledge to implement it.

We used a reseller. 

We have definitely seen ROI, but I can't quantify it.

Get a good demo to test it out or do a proof of concept to see if it it's what you're looking for.

I rate it an eight out of ten. Eight because it's good at detecting and stopping threats. Those other two points that would make it a ten are better usability and reporting.

We primarily use the solution as a firewall. It's for company security.

The solution is easy to use.

We have found the product to be quite stable. 

The installation process is not difficult.

The solution would be better if it offered customers more integrations and more signatures.

I've been using the solution for around four years. It's been a while. It's useful for anomaly detection, impact inspection, signatures, and stuff like that.

The stability of the product is very good. There are no bugs or glitches. It doesn't crash or freeze. the performance is good and we consider it reliable. 

We have around 2,000 users in our organization using the solution.

We have contacted Cisco technical support in the past. Their support is the best in the market. We are very satisfied with the level of service they provide to their clients. 

We are using both Cisco and Fortinet.

It's very straightforward and very easy to set yo the solution. It's not overly complex. 

It took us one to two days at a maximum to install everything and to get everything going. 

We have two technicians and three engineers that can handle any deployment or maintenance tasks.

We handled the setup ourselves. We did not require the assistance of any integrators or consultants. It was all done in-house. 

We have a subscription for the signatures and footprints. 

We are a customer and an end-user.

We always use two older versions than the latest in case the latest has bugs or issues.

I'd rate the solution at a seven out of ten.

I would recommend this product to other users and companies. 

We primarily use this solution as an application filter and for IPS. We have an on-premises deployment.

The most valuable feature of this solution is the support.

I would like to see the total performance for the users improved.

We have a need for security, so we would like to see more protection against virus attacks and ransomware attacks.

The inclusion of bandwidth management features would improve this product.

I would like to have an API for application development.

This solution is one hundred percent stable.

We are very satisfied with the technical support for this solution.

The initial setup of this solution is straightforward.

Licensing fees for this solution are $3,500 USD, and there are no additional costs.

This is a good solution that I recommend, but there is room for more features to be included.

I would rate this solution a nine out of ten.