Cisco Secure IPS (NGIPS) vs Vectra AI comparison

Read 43 Vectra AI reviews

5,976 Views
2,988 Comparison Views

97% willing to recommend

Cisco Secure IPS (NGIPS)

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 19, 2024

Vectra AI and Cisco Secure IPS (NGIPS) compete in cybersecurity solutions. Vectra AI holds the upper hand in threat detection accuracy and prioritization, whereas Cisco Secure IPS is distinguished by strong integration features.

Features: Vectra AI is recognized for its accuracy in threat detection across the attack lifecycle and reduces alert fatigue through aggregated risk scores, allowing effective resource prioritization. It efficiently correlates various alerts into single incidents for better prioritization. Cisco Secure IPS (NGIPS) is renowned for its seamless integration within Cisco's product suite, enhanced third-party integrations, and robust network-level threat detection capabilities.

Room for Improvement: Vectra AI requires better integration with SIEM systems and improved customization. Users also call for reduced false positives and better handling of syslogs aligning user and host data. Cisco Secure IPS (NGIPS) can improve in network performance, price competitiveness, DDoS protection support, and refinement of management consoles, with easier handling of hybrid deployments.

Ease of Deployment and Customer Service: Vectra AI deployments are mainly on-premises and hybrid cloud, noted for responsive technical support and incorporating customer feedback into updates. Cisco Secure IPS shares a similar deployment model, with established technical support, although high-volume deployment handling could be simplified.

Pricing and ROI: Vectra AI is seen as costly with complex licensing, concerns raised by smaller organizations despite security enhancement benefits. Cisco Secure IPS is similarly priced, justified by comprehensive features. Both solutions present substantial security value with inherently complex ROI measurement in cybersecurity.

To learn more, read our detailed Cisco Secure IPS (NGIPS) vs. Vectra AI Report (Updated: December 2024).

Cisco Secure IPS (NGIPS) vs. Vectra AI

December 2024

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

Cisco Secure IPS (NGIPS)

Ranking in Intrusion Detection and Prevention Software (IDPS)

6th

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Vectra AI

Ranking in Intrusion Detection and Prevention Software (IDPS)

2nd

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)

Mindshare comparison

As of December 2024, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Secure IPS (NGIPS) is 4.2%, down from 4.5% compared to the previous year. The mindshare of Vectra AI is 11.8%, up from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

YoussefBoukari

Solution Director - CTO at Huawei

Very effective for malware and signature-based anomalies but stability needs improvement

Our company uses the solution for data functions in banking. It is a backend solution in the server center. We analyze traffic and adapt configurations or customize policies to the environment of the IPS itself. The solution very effectively provides malware protection and signature-based…

Read full review

Tony Whelton

Director IT at Wellington College

Integrates well with other security solutions and provides good technical support

The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The initial setup wasn't complex or complicated."

"I think their fingerprints are good in terms of how they whitelist and blacklist."

"I like Firepower's automation, and the security intelligence is a powerful feature."

"The most valuable features are the intrusion detection ones."

"It is salable and technically sound."

"Its ease of use and its ability to block and allow ports in and out of our organization are the most valuable features. It works very well. It gives us all the information that we need."

"The solution very effectively provides malware protection and signature-based anomaly detection."

"We primarily use this solution as an application filter and for IPS."

More Cisco Secure IPS (NGIPS) pros

"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."

"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."

"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."

"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."

"Vectra AI is the best. It is a major product in our cybersecurity."

"It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload."

"The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."

"What I like best about Vectra AI is that it alerts you about suspicious activities."

More Vectra AI pros

Cons

"We would like to see some improvement in the configuration process for this solution, as it is currently quite complex."

"The CLI, the console line interface, of the FTD could be improved. It's very complex, so without a GUI, it doesn't work well. I would like it to be more simple."

"The price of Cisco NGIPS could improve."

"I would recommend this solution to others for medium, large, and enterprise businesses only."

"There are certain limitations that need to be addressed."

"We would like to see improvements in the dashboard features."

"There is room for improvement in the policy documentation."

"The file trajectory, the trace in contamination files, could be improved."

More Cisco Secure IPS (NGIPS) cons

"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."

"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."

"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."

"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."

"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."

"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."

"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."

"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."

More Vectra AI cons

Pricing and Cost Advice

"In our company, we know that the price of Cisco products is high, especially for its switches, routers and IOS. The price of Cisco products may be twice its original price if you plan to extend some of its features."

"We pay for the IPS license to use this solution."

"The price of Cisco NGIPS could be reduced. It is more expensive than other solutions."

"The tool's licensing costs are yearly."

"Pricing depends on negotiation with the vendor, although I can say that it is moderate."

"Cisco products are always expensive, but if you can afford the price then it's a great solution."

"The solution is pricey, but worth it."

"They are very expensive in some places and not reasonable at times for many customers. I have had customers choose another solution because of the high price."

More Cisco Secure IPS (NGIPS) pricing and cost advice

"The solution's pricing was 50 percent lower than the other vendors shortlisted."

"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."

"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."

"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."

"The solution is low-cost and affordable."

"Cost is a big factor, as always. However, I think we have a very good price–performance ratio."

"Vectra is a bit on the higher side in terms of price, but they have always been transparent. The reason that they are this good is that they invest, so they need to charge accordingly."

"Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."

More Vectra AI pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

University

12%

Financial Services Firm

Educational Organization

Computer Software Company

16%

Financial Services Firm

12%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco NGIPS?

The product's initial setup phase was easy.

What is your experience regarding pricing and costs for Cisco NGIPS?

The pricing is standard and there is no issue.

What needs improvement with Cisco NGIPS?

The dashboard is quite old compared to today's technology. We would like to see improvements in the dashboard features.

What is the biggest difference between Corelight and Vectra AI?

The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...

What do you like most about Vectra AI?

The solution is currently used as a central threat detection and response system.

What is your experience regarding pricing and costs for Vectra AI?

Vectra is cheaper in terms of pricing and features compared to Darktrace.

Check Point IPS vs Cisco Secure IPS (NGIPS)

Comparisons

Compared 21% of the time

Fortinet FortiGate IPS vs Cisco Secure IPS (NGIPS)

Compared 21% of the time

Trend Micro TippingPoint Threat Protection System vs Cisco Secure IPS (NGIPS)

Compared 20% of the time

Trellix Intrusion Prevention System vs Cisco Secure IPS (NGIPS)

Compared 14% of the time

Cisco Sourcefire SNORT vs Cisco Secure IPS (NGIPS)

Compared 11% of the time

More Cisco Secure IPS (NGIPS) Competitors

Darktrace vs Vectra AI

Compared 36% of the time

ExtraHop Reveal(x) vs Vectra AI

Compared 12% of the time

Cisco Secure Network Analytics vs Vectra AI

Compared 6% of the time

Arista NDR vs Vectra AI

Compared 5% of the time

Corelight vs Vectra AI

Compared 5% of the time

More Vectra AI Competitors

Product Reports

Download Cisco Secure IPS (NGIPS) product report

Cisco Secure IPS (NGIPS)

December 2024

Download Vectra AI product report

November 2024

Also Known As

Sourcefire NGIPS, Firepower NGIPS

Vectra Networks, Vectra AI NDR

Learn More

Cisco

Overview

Cisco Secure IPS (NGIPS) is designed for intrusion prevention, firewalling, and application filtering. It's deployed on-premises to secure networks and perform real-time traffic inspection, defining security policies to prevent malicious attacks.

Organizations use Cisco Secure IPS (NGIPS) to safeguard data centers, enterprise networks, and server environments. This technology integrates with advanced threat intelligence and multiple security features to enhance cybersecurity. Users deploy it at network perimeters, for firewall replacement, and to secure critical infrastructure. The platform supports modularity, anomaly detection, scalability, and centralized management, making it a comprehensive solution for modern security needs.

What are the key features of Cisco Secure IPS (NGIPS)?

Intrusion Prevention: Detects and blocks various network threats.
Automation: Streamlines security processes for efficiency.
Advanced Threat Detection: Identifies and mitigates sophisticated attacks.
Centralized Management: Simplifies oversight with a unified interface.
Anomaly Detection: Flags unusual behaviors and potential threats.
Compatibility with Firepower: Integrates seamlessly with other Cisco solutions.
DDoS Protection: Mitigates distributed denial-of-service attacks.
Signature Updates: Ensures the latest threat definitions are in use.
Access Policy Management: Enables precise control over user access.
Real-Time Traffic Inspection: Monitors traffic to detect threats immediately.

What benefits and ROI should users look for in reviews?

Enhanced Security: Improved protection against cyber threats.
Operational Efficiency: Reduced time and effort in managing security.
Scalability: Seamless scaling to accommodate growing network demands.
Compliance: Helps meet regulatory and industry standards.
Risk Mitigation: Reduced risk of data breaches and cyber attacks.
Visibility: Increased insight into network traffic and threats.

This technology is widely implemented across industries such as finance, healthcare, and retail, ensuring robust security for sensitive data and critical infrastructure. Typical deployments include network perimeters and data centers, providing real-time threat detection and unified security management. The combination of integrated threat intelligence and advanced security features helps enterprises strengthen their defenses against evolving cyber threats.

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Sample Customers

American Electric Power, Huntington Bank, Keycorp, Nationwide, Transunion, Marriott, Inova Health, Ford, Thomson Reuters, Dow Chemical, Equifax, Chevron, Walmart, Coca Cola

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association