Cisco Secure IPS (NGIPS) vs Vectra AI comparison

Read 42 Vectra AI reviews

6,539 Views
3,137 Comparison Views

97% willing to recommend

Cisco Secure IPS (NGIPS)

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Secure IPS (NGIPS) and Vectra AI based on real PeerSpot user reviews.

Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Cisco Secure IPS (NGIPS) vs. Vectra AI Report (Updated: September 2024).

Cisco Secure IPS (NGIPS) vs. Vectra AI

September 2024

Download the complete report

Helped 802,829 peers since 2012

Categories and Ranking

Cisco Secure IPS (NGIPS)

Ranking in Intrusion Detection and Prevention Software (IDPS)

6th

Average Rating

8.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Vectra AI

Ranking in Intrusion Detection and Prevention Software (IDPS)

2nd

Average Rating

8.6

Number of Reviews

Ranking in other categories

Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (6th), AI-Powered Cybersecurity Platforms (3rd)

Mindshare comparison

As of September 2024, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Secure IPS (NGIPS) is 4.3%, down from 4.6% compared to the previous year. The mindshare of Vectra AI is 11.0%, up from 9.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

MahmoodAbdollahi

Senior Network Engineer at Dejpaad

Jan 11, 2023

The best in the world, high value features, with long term reliability

Our primary use case is for the firewall and other security-related features I think the Cisco Firepower is the best firewall in the world and the other security features like AMP, IPS, and deep inspection packets. The most valuable feature would be the IPS is very important in Cisco Firepower…

Read full review

reviewer2120748

Cybersecurity Consultant at a tech services company with 201-500 employees

Mar 7, 2023

Is well-designed around the quadrant and is easy to deploy

We have had a few issues with the integration of Vectra AI with EDR. Some filters have not been working. We've also had issues with the brain not being powerful enough. In the next release, I would like to see more triage choices. From my point of view, Vectra is missing a lot of choices. This is an area that they could focus on. Vectra is also moving to a full cloud model, and I am not sure if going full cloud and leaving the on-premises environment is the way to go. We are not sure whether we'll move to the cloud with Vectra because it's hosted by AWS, which is one of our competitors. We don't like to work with anything that works on AWS.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The product's initial setup phase was easy."

"It is more or less stable. Sometimes I have some issues normally when we need to upgrade it to newer versions. I think it does the job."

"The initial setup wasn't complex or complicated."

"The solution very effectively provides malware protection and signature-based anomaly detection."

"The technical support is impressive."

"Technical support is quite good. With firewalls, the last cases I had with Cisco were professionally handled quite quickly and it was great."

"The integration with the Cisco portfolio is very helpful."

"In the virtual deployment, you have a couple of choices depending on your needs and how much bandwidth you have that needs to be inspected."

More Cisco Secure IPS (NGIPS) pros

"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."

"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."

"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."

"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into."

"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."

"Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well."

"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."

"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."

More Vectra AI pros

Cons

"I would like to see Cisco NGIPS to include home office support in one single product."

"Our customers are still facing many bugs on the system. It has matured noticeably, but we are still facing multiple stability issues on Firepower. There are more than 80 or 90 bugs for each release node. It's a considerable number of bugs."

"We would like an option to search through the logs to be added to this solution."

"It is no longer scalable because it has gone end of life."

"The feedback from some of our customers is that they weren't interested in Cisco because it was too complicated to deploy, especially in cloud-related areas."

"More flexibility with the dashboards is needed because some of them are not fully developed."

"Cisco NGIPS' performance could be better."

"I would like to see a more user-friendly interface."

More Cisco Secure IPS (NGIPS) cons

"The main improvement I can see would be to integrate with more external solutions."

"The rules for threats are not always precise and Vectra AI should improve this."

"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."

"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."

"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."

"One of the things I am not so happy about when it comes to Vectra is the scoring board."

"The false positives and the tuning side of it is something that could use improvement. But that could be from our side."

"ExtraHop has better features that seem more advantageous when compared to Vectra."

More Vectra AI cons

Pricing and Cost Advice

"There are licensing fees depending on the features that you are using."

"The annual licensing tends to be expensive, but in terms of implementing the licenses, it's a very uncomplicated process and as easy as copy-paste in its straightforwardness."

"They are very expensive in some places and not reasonable at times for many customers. I have had customers choose another solution because of the high price."

"The price of the solution is expensive to a degree it cannot be used by small businesses. It is best suited for medium and enterprise businesses."

"The weakness of Cisco Firepower is the cost. Some of the customers see it as very expensive."

"In our company, we know that the price of Cisco products is high, especially for its switches, routers and IOS. The price of Cisco products may be twice its original price if you plan to extend some of its features."

"NGIPS is expensive."

"This is an expensive product, with the biggest cost being the license that keeps the service going."

More Cisco Secure IPS (NGIPS) pricing and cost advice

"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."

"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."

"The solution's pricing was 50 percent lower than the other vendors shortlisted."

"Vectra AI is not a cheap solution."

"Vectra AI's pricing is cheaper than that of Darktrace."

"The solution is low-cost and affordable."

"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."

"The licensing is on an annual basis."

More Vectra AI pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

802,829 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

20%

University

12%

Financial Services Firm

Government

Computer Software Company

17%

Financial Services Firm

13%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco NGIPS?

The product's initial setup phase was easy.

What is your experience regarding pricing and costs for Cisco NGIPS?

Cisco NGIPS is an expensive product.

What needs improvement with Cisco NGIPS?

There are certain limitations that need to be addressed.

What is the biggest difference between Corelight and Vectra AI?

The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...

What do you like most about Vectra AI?

The solution is currently used as a central threat detection and response system.

What is your experience regarding pricing and costs for Vectra AI?

The licensing is on annual basis.

Check Point IPS vs Cisco Secure IPS (NGIPS)

Comparisons

Compared 22% of the time

Trend Micro TippingPoint Threat Protection System vs Cisco Secure IPS (NGIPS)

Compared 20% of the time

Fortinet FortiGate IPS vs Cisco Secure IPS (NGIPS)

Compared 19% of the time

Trellix Intrusion Prevention System vs Cisco Secure IPS (NGIPS)

Compared 12% of the time

Palo Alto Networks Advanced Threat Prevention vs Cisco Secure IPS (NGIPS)

Compared 11% of the time

More Cisco Secure IPS (NGIPS) Competitors

Darktrace vs Vectra AI

Compared 35% of the time

ExtraHop Reveal(x) vs Vectra AI

Compared 12% of the time

Cisco Secure Network Analytics vs Vectra AI

Compared 6% of the time

Arista NDR vs Vectra AI

Compared 6% of the time

Corelight vs Vectra AI

Compared 5% of the time

More Vectra AI Competitors

Product Reports

Download Cisco Secure IPS (NGIPS) product report

Cisco Secure IPS (NGIPS)

September 2024

Download Vectra AI product report

August 2024

Also Known As

Sourcefire NGIPS, Firepower NGIPS

Vectra Networks, Vectra AI NDR

Learn More

Cisco

Overview

Cisco Secure IPS (NGIPS) is designed for intrusion prevention, firewalling, and application filtering. It's deployed on-premises to secure networks and perform real-time traffic inspection, defining security policies to prevent malicious attacks.

Organizations use Cisco Secure IPS (NGIPS) to safeguard data centers, enterprise networks, and server environments. This technology integrates with advanced threat intelligence and multiple security features to enhance cybersecurity. Users deploy it at network perimeters, for firewall replacement, and to secure critical infrastructure. The platform supports modularity, anomaly detection, scalability, and centralized management, making it a comprehensive solution for modern security needs.

What are the key features of Cisco Secure IPS (NGIPS)?

Intrusion Prevention: Detects and blocks various network threats.
Automation: Streamlines security processes for efficiency.
Advanced Threat Detection: Identifies and mitigates sophisticated attacks.
Centralized Management: Simplifies oversight with a unified interface.
Anomaly Detection: Flags unusual behaviors and potential threats.
Compatibility with Firepower: Integrates seamlessly with other Cisco solutions.
DDoS Protection: Mitigates distributed denial-of-service attacks.
Signature Updates: Ensures the latest threat definitions are in use.
Access Policy Management: Enables precise control over user access.
Real-Time Traffic Inspection: Monitors traffic to detect threats immediately.

What benefits and ROI should users look for in reviews?

Enhanced Security: Improved protection against cyber threats.
Operational Efficiency: Reduced time and effort in managing security.
Scalability: Seamless scaling to accommodate growing network demands.
Compliance: Helps meet regulatory and industry standards.
Risk Mitigation: Reduced risk of data breaches and cyber attacks.
Visibility: Increased insight into network traffic and threats.

This technology is widely implemented across industries such as finance, healthcare, and retail, ensuring robust security for sensitive data and critical infrastructure. Typical deployments include network perimeters and data centers, providing real-time threat detection and unified security management. The combination of integrated threat intelligence and advanced security features helps enterprises strengthen their defenses against evolving cyber threats.

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Sample Customers

American Electric Power, Huntington Bank, Keycorp, Nationwide, Transunion, Marriott, Inova Health, Ford, Thomson Reuters, Dow Chemical, Equifax, Chevron, Walmart, Coca Cola

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association