Cisco Secure IPS (NGIPS) vs Vectra AI comparison

Read 44 Vectra AI reviews

5,797 Views
2,912 Comparison Views

97% willing to recommend

Cisco Secure IPS (NGIPS)

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 19, 2024

Vectra AI and Cisco Secure IPS (NGIPS) compete in cybersecurity solutions. Vectra AI holds the upper hand in threat detection accuracy and prioritization, whereas Cisco Secure IPS is distinguished by strong integration features.

Features: Vectra AI is recognized for its accuracy in threat detection across the attack lifecycle and reduces alert fatigue through aggregated risk scores, allowing effective resource prioritization. It efficiently correlates various alerts into single incidents for better prioritization. Cisco Secure IPS (NGIPS) is renowned for its seamless integration within Cisco's product suite, enhanced third-party integrations, and robust network-level threat detection capabilities.

Room for Improvement: Vectra AI requires better integration with SIEM systems and improved customization. Users also call for reduced false positives and better handling of syslogs aligning user and host data. Cisco Secure IPS (NGIPS) can improve in network performance, price competitiveness, DDoS protection support, and refinement of management consoles, with easier handling of hybrid deployments.

Ease of Deployment and Customer Service: Vectra AI deployments are mainly on-premises and hybrid cloud, noted for responsive technical support and incorporating customer feedback into updates. Cisco Secure IPS shares a similar deployment model, with established technical support, although high-volume deployment handling could be simplified.

Pricing and ROI: Vectra AI is seen as costly with complex licensing, concerns raised by smaller organizations despite security enhancement benefits. Cisco Secure IPS is similarly priced, justified by comprehensive features. Both solutions present substantial security value with inherently complex ROI measurement in cybersecurity.

To learn more, read our detailed Cisco Secure IPS (NGIPS) vs. Vectra AI Report (Updated: January 2025).

Cisco Secure IPS (NGIPS) vs. Vectra AI

January 2025

Download the complete report

Helped 831,158 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure IPS (NGIPS)

Ranking in Intrusion Detection and Prevention Software (IDPS)

6th

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Vectra AI

Ranking in Intrusion Detection and Prevention Software (IDPS)

2nd

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (5th)

Mindshare comparison

As of January 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Secure IPS (NGIPS) is 4.2%, down from 4.6% compared to the previous year. The mindshare of Vectra AI is 11.9%, up from 9.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

YoussefBoukari

Solution Director - CTO at Huawei

Very effective for malware and signature-based anomalies but stability needs improvement

Our company uses the solution for data functions in banking. It is a backend solution in the server center. We analyze traffic and adapt configurations or customize policies to the environment of the IPS itself. The solution very effectively provides malware protection and signature-based…

Read full review

Mohammad Alkurdi

Owner at Fortibits

Innovative detection features enhance monitoring

The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Cisco NGIPS is working well overall with our current needs."

"The most valuable features are the intrusion detection ones."

"The most valuable feature of Cisco NGIPS is the centralized user interface. You have the ability to quickly push out configurations across your environment using the Cisco UI. It's a powerful capability of that solution."

"The solution very effectively provides malware protection and signature-based anomaly detection."

"The product's initial setup phase was easy."

"The solution is very stable."

"I like Firepower's automation, and the security intelligence is a powerful feature."

"NGIPS lets you map web requests to a specific user to determine who is downloading files and what they are accessing. You can use it to identify users downloading malware or track time wasters using Facebook or something like that. It gives you visibility into what your users are doing on the Internet."

More Cisco Secure IPS (NGIPS) pros

"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."

"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."

"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."

"The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those."

"The solution is currently used as a central threat detection and response system."

"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."

"It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response."

"Some valuable features of Vectra AI are that it is very intuitive and that there are only a small amount of false positives. Therefore, it's an effective solution."

More Vectra AI pros

Cons

"My opinion is that this solution should improve the pricing."

"The stability of the user console and some features could be easier to access."

"The aspect of private party integration solutions could be improved."

"I would like to see the sanctions lifted so we could use the full solution and have the speed increased."

"Some Next-Generation Firewall solutions come with Intrusion Prevention. It would be nice if Cisco NGIPS included that."

"Our customers are still facing many bugs on the system. It has matured noticeably, but we are still facing multiple stability issues on Firepower. There are more than 80 or 90 bugs for each release node. It's a considerable number of bugs."

"The solution would be better if it offered customers more integrations and more signatures."

"The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery."

More Cisco Secure IPS (NGIPS) cons

"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."

"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."

"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."

"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."

"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."

"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."

"One of the things I am not so happy about when it comes to Vectra is the scoring board."

"ExtraHop has better features that seem more advantageous when compared to Vectra."

More Vectra AI cons

Pricing and Cost Advice

"I usually work with Fortinet and FortiGate which is a lower cost in comparison with Cisco NGIPS."

"I would rate the pricing four out of 10."

"The price of the solution is expensive to a degree it cannot be used by small businesses. It is best suited for medium and enterprise businesses."

"This is an expensive product, with the biggest cost being the license that keeps the service going."

"The pricing could be improved. Our customers have a yearly license."

"NGIPS is expensive."

"It is expensive. It has separate licensing for all the features, and every feature set seems to require another license. Licensing is on a yearly basis. There are no additional costs besides the standard licensing fee."

"This is a very affordable product."

More Cisco Secure IPS (NGIPS) pricing and cost advice

"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."

"It is an expensive solution, but it's not the most expensive we've seen. We also know how much we're going to pay, unlike with some other providers where all of a sudden our license explodes."

"The licensing is on an annual basis."

"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."

"The pricing is very good. It's less expensive than many of the tools out there."

"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."

"Cost is a big factor, as always. However, I think we have a very good price–performance ratio."

"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."

More Vectra AI pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

831,158 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

University

12%

Financial Services Firm

Educational Organization

Computer Software Company

15%

Financial Services Firm

12%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco NGIPS?

The product's initial setup phase was easy.

What is your experience regarding pricing and costs for Cisco NGIPS?

The pricing is standard and there is no issue.

What needs improvement with Cisco NGIPS?

The dashboard is quite old compared to today's technology. We would like to see improvements in the dashboard features.

What is the biggest difference between Corelight and Vectra AI?

The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...

What do you like most about Vectra AI?

The solution is currently used as a central threat detection and response system.

What is your experience regarding pricing and costs for Vectra AI?

Vectra is cheaper in terms of pricing and features compared to Darktrace.

Fortinet FortiGate IPS vs Cisco Secure IPS (NGIPS)

Comparisons

Compared 21% of the time

Check Point IPS vs Cisco Secure IPS (NGIPS)

Compared 21% of the time

Trend Micro TippingPoint Threat Protection System vs Cisco Secure IPS (NGIPS)

Compared 20% of the time

Trellix Intrusion Prevention System vs Cisco Secure IPS (NGIPS)

Compared 14% of the time

Cisco Sourcefire SNORT vs Cisco Secure IPS (NGIPS)

Compared 12% of the time

More Cisco Secure IPS (NGIPS) Competitors

Darktrace vs Vectra AI

Compared 35% of the time

ExtraHop Reveal(x) vs Vectra AI

Compared 12% of the time

Cisco Secure Network Analytics vs Vectra AI

Compared 6% of the time

Arista NDR vs Vectra AI

Compared 5% of the time

Corelight vs Vectra AI

Compared 5% of the time

More Vectra AI Competitors

Product Reports

Download Cisco Secure IPS (NGIPS) product report

Cisco Secure IPS (NGIPS)

January 2025

Download Vectra AI product report

December 2024

Also Known As

Sourcefire NGIPS, Firepower NGIPS

Vectra Networks, Vectra AI NDR

Learn More

Cisco

Overview

Cisco Secure IPS (NGIPS) is designed for intrusion prevention, firewalling, and application filtering. It's deployed on-premises to secure networks and perform real-time traffic inspection, defining security policies to prevent malicious attacks.

Organizations use Cisco Secure IPS (NGIPS) to safeguard data centers, enterprise networks, and server environments. This technology integrates with advanced threat intelligence and multiple security features to enhance cybersecurity. Users deploy it at network perimeters, for firewall replacement, and to secure critical infrastructure. The platform supports modularity, anomaly detection, scalability, and centralized management, making it a comprehensive solution for modern security needs.

What are the key features of Cisco Secure IPS (NGIPS)?

Intrusion Prevention: Detects and blocks various network threats.
Automation: Streamlines security processes for efficiency.
Advanced Threat Detection: Identifies and mitigates sophisticated attacks.
Centralized Management: Simplifies oversight with a unified interface.
Anomaly Detection: Flags unusual behaviors and potential threats.
Compatibility with Firepower: Integrates seamlessly with other Cisco solutions.
DDoS Protection: Mitigates distributed denial-of-service attacks.
Signature Updates: Ensures the latest threat definitions are in use.
Access Policy Management: Enables precise control over user access.
Real-Time Traffic Inspection: Monitors traffic to detect threats immediately.

What benefits and ROI should users look for in reviews?

Enhanced Security: Improved protection against cyber threats.
Operational Efficiency: Reduced time and effort in managing security.
Scalability: Seamless scaling to accommodate growing network demands.
Compliance: Helps meet regulatory and industry standards.
Risk Mitigation: Reduced risk of data breaches and cyber attacks.
Visibility: Increased insight into network traffic and threats.

This technology is widely implemented across industries such as finance, healthcare, and retail, ensuring robust security for sensitive data and critical infrastructure. Typical deployments include network perimeters and data centers, providing real-time threat detection and unified security management. The combination of integrated threat intelligence and advanced security features helps enterprises strengthen their defenses against evolving cyber threats.

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Sample Customers

American Electric Power, Huntington Bank, Keycorp, Nationwide, Transunion, Marriott, Inova Health, Ford, Thomson Reuters, Dow Chemical, Equifax, Chevron, Walmart, Coca Cola

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association