Cisco Secure IPS (NGIPS) vs Vectra AI comparison

Read 44 Vectra AI reviews

5,639 Views
2,828 Comparison Views

97% willing to recommend

Cisco Secure IPS (NGIPS)

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 19, 2024

Vectra AI and Cisco Secure IPS (NGIPS) compete in cybersecurity solutions. Vectra AI holds the upper hand in threat detection accuracy and prioritization, whereas Cisco Secure IPS is distinguished by strong integration features.

Features: Vectra AI is recognized for its accuracy in threat detection across the attack lifecycle and reduces alert fatigue through aggregated risk scores, allowing effective resource prioritization. It efficiently correlates various alerts into single incidents for better prioritization. Cisco Secure IPS (NGIPS) is renowned for its seamless integration within Cisco's product suite, enhanced third-party integrations, and robust network-level threat detection capabilities.

Room for Improvement: Vectra AI requires better integration with SIEM systems and improved customization. Users also call for reduced false positives and better handling of syslogs aligning user and host data. Cisco Secure IPS (NGIPS) can improve in network performance, price competitiveness, DDoS protection support, and refinement of management consoles, with easier handling of hybrid deployments.

Ease of Deployment and Customer Service: Vectra AI deployments are mainly on-premises and hybrid cloud, noted for responsive technical support and incorporating customer feedback into updates. Cisco Secure IPS shares a similar deployment model, with established technical support, although high-volume deployment handling could be simplified.

Pricing and ROI: Vectra AI is seen as costly with complex licensing, concerns raised by smaller organizations despite security enhancement benefits. Cisco Secure IPS is similarly priced, justified by comprehensive features. Both solutions present substantial security value with inherently complex ROI measurement in cybersecurity.

To learn more, read our detailed Cisco Secure IPS (NGIPS) vs. Vectra AI Report (Updated: January 2025).

Cisco Secure IPS (NGIPS) vs. Vectra AI

January 2025

Download the complete report

Helped 838,640 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure IPS (NGIPS)

Ranking in Intrusion Detection and Prevention Software (IDPS)

6th

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Vectra AI

Ranking in Intrusion Detection and Prevention Software (IDPS)

2nd

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (5th)

Mindshare comparison

As of February 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Secure IPS (NGIPS) is 4.2%, down from 4.6% compared to the previous year. The mindshare of Vectra AI is 11.8%, up from 10.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

YoussefBoukari

Solution Director - CTO at Huawei

Very effective for malware and signature-based anomalies but stability needs improvement

Our company uses the solution for data functions in banking. It is a backend solution in the server center. We analyze traffic and adapt configurations or customize policies to the environment of the IPS itself. The solution very effectively provides malware protection and signature-based…

Read full review

Mohammad Alkurdi

Owner at Fortibits

Innovative detection features enhance monitoring

The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The product's initial setup phase was easy."

"The solution very effectively provides malware protection and signature-based anomaly detection."

"Cisco has many products that are easily integrated with other services."

"We primarily use this solution as an application filter and for IPS."

"The top features of Cisco NGIPS, which have been working very well, include stateful inspection and the access list-based security configuration. But from my perspective, the best part of Cisco NGIPS is the licensing process, which is very easy and straightforward. It's essentially copy-paste licensing."

"The initial setup wasn't complex or complicated."

"I think their fingerprints are good in terms of how they whitelist and blacklist."

"It is more or less stable. Sometimes I have some issues normally when we need to upgrade it to newer versions. I think it does the job."

More Cisco Secure IPS (NGIPS) pros

"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."

"Some valuable features of Vectra AI are that it is very intuitive and that there are only a small amount of false positives. Therefore, it's an effective solution."

"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."

"We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force."

"The core product provides excellent visibility, but my favorite feature is Vectra Recall."

"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."

"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."

"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."

More Vectra AI pros

Cons

"The price is a little high. It's hard to find solutions that are easy on the budget and strike a balance between affordability and features."

"The initial setup is a bit complex because it requires a lot of configuration, firewall and zoning."

"It is no longer scalable because it has gone end of life."

"The file trajectory, the trace in contamination files, could be improved."

"It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own."

"Multi-internet line load balancing should be supported."

"I would recommend this solution to others for medium, large, and enterprise businesses only."

"Cisco NGIPS could improve its ability to do SSL inspections. Sometimes the ability to do SSL inspection is not scalable and you might not be able to get the installment required if you don't size the right hardware."

More Cisco Secure IPS (NGIPS) cons

"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."

"One of the things I am not so happy about when it comes to Vectra is the scoring board."

"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."

"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."

"The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit."

"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."

"We are using SMB 3.0, which is an encrypted protocol. When we get some alerts or something, we cannot go deep into the protocol to see what's wrong because it's encrypted. We need to decrypt the protocol in another way, which is quite difficult. We might go back to SMB 2.0 just for this reason, but that's not a good solution."

"A blind spot that I have is around the ease with which you can automate threat intervention."

More Vectra AI cons

Pricing and Cost Advice

"The licensing can be billed annually or in multi-year contracts such as three, four, or five years."

"Cisco products are always expensive, but if you can afford the price then it's a great solution."

"The tool's licensing costs are yearly."

"There is a license required to use Cisco NGIPS and it can be a one or three-year license."

"NGIPS is expensive."

"The price for additional throughput is the highest in the industry."

"The annual licensing tends to be expensive, but in terms of implementing the licenses, it's a very uncomplicated process and as easy as copy-paste in its straightforwardness."

"This is an expensive product, with the biggest cost being the license that keeps the service going."

More Cisco Secure IPS (NGIPS) pricing and cost advice

"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."

"Vectra AI's pricing is cheaper than that of Darktrace."

"Vectra is a bit on the higher side in terms of price, but they have always been transparent. The reason that they are this good is that they invest, so they need to charge accordingly."

"The pricing is very good. It's less expensive than many of the tools out there."

"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."

"The pricing is high."

"The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses."

"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."

More Vectra AI pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

838,640 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

University

12%

Financial Services Firm

Educational Organization

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco NGIPS?

The product's initial setup phase was easy.

What is your experience regarding pricing and costs for Cisco NGIPS?

The pricing is standard and there is no issue.

What needs improvement with Cisco NGIPS?

The dashboard is quite old compared to today's technology. We would like to see improvements in the dashboard features.

What is the biggest difference between Corelight and Vectra AI?

The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...

What do you like most about Vectra AI?

The solution is currently used as a central threat detection and response system.

What is your experience regarding pricing and costs for Vectra AI?

It is very acceptable when you compare it with Darktrace, for example.

Fortinet FortiGate IPS vs Cisco Secure IPS (NGIPS)

Comparisons

Compared 23% of the time

Trend Micro TippingPoint Threat Protection System vs Cisco Secure IPS (NGIPS)

Compared 19% of the time

Check Point IPS vs Cisco Secure IPS (NGIPS)

Compared 18% of the time

Trellix Intrusion Prevention System vs Cisco Secure IPS (NGIPS)

Compared 14% of the time

Cisco Sourcefire SNORT vs Cisco Secure IPS (NGIPS)

Compared 13% of the time

More Cisco Secure IPS (NGIPS) Competitors

Darktrace vs Vectra AI

Compared 34% of the time

ExtraHop Reveal(x) vs Vectra AI

Compared 11% of the time

Cisco Secure Network Analytics vs Vectra AI

Compared 6% of the time

Corelight vs Vectra AI

Compared 6% of the time

Arista NDR vs Vectra AI

Compared 5% of the time

More Vectra AI Competitors

Product Reports

Download Cisco Secure IPS (NGIPS) product report

Cisco Secure IPS (NGIPS)

February 2025

Download Vectra AI product report

January 2025

Also Known As

Sourcefire NGIPS, Firepower NGIPS

Vectra Networks, Vectra AI NDR

Overview

Cisco Secure IPS (NGIPS) is designed for intrusion prevention, firewalling, and application filtering. It's deployed on-premises to secure networks and perform real-time traffic inspection, defining security policies to prevent malicious attacks.

Organizations use Cisco Secure IPS (NGIPS) to safeguard data centers, enterprise networks, and server environments. This technology integrates with advanced threat intelligence and multiple security features to enhance cybersecurity. Users deploy it at network perimeters, for firewall replacement, and to secure critical infrastructure. The platform supports modularity, anomaly detection, scalability, and centralized management, making it a comprehensive solution for modern security needs.

What are the key features of Cisco Secure IPS (NGIPS)?

Intrusion Prevention: Detects and blocks various network threats.
Automation: Streamlines security processes for efficiency.
Advanced Threat Detection: Identifies and mitigates sophisticated attacks.
Centralized Management: Simplifies oversight with a unified interface.
Anomaly Detection: Flags unusual behaviors and potential threats.
Compatibility with Firepower: Integrates seamlessly with other Cisco solutions.
DDoS Protection: Mitigates distributed denial-of-service attacks.
Signature Updates: Ensures the latest threat definitions are in use.
Access Policy Management: Enables precise control over user access.
Real-Time Traffic Inspection: Monitors traffic to detect threats immediately.

What benefits and ROI should users look for in reviews?

Enhanced Security: Improved protection against cyber threats.
Operational Efficiency: Reduced time and effort in managing security.
Scalability: Seamless scaling to accommodate growing network demands.
Compliance: Helps meet regulatory and industry standards.
Risk Mitigation: Reduced risk of data breaches and cyber attacks.
Visibility: Increased insight into network traffic and threats.

This technology is widely implemented across industries such as finance, healthcare, and retail, ensuring robust security for sensitive data and critical infrastructure. Typical deployments include network perimeters and data centers, providing real-time threat detection and unified security management. The combination of integrated threat intelligence and advanced security features helps enterprises strengthen their defenses against evolving cyber threats.

Cisco

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Sample Customers

American Electric Power, Huntington Bank, Keycorp, Nationwide, Transunion, Marriott, Inova Health, Ford, Thomson Reuters, Dow Chemical, Equifax, Chevron, Walmart, Coca Cola

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association