Cisco NGIPS Review

Auto-scaling, powerful software fingerprint identification, and good technical support


What is our primary use case?

The NGIPS handles all of the IPS functionality for our security.

What is most valuable?

The most valuable feature for our cloud-based deployment is the autoscaling.

For our on-premises deployment, clustering is the most valuable.

I think their fingerprints are good in terms of how they whitelist and blacklist. This is because of Talos, which is really awesome. We use that a lot.

The anomaly detection capabilities are awesome.

What needs improvement?

The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery. You need that to really handle finding anomalies properly. In the past, I've noticed that some applications are not identified correctly, based on the OS and the fingerprints that they're pulling from the host.

In the future, we would like to see more involvement with the on-premises hybrid cloud. We want to see Cisco do more in the cloud space, and basically improving the connection between on-premises and the cloud. This including things such as automation.

For how long have I used the solution?

I have been using Cisco NGIPS for almost seven years.

What do I think about the stability of the solution?

The code is well-stabled right now and we've never had issues upgrading from one version to another. We've had it since version 2.0 and for every time we upgrade, it gets better. We're currently on version 6.6 and we're expecting that when 6.7 comes out, it will get better.

What do I think about the scalability of the solution?

This is a very scalable product. You can add multiple devices to the same policy and then push that out.

In the cloud space, scaling is done automatically based on the amount of traffic and the amount of bandwidth that's generated. It scales up and down, back and forth, as needed. For example, if there is not much traffic then it drops, whereas if there is a lot of traffic then it creates another FTD, and then it just shares the load with load balancing.

Everything is scaled properly both in the cloud and on-premises.

How are customer service and technical support?

Cisco's technical support is really good. I would say that they are number one. They follow up on their calls and tags, as well.

Which solution did I use previously and why did I switch?

I also have experience with Check Point and I find that the pricing is better with Cisco.

How was the initial setup?

The initial setup is straightforward. With the Firepower Threat Defense (FTD), everything is in one box. You can do everything from firewalls to IPS and more. It also includes the next-generation firewall.

It is an easy upgrade process that is easy to understand. I would say that from version 3.0, it has improved.

What's my experience with pricing, setup cost, and licensing?

The cost of the license depends on the level of support that you have with Cisco. 

What other advice do I have?

My advice for anybody who is implementing Cisco NGIPS is to read and understand all of the documentation before you start. Whatever it is that you might need help with, reach out to Cisco support and let them help you. The documentation is available and it is very understandable so you may not need their help. I would say that if you take your time to read it then you shouldn't have any problems in deploying.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

Which version of this solution are you currently using?

6.6
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Cisco NGIPS reviews from users
Learn what your peers think about Cisco NGIPS. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
523,372 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest