Cisco NGIPS Review

Works very well, very stable and scalable, and easy to use

What is our primary use case?

It is our main firewall. We use it for reporting and for firewall purposes to block unwanted inputs and outputs.

What is most valuable?

Its ease of use and its ability to block and allow ports in and out of our organization are the most valuable features.

It works very well. It gives us all the information that we need.

What needs improvement?

We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. 

Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower.

For how long have I used the solution?

I have been using this solution for two years.

What do I think about the stability of the solution?

It has been very stable. I don't think it has gone down at all in two years.

What do I think about the scalability of the solution?

It is very scalable. In terms of the number of users, we have 26,000 students and 3,500 staff members. Everybody in our organization goes through it and takes advantage of it on our system. We have about five people who are managing it, and they are from the network group, infrastructure group, and storage group.

How are customer service and technical support?

We did have some engagement with the technical support people regarding the integration with Nexus Switches, and they were very good. They helped us out quite a bit.

Which solution did I use previously and why did I switch?

We were using Cisco ASAs. They were going out of service. They were going out of sale and support. So, we decided to move to Firepower. We wanted to go to the Next-Gen IPS type of stuff, and ASAs didn't have that kind of feature set.

How was the initial setup?

It was quite complex. It required some workarounds with other network components in our system. It could have been a lot less complicated. Nexus Switches that we had were a little bit older, and they didn't integrate as well with Firepower as they could have. So, we ended up having to buy some new switches. 

The deployment pretty much took about three weeks. It involved moving all of our stuff from our old firewall onto the new one. Rules were a little different, so we had to work on it for a while. Fortunately, we could run them in parallel, so it worked out okay.

What about the implementation team?

We did it in-house.

What was our ROI?

It has definitely given us our return on the investment.

What's my experience with pricing, setup cost, and licensing?

It is expensive. It has separate licensing for all the features, and every feature set seems to require another license.

Licensing is on a yearly basis. There are no additional costs besides the standard licensing fee.

What other advice do I have?

I would advise others to make sure that the rest of their equipment is completely compatible with the newest Firepowers.

I would rate Cisco NGIPS an eight out of ten. It gives us all the information that we need. We've got to dig for it sometimes, but it is a good product.

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Cisco NGIPS reviews from users
Learn what your peers think about Cisco NGIPS. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
523,372 professionals have used our research since 2012.
Add a Comment
ITCS user