Cisco NGIPS Review

A scalable solution with good support and a straightforward setup


What is our primary use case?

We use this solution for integration, installing, and supporting.

How has it helped my organization?

Cisco NGIPS dropped network Troyans and web application attac almost every day. That helps up to feel more secure.

What is most valuable?

I find the IPS feature the most valuable.

What needs improvement?

The main problem with Firepower is the time between deployment and configuration. Now, it's approximately six minutes, so If I configure something during deployment, I understand that maybe if I write up a small mistake, I need to wait twelve minutes before I can fix the configuration. So I think the main problem is the time of deployment.

The solution could add DLT, but it's already full enough of features.

The interface could be simpler and more user-friendly. More flexibility with the dashboards is needed because some of them are not fully developed. We could use more flexible base boards.

For how long have I used the solution?

I've been using this solution for one year.

What do I think about the stability of the solution?

For the years we've been using Firepower we have only one or two cases of instability. There were only one or two unpredictable things.

One case was fasten with Active/standby switchover. After switchover some networks has been lost. After rebooting the standby FP next switchover was without problem.

Another case was associated with setting up of NAT. It was a FirePower nuance. Only the second TAC engineer helped us with it.

What do I think about the scalability of the solution?

I find the solution really scalable.

How are customer service and technical support?

I'd give technical support a five out of five. When things need to get solved, they get solved.

If you previously used a different solution, which one did you use and why did you switch?

We used to have ASA 5520. But in time we needed more security features to secure our services and users.

How was the initial setup?

The initial setup wasn't complex or complicated. Everything was clear. The initial configuration took a day, but the company that we support has a very complicated topology. During the deployment, they had a different idea about how the configuration should be. Because the customer didn't know what they wanted, the files and the deployment took approximately three or four months. 

For deployment, it depends on the company. It depends on the company's complicated topology. If it's too complicated, then maybe you need two engineers to support Firepower. For employees, you need only one, with a second as a standby in case something goes wrong with the primary engineer, so I'd say you need two engineers to maintain the solution.

What about the implementation team?

I handled the implementation myself.

Which other solutions did I evaluate?

The company is Cisco oriented and Cisco is a leader in security Gartner Quadrant for Enterprise Network Firewalls.

What other advice do I have?

My advice for anybody implementing this solution is to follow the instructions carefully.

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Add a Comment
Guest
Sign Up with Email