Cisco NGIPS Room for Improvement

Kayode Adeagbo
Manager IT Security at UnitedHealth Group
It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own. It learns patterns, learns what good traffic looks like then is able to stop bad traffic, not just based on behavior but based on every other thing. I think other next-generation IPS solutions are turning towards integration of ML and AI. I need machine learning and the ability to share intelligence. View full review »
reviewer1261278
Associate Consultant at a tech company with 10,001+ employees
Currently, this product is difficult to manage. It needs to be more user-friendly. A lot of improvements can be made into the overall architecture of the firewall. It's lacking right now. It's something they need to work hard to improve. The reason for the lack of cohesion in the architecture is due to the fact that Cisco acquired this company and then they merged two products, the Cisco ASA and the Firepower product, into a single product. As a result, the product is not as mature as some of the other comparable products out in the industry. The price is in the high end of the spectrum, again, comparing to other players in the industry. The solution requires better management. When it comes to central management capabilities, improvements can be made. Better reporting in terms of analytics and dashboards would be very useful in future versions. View full review »
reviewer1083318
Network Infrastructure Program Manager at a non-profit with 1,001-5,000 employees
The file trajectory could be improved. We still have a web proxy but I think at some point we should not have two products. We should have only one product. Most of the features of the web proxy already exist in the UTM appliances. We have a debate as to whether it's the Cisco Firepower and UTM Appliance of next-generation firewall. But I consider both of them the same. So I would say if we have the caching and the other features which are unique features to the Web Proxy, I think Cisco will be number one if they are able to include such features in the future. View full review »
Learn what your peers think about Cisco NGIPS. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
446,626 professionals have used our research since 2012.
Ivan Radev
Network Security Consultant at Societe Generale Global Solution Centre
The configuration of this product can be simplified. I am an expert in this area because few people can do it. It requires a lot of training and documentation. I think that some initiation scripts might be helpful because they would make the configuration easier and more user-friendly for customers. View full review »
reviewer1133913
Senior Network Security Engineer at a health, wellness and fitness company with 10,001+ employees
The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery. You need that to really handle finding anomalies properly. In the past, I've noticed that some applications are not identified correctly, based on the OS and the fingerprints that they're pulling from the host. In the future, we would like to see more involvement with the on-premises hybrid cloud. We want to see Cisco do more in the cloud space, and basically improving the connection between on-premises and the cloud. This including things such as automation. View full review »
TariqueAshraf
Chief Technology Officer at a tech services company
We would like to see support for DDoS protection. The cost of adding additional throughput is very high and is an area of concern. Competing products such as FortiGate and TippingPoint have a much larger throughput at a smaller cost. The devices have certain limitations and to go beyond them, I need to change the hardware. For example, if I exceed the throughput on the 2000 series then I have to switch to the 4000 series. This one then has a limitation of perhaps fifty gigabytes, and if I exceed that, then I need to move to the 9000 series. By comparison, TippingPoint and FortiGate have no limit. If there was a software-based solution for scaling up then it would be much better. View full review »
AymenBoumaiza
Senior Consultant at Wevioo
There are some features not found in Firepower, like data loss prevention, and SSO, to have a connection between Cisco and Active Directory, which was introduced on other products. In the future, I'd like the same solution in other UTM solutions. I know it has an application filter, but it's not really improving. Also, DLP needs to prevent data loss. Those two features are really important now for firewalls and for the security. The data loss prevention really is the most asked for feature from the customer. Often they ask about how we can prevent loss of emails, of data, files. It's really important. View full review »
ITEnginec8d2
IT Engineer at a tech services company with 11-50 employees
The main problem with Firepower is the time between deployment and configuration. Now, it's approximately six minutes, so If I configure something during deployment, I understand that maybe if I write up a small mistake, I need to wait twelve minutes before I can fix the configuration. So I think the main problem is the time of deployment. The solution could add DLT, but it's already full enough of features. The interface could be simpler and more user-friendly. More flexibility with the dashboards is needed because some of them are not fully developed. We could use more flexible base boards. View full review »
Sachin Chaudhari
DGM IT Infra & Facility at a tech services company with 1-10 employees
I would like to see better support for preventing cross-scripting and brute-force attacks that may originate from our homegrown applications. This is needed because the applications that we are developing for internal use do not go through the heavy security check that we have in place. If there is some flaw in an application, which happens every now and then, then there will be a huge cost that I may have to pay. I would like to know that if I have a security solution in place then I am at least 99% confident that problems will be prevented. As it is now, I cannot say that I am 80% secure against my applications being attacked. Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture. Adding this type of functionality would make this product unbeatable. View full review »
Systenginr567
System Engineer at a tech services company with 11-50 employees
Overall, it lacks user-friendliness. It could be easier to manage. I can train any customer using FortiGate or Palo Alto in a few days, but with Cisco, it takes much more time because the systems aren't easy to use. It would be very nice to get rid of FlexConfig. It's a very unhelpful element of the solution. One feature that is lacking is full interoperability with CLI. You can configure Palo Alto and FortiGate with a graphical interface, and you can configure it with the command line. This is not so in Cisco. For professionals, this is important because the command line allows us to configure a lot of things and copy configurations and it's much easier. View full review »
Muhammad Aneel
Distribution officer at Wilshirelabs
Because of cybersecurity threats, other security features should be available in Cisco devices. Sangfor IAM is good because this provides the logging IAM feature which you can retain for up to 12 months. But Cisco does not provide this type of logging because no third-party logging server is supported with the Cisco firewall. View full review »
Networkadmn678
Network Administrator
The pricing is very expensive. They should make their equipment more affordable. Cisco should offer better integration capabilities and offer an easier integration process. View full review »
NGIPS677
Senior Manager, Network Infrastructure at a financial services firm with 5,001-10,000 employees
The aspect of private party integration solutions could be improved. I would like to see a sandboxing feature. And the options that people buy in modules, they need to packaged better as a baseline. View full review »
CyberEng8ecc
Cyber Engineer at a aerospace/defense firm with 10,001+ employees
* I would like to see better integration with SIEMs. * Better rule building using other tools, like LuaH and Python. * Better performance. * Better intelligence gathering in domains, the main URLs, and endpoint solutions. View full review »
Youssef Lakhlaifi
System Engineer at Sho
I have had a lot of problems with false positives and it would be helpful if this were improved. I would like to see integration with monitoring tools such as Nagios or BMC. An improved dashboard would be great. View full review »
Security8085
Security at a government with 1,001-5,000 employees
In the next release I would like to see better reporting. I also find it's hard to act on the data it gives you. View full review »
Shahul Hamid
IT Operations Officer at Kiran International
I would like to see the total performance for the users improved. We have a need for security, so we would like to see more protection against virus attacks and ransomware attacks. The inclusion of bandwidth management features would improve this product. I would like to have an API for application development. View full review »
Learn what your peers think about Cisco NGIPS. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
446,626 professionals have used our research since 2012.