We performed a comparison between Check Point IPS and Cisco NGIPS based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Check Point IPS feature I find the most valuable is the firewall. It is great and easy to work with."
"The most valuable feature of Check Point IPS is the management of devices and policies."
"The notifications are the most valuable feature of the solution."
"The tool's most valuable feature is its detection panel. Managing and updating policies within Check Point IPS is easy and without issues. It provides a secure network."
"The reports are useful in helping to verify the threats where we can see the level of severity in order to be able to take action."
"Protection in real-time is very good. It helps us detect things on time and make decisions to improve perimeter security."
"User-friendly and easy to implement."
"IPS easily allows follow-up flags on recently updated patterns. If, in rare cases, a false positive does occur, it is quickly detected and an exception can be easily created."
"The most valuable feature would be the IPS is very important in Cisco Firepower because I can configure deep configuration in IPS and tuning."
"It is more or less stable. Sometimes I have some issues normally when we need to upgrade it to newer versions. I think it does the job."
"This is a stable solution."
"The solution is stable. This is one of the good things in Firepower. Especially if we use ESE with it."
"The initial setup wasn't complex or complicated."
"We have found the IPS detection to be a very valuable feature of this solution. It is easy to use to stop policy violations."
"We like the Cisco product, the concept, and the tech intelligence."
"NGIPS lets you map web requests to a specific user to determine who is downloading files and what they are accessing. You can use it to identify users downloading malware or track time wasters using Facebook or something like that. It gives you visibility into what your users are doing on the Internet."
"We have a lot of false positives and the list of IPs are not up to date in terms of their location."
"There is an issue with precision."
"The installation documentation has room for improvement."
"The hardware-based version of Check Point IPS could be more scalable. Right now, it's not scalable."
"Sometimes protections are 'aggregated' into a single threat name when you look at the logs. I would prefer to see all protections named individually (for example, right now, 'web enforcement' is a category that contains several signatures)."
"After the R80 release, there are almost all feature sets available under IPS Configuration. However, further to this, adding a direct vulnerability scan based on ports and protocol for every zone (LAN, DMZ, or Outside) will make Check Point very different compared to other vendors on the market."
"The cost is high."
"I hear from my admin that the firmware upgrade process is quite cumbersome."
"If there was a software-based solution for scaling up then it would be much better."
"Multi-internet line load balancing should be supported."
"We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower."
"The solution should contain the sandbox features which we find in Check Point."
"The look and feel of the console could be updated."
"I would recommend this solution to others for medium, large, and enterprise businesses only."
"The inclusion of bandwidth management features would improve this product."
"What I don't like about Cisco recently is they keep changing the names, which makes it hard for customers and sometimes even us as engineers to know what is the solution they are speaking about. For example, with AMP, now they call it Secure Endpoint and I don't know if in the next couple of years they're going to change it to something else. They should keep the names the same."
Check Point IPS is ranked 3rd in Intrusion Detection and Prevention Software (IDPS) with 45 reviews while Cisco NGIPS is ranked 5th in Intrusion Detection and Prevention Software (IDPS) with 62 reviews. Check Point IPS is rated 8.6, while Cisco NGIPS is rated 8.2. The top reviewer of Check Point IPS writes "Great for detection and access with the capabilities of defining specific rules". On the other hand, the top reviewer of Cisco NGIPS writes "Very effective for malware and signature-based anomalies but stability needs improvement". Check Point IPS is most compared with Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Palo Alto Networks Advanced Threat Prevention, Trend Micro TippingPoint Threat Protection System and Fortinet FortiGate IPS, whereas Cisco NGIPS is most compared with Fortinet FortiGate IPS, Trend Micro TippingPoint Threat Protection System, Cisco Sourcefire SNORT, Palo Alto Networks Advanced Threat Prevention and Trellix Intrusion Prevention System. See our Check Point IPS vs. Cisco NGIPS report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.