We performed a comparison between Cisco NGIPS and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The top features of Cisco NGIPS, which have been working very well, include stateful inspection and the access list-based security configuration. But from my perspective, the best part of Cisco NGIPS is the licensing process, which is very easy and straightforward. It's essentially copy-paste licensing."
"The solution very effectively provides malware protection and signature-based anomaly detection."
"It has aligned the features in accordance to our strategic needs"
"Cisco NGIPS is working well overall with our current needs."
"The tracking intelligence feature is very good. This solution provides us with the opportunity to detect threats in real-time."
"The IPS functionality is useful if you have offices all over the place. It's nice to have centralized management instead of going to a separate ASA or FirePOWER device."
"The solution is very powerful coupled with Firepower."
"Ir's signature-based. We are also using the anomaly baseline formation, where it links the network, then anything that goes away from the norm is also flagged. Those are the two most valuable features."
"This intelligent user behavior analytics package is easy to configure and use while remaining feature filled."
"It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap."
"It is a solution that helps test and measure customer satisfaction."
"The most valuable features are the indexing and powerful search features."
"The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus."
"The solution is definitely scalable."
"The solution appears to be stable, although we haven't used it heavily."
"It's easily scalable."
"The stability of the user console and some features could be easier to access."
"The CLI, the console line interface, of the FTD could be improved. It's very complex, so without a GUI, it doesn't work well. I would like it to be more simple."
"If there was a software-based solution for scaling up then it would be much better."
"The onboarding process could be made a little bit better."
"It has room for improvement when it comes to integrating machine learning and AI into it where even if you don't have a baseline that is of length for anomaly detection, it could do more like an AI style machine learning. It learns on its own."
"Our customers are still facing many bugs on the system. It has matured noticeably, but we are still facing multiple stability issues on Firepower. There are more than 80 or 90 bugs for each release node. It's a considerable number of bugs."
"I would like to see integration with monitoring tools such as Nagios or BMC."
"We have a separate management controller for Cisco NGIPS. If they have not done it already they should integrate Cisco NGIPS with the Cloud Portal."
"In the future I would like to see simplified statistics and analytical threats."
"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."
"There are occasional bugs."
"I'm not aware of any lacking features."
"If the price was lowered and the setup process was less complex, I would consider rating it higher."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"We'd like the ability to do custom searches."
"It could be easier to scale the solution if you are using it on-premise, not in the cloud."
More Splunk User Behavior Analytics Pricing and Cost Advice →
Cisco NGIPS is ranked 5th in Intrusion Detection and Prevention Software (IDPS) with 62 reviews while Splunk User Behavior Analytics is ranked 12th in Intrusion Detection and Prevention Software (IDPS) with 17 reviews. Cisco NGIPS is rated 8.2, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of Cisco NGIPS writes "Very effective for malware and signature-based anomalies but stability needs improvement". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". Cisco NGIPS is most compared with Check Point IPS, Fortinet FortiGate IPS, Trend Micro TippingPoint Threat Protection System, Cisco Sourcefire SNORT and Palo Alto Networks Advanced Threat Prevention, whereas Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, IBM Security QRadar, Varonis Datalert and Cynet. See our Cisco NGIPS vs. Splunk User Behavior Analytics report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.