If you were talking to someone whose organization is considering Cisco NGIPS, what would you say?
How would you rate it and why? Any other tips or advice?
The advice I would give to others thinking about implementing the solution is to make sure you have a solid knowledge of the network. I would rate this solution eight out of ten.
We use the on-premises deployment model. Ten years ago, when you sold Cisco to clients, customers complained about the price but they knew they were buying the best product in the market. It is totally different now. If they want to buy the best product in the market, they buy Palo Alto or Check Point. Cisco is trying to catch up to the competition. When we talk about just the IPS manufacturers, I would rate the solution around six or seven out of ten. If we're talking about Cisco as a whole, I would rate them eight out of ten.
This is a great product. My advice for anybody who is considering this solution is that I would recommend it to anyone who can afford the price of the license. I would rate this solution an eight out of ten.
This is a good solution that I recommend, but there is room for more features to be included. I would rate this solution a nine out of ten.
This is a solution that I recommend for IPS. I would rate this solution a seven out of ten.
The solution is extensively used. We have a policy, from a permission security perspective, that you need to have diversity in the vendors and diversity in the products. We have some areas which are using these products and other areas which is using different products. It's a really good product, but you need to give it some time to form a sort of baseline, before enabling all the features. You need to study the product well because the product will decrease to around 35-40% of the actual product when you start to enable features. Like the application and inspection, the SSL decryption, the URL filtering, and the ITSM inspection. If you enable more features, you will decrease a little bit of the property. Whoever selects the device initially needs to plan which features they are going to use and they might have to shift the sizing of the product. They might need a high-end appliance or a smaller low-end appliance based on the features they are going to use. I would give the solution 9 out of 10.
If someone wants to use Cisco Firepower, the solution is easy. The complete solution is the best for having the full security of a Cisco infrastructure. If I could advise someone with the deployment, I would advise taking the complete solution, in order to have a really scalable and stable solution. Or, if you can't take the complete solution, I'd advise taking a cluster of Firepower to have the scalability and stability. I would rate this solution a 7 or 8 out of 10. If they could add a few of the mentioned features or do something more with the application filter it would be a 9 or a 10 out of 10.
My advice for anybody implementing this solution is to follow the instructions carefully. I would rate this solution an eight out of ten.
We're using it continuously. We plan to increase usage. During setup, I would advise that you must spend more time on planning. If you do, the transition is easier. I would rate this solution 6 out of 10. The time it takes for the product to mature, the maturity journey, the product maturity cycle, takes too long.
The product is a ten because it is the only product in the market like this.
Get a good demo to test it out or do a proof of concept to see if it it's what you're looking for. I rate it an eight out of ten. Eight because it's good at detecting and stopping threats. Those other two points that would make it a ten are better usability and reporting.