We performed a comparison between Check Point IPS and Cisco NGIPS based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is that it protects us against hundreds of different attack vectors, like ransomware. The protection is always being triggered. People try to access websites that are categorized as malware, so when the users do a DNS request for the IP of those malware websites, the IPS Blade replaces the real IP of the website that is malware with a bogus IP. The user gets an IP that doesn't exist and when he tries to access, it won't work."
"There's less admin burden to detect these threats as Check Point IPS will do it all for you and suggest the best preventive actions to protect the network."
"IPS signatures can be set quite granularly depending on your environment. You can filter on performance impact, severity, and confidence which makes sizing and adapting easier."
"Its event analysis and centralization features are very important for any organization."
"The solution is user-friendly and the interface is easy to configure."
"This is a very stable product."
"It protects against specific known exploits but also, with SandBlast integration, it is able to protect against unknown or zero-day attacks at the perimeter level."
"The possibility of customizing the rules is great."
"Cisco NGIPS is working well overall with our current needs."
"The solution gives us a lot of visibility into our security."
"The URL filtering feature and the new locations feature are both valuable additions to the solution."
"It has good intelligence. It does a great job at stopping threats."
"Good IPS and VirtualBox features."
"The product's initial setup phase was easy."
"The thing about this solution that I like the most is that it's intuitive."
"The main advantages to Cisco are the scale, the integration, the training, and the possibility of finding somebody to work with."
"After the R80 release, there are almost all feature sets available under IPS Configuration. However, further to this, adding a direct vulnerability scan based on ports and protocol for every zone (LAN, DMZ, or Outside) will make Check Point very different compared to other vendors on the market."
"Having additional reports available would be helpful."
"The tool's pricing could be better."
"This is an expensive solution, higher than other products on the market."
"I would like to have the possibility of adding features to this IPS solution in the future."
"Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns."
"There is no standalone IPS appliance available."
"The pain point that I have with this solution is contacting technical support."
"We would like to see some improvement in the configuration process for this solution, as it is currently quite complex."
"I would like to see the sanctions lifted so we could use the full solution and have the speed increased."
"The price of Cisco NGIPS could improve."
"We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower."
"While the Management GUI and FMC could be improved, the devices themselves function well."
"The stability of the user console and some features could be easier to access."
"The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery."
"Cisco NGIPS could improve its ability to do SSL inspections. Sometimes the ability to do SSL inspection is not scalable and you might not be able to get the installment required if you don't size the right hardware."
Check Point IPS is ranked 3rd in Intrusion Detection and Prevention Software (IDPS) with 46 reviews while Cisco NGIPS is ranked 5th in Intrusion Detection and Prevention Software (IDPS) with 63 reviews. Check Point IPS is rated 8.6, while Cisco NGIPS is rated 8.2. The top reviewer of Check Point IPS writes "Great for detection and access with the capabilities of defining specific rules". On the other hand, the top reviewer of Cisco NGIPS writes "Very effective for malware and signature-based anomalies but stability needs improvement". Check Point IPS is most compared with Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Palo Alto Networks Advanced Threat Prevention, Trend Micro TippingPoint Threat Protection System and Fortinet FortiGate IPS, whereas Cisco NGIPS is most compared with Fortinet FortiGate IPS, Trend Micro TippingPoint Threat Protection System, Palo Alto Networks Advanced Threat Prevention, Cisco Sourcefire SNORT and Trellix Intrusion Prevention System. See our Check Point IPS vs. Cisco NGIPS report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.