We performed a comparison between Check Point IPS and Cisco NGIPS based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Overall, it give me a lot of insight into my network that I didn't have before."
"The reports are useful in helping to verify the threats where we can see the level of severity in order to be able to take action."
"IPS can protect our organization with any old vulnerabilities or if any vulnerability detected minutes ago IPS can protect us as per our configured policy."
"Protection in real-time is very good. It helps us detect things on time and make decisions to improve perimeter security."
"Its event analysis and centralization features are very important for any organization."
"The Check Point IPS feature I find the most valuable is the firewall. It is great and easy to work with."
"IPS signatures can be set quite granularly depending on your environment. You can filter on performance impact, severity, and confidence which makes sizing and adapting easier."
"There's an automatic update after every 2 hours which makes sure that the database is up to date and providing zero-day vulnerability protection."
"The integration with the Cisco portfolio is very helpful."
"The features that I find most valuable are the DDoS protection, IPS/IDS, and Firepower for web application filtering."
"I've found the performance and stability to be the most valuable features of Cisco NGIPS. It is scalable as well."
"Technical support is quite good. With firewalls, the last cases I had with Cisco were professionally handled quite quickly and it was great."
"The solution gives us a lot of visibility into our security."
"We are satisfied with the technical support."
"The traffic filter of this solution is very valuable to us, and to our clients."
"The most valuable feature is its IPS ability. You are able to balance security and connectivity."
"Threat Prevention policies are not very easily manageable as there are several profiles/policies/etc. Therefore, there are several ways to add exceptions and check the configuration."
"I would like the product to provide us with intelligence to understand what we really have in our environment."
"Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns."
"Sometimes we had false positives where packages that were legitimate for us were blocked and we had to unblock them through exceptions."
"I am not aware of a preview channel or some repository to have a preview on upcoming signatures, however, this would be nice to have."
"The pain point that I have with this solution is contacting technical support."
"When entering, it always takes a long time to load."
"The tool's pricing could be better."
"We don't like its licensing model. It has separate licensing for all the features. For instance, to get URL filtering, you need to buy another license. Every feature set seems to require another license. Unless you purchase them all upfront, you find some surprises and realize that you can't do that because you need another license. Its logging isn't quite as good as it used to be in our previous solution. We used to have Cisco ASA, and we could view the logs a lot easier than NGIPS (also known as Firepower). We saw real-time logging, but we don't see that as much in Firepower."
"We would like to see some improvement in the configuration process for this solution, as it is currently quite complex."
"The GUI could be improved. The pain point is really only focused toward the security engineer who configures it and the operation engineer who manages it."
"The stability of the user console and some features could be easier to access."
"The only thing I think they may need to improve on a little bit is identifying software more correctly when you do network discovery."
"The onboarding process could be made a little bit better."
"The attack patterns and payloads go undetected in Cisco. We would like to see a new solution with more effective detection of attack patterns. There should be more data analyzing patterns as well which provides useful information."
"Cisco NGIPS could improve its ability to do SSL inspections. Sometimes the ability to do SSL inspection is not scalable and you might not be able to get the installment required if you don't size the right hardware."
Check Point IPS is ranked 3rd in Intrusion Detection and Prevention Software (IDPS) with 46 reviews while Cisco NGIPS is ranked 5th in Intrusion Detection and Prevention Software (IDPS) with 63 reviews. Check Point IPS is rated 8.6, while Cisco NGIPS is rated 8.2. The top reviewer of Check Point IPS writes "Great for detection and access with the capabilities of defining specific rules". On the other hand, the top reviewer of Cisco NGIPS writes "Very effective for malware and signature-based anomalies but stability needs improvement". Check Point IPS is most compared with Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Palo Alto Networks Advanced Threat Prevention, Trend Micro TippingPoint Threat Protection System and Fortinet FortiGate IPS, whereas Cisco NGIPS is most compared with Fortinet FortiGate IPS, Trend Micro TippingPoint Threat Protection System, Palo Alto Networks Advanced Threat Prevention, Cisco Sourcefire SNORT and Trellix Intrusion Prevention System. See our Check Point IPS vs. Cisco NGIPS report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.