Cisco Secure IPS (formerly Firepower Next-Generation Intrusion Prevention System, or NGIPS) is an intrusion detection response system that produces security data and enhances the analysis by InsightOps. The technology replaces the former Sourcefire 3D IPS. Cisco acquired Sourcefire in 2013.
N/A
Trellix Network Security
Score 8.5 out of 10
Enterprise companies (1,001+ employees)
Trellix Network Security (formerly FireEye Network Security and Forensics products) combines network traffic analysis and network forensics for attack analysis .
Cisco Secure IPS is required for every organization and it gives us all the advanced security features for more visibility and control on our incoming and outgoing network traffic. We can easy to configure and management is also very easy. You can deploy in the existing network very easily. The price is very low and performance is very high and it works very quickly on threats and takes the necessary action.
It’s a dedicated Network Advanced Threat Detection and Prevention solution. Easy maintenance and low operating costs fit perfectly for SMEs. Variety of appliance selection makes NX the perfect choice for large enterprises. As it’s a dedicated solution with its own appliance, price is higher compared to NGTP add on solutions. FireEye is an ecosystem therefore when you’ve the EX or HX vice versa, you should be looking to NX. Otherwise, you’re missing the threat intel exchange on the network side reverse is the true. Sizing is important before the purchase, if you select a low end model for a busy network you lose your initial investment. For multiple NX deployments I highly recommend CMS. Without CMS you’ll lose the threat intel exchange and this will negatively reduce the risk scores.
The option to deploy it as a virtual machine in a UCS-E inside a Cisco Router is something to consider a lot. It simplifies a lot the deployment in places where you need to optimize resources and keep things simple. It also saves some money on unnecessary hardware.
Having the most complete license, we can have in the same box IPS, inspection for malware and URL filtering. As Cisco uses Talos Intelligence network to mitigate and evaluate risks, having this complete set of security features turns the box into a powerful resource to protect our remote locations. Considering the hyper-connected business we have today, it's almost impossible to think that we can run a business without this kind of protection.
The integration between Firepower NGIPS and other products, like Cisco ISE and Splunk, is also a key feature for this solution. In both cases, you can integrate the product to have the best of both. As a security appliance, it's very important for us to have all the logs centralized in Splunk and this is done simply connecting FMC (Firepower Management Console) to the Splunk collector.
We didn't have any major issues that let us need support. Only, for this reason, I think Cisco Firepower deserves the rating. Even for small issues, the partner that helped us during the project could solve it quickly. There are also tons of documents and other online resources to help maintain, administer and support the product.
Cisco Secure IPS is our first product. We were not using any other tools before. We are very happy with the Cisco Secure IPS features and customer support
FireEye NX is a solid product. It gives you sustainable security throughout the organization. NX detection engines are more capable compared to others. Its catch rate is higher, FP rate is lower, [and] speed is awesome. NX can work for highly regulated environments with 1 way solution. Operation costs are much lower. Software quality is very good. It may have bugs, but these bugs do not compromise the security in general. SOC team loves the FireEye NX for its pinpoint detection capabilities. Local and partner support is exceptional.
As [a] financial company on the digital markets, we need to be safeguard for 0days and targeted attacks. FireEye NX provides the best updated protection with its enhanced capabilities.
Security score based on detection/prevention metrics [is] very high ensuring the highest level of security.
APTs in our region successfully detected and mitigated by the NX.
For the ROI, in a six month period FireEye is paying off its [investment].
One negative thing, especially with increasing network bandwidths, [is that] you need to make [the] investment every two or three years.
