Cisco Secure IPS (formerly Firepower Next-Generation Intrusion Prevention System, or NGIPS) is an intrusion detection response system that produces security data and enhances the analysis by InsightOps. The technology replaces the former Sourcefire 3D IPS. Cisco acquired Sourcefire in 2013.
N/A
Palo Alto Networks Cortex XDR
Score 8.5 out of 10
N/A
Traps
replaces traditional antivirus with multi-method prevention, a proprietary
combination of malware and exploit prevention methods that protect
users and endpoints from known and unknown threats.
Cisco Secure IPS is required for every organization and it gives us all the advanced security features for more visibility and control on our incoming and outgoing network traffic. We can easy to configure and management is also very easy. You can deploy in the existing network very easily. The price is very low and performance is very high and it works very quickly on threats and takes the necessary action.
Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.
The option to deploy it as a virtual machine in a UCS-E inside a Cisco Router is something to consider a lot. It simplifies a lot the deployment in places where you need to optimize resources and keep things simple. It also saves some money on unnecessary hardware.
Having the most complete license, we can have in the same box IPS, inspection for malware and URL filtering. As Cisco uses Talos Intelligence network to mitigate and evaluate risks, having this complete set of security features turns the box into a powerful resource to protect our remote locations. Considering the hyper-connected business we have today, it's almost impossible to think that we can run a business without this kind of protection.
The integration between Firepower NGIPS and other products, like Cisco ISE and Splunk, is also a key feature for this solution. In both cases, you can integrate the product to have the best of both. As a security appliance, it's very important for us to have all the logs centralized in Splunk and this is done simply connecting FMC (Firepower Management Console) to the Splunk collector.
Cortex XDR does a very good job of blocking suspicious and threatening items. However, as with all software of this nature, it will sometimes block known-good items. The difficulty is in manually whitelisting these known-good items. The interface to whitelist is confusing even for a seasoned IT professional and has been the single most frustrating experience of using Cortex XDR
We didn't have any major issues that let us need support. Only, for this reason, I think Cisco Firepower deserves the rating. Even for small issues, the partner that helped us during the project could solve it quickly. There are also tons of documents and other online resources to help maintain, administer and support the product.
The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.
Cisco Secure IPS is our first product. We were not using any other tools before. We are very happy with the Cisco Secure IPS features and customer support
Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.
