9 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.4 out of 100
Top Rated
102 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.3 out of 100

Likelihood to Recommend

Cisco Secure IPS (NGIPS)

For scenarios, I described before, like when you have centralized administration and several locations, and the majority of those locations have the same size/requirements, Firepower is well suited. Easy to maintain, relatively cheap to buy. For scenarios too small, like small sales offices like ours, I don't think Firepower could fit, basically because you'll need to invest a certain amount of money to buy, license and deploy.
Eduardo Viero | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

The Palo Alto device is well suited for a direct replacement for any traditional or other firewall. There is little room for error on this device, it will do exactly what you have it configured for. Between security zones, security policies, nat policies, policy based forwarding, and everything in between, you have to keep your head on straight when making big or small changes.
The Palo Alto does have one overall issue our users report more than anything. The Palo Alto is a strict NAT device, so unless you have the ability to 1 to 1 map IP addresses for your users who need something beside strict NAT limitations, the Palo Alto will cause you grief.
Anonymous | TrustRadius Reviewer

Feature Rating Comparison

Firewall

Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
9.0
Identification Technologies
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
9.1
Visualization Tools
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
8.3
Content Inspection
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
9.3
Policy-based Controls
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
9.3
Active Directory and LDAP
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
9.0
Firewall Management Console
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
8.8
Reporting and Logging
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
8.7
VPN
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
8.4
High Availability
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
9.6
Stateful Inspection
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
9.5
Proxy Server
Cisco Secure IPS (NGIPS)
Next-Generation Firewalls - PA Series
8.7

Pros

Cisco Secure IPS (NGIPS)

  • Low false positive rate as long as it is properly managed/tuned.
  • Easy to manage and configure with the GUI.
  • Support is great if assistance is needed.
Marc Uydess | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • AppID is able to see what the actual internet traffic is. For instance instead of port 443 just being "Internet traffic" we can define access to Facebook-base or all the other facets of facebook.
  • UserID allows us to define policies based on group or user access and integrates with our Active Directory. This helps to configure a least access privilege and if we find misuse of the network we can tighten specific users to a stricter policy.
  • GlobalProtect VPN connection helps our employee's connect from home remotely. This provides a very secure connection with minimal configuration.
  • Wildfire provides very up-to-date information regarding global attack mitigations and stopping techniques.
Christopher St.Amand | TrustRadius Reviewer

Cons

Cisco Secure IPS (NGIPS)

  • Fine tuning the Firepower policies is tedious and time consuming
Jonathan Pauley | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • The CLI is a bit confusing, and it's difficult to find what you're looking for. Takes a lot of practice. Definitely not as good as the Cisco CLI.
  • Updating the firmware is often a very dangerous process, especially when jumping minor or major releases. More QA should be done to validate and ensure no issues during upgrades. I'll admit it's gotten better over time, but there is still room for improvement.
Anonymous | TrustRadius Reviewer

Likelihood to Renew

Cisco Secure IPS (NGIPS)

Cisco Secure IPS (NGIPS) 9.0
Based on 1 answer
We are in the middle of outsourcing and may not be able to keep this product.
Marc Uydess | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 10.0
Based on 1 answer
The PA5220s have far exceeded what we have expected out of them. It was a bit of a learning curve coming from another vendor, but everything falls into place now with ease. The capabilities of the solution still surprise us, allowing us to remove other costly hardware and providing a single point of management needed
Anonymous | TrustRadius Reviewer

Usability

Cisco Secure IPS (NGIPS)

Cisco Secure IPS (NGIPS) 10.0
Based on 1 answer
Very easy to navigate GUI in the FMC and very effective at performing the intending duties.
Jonathan Pauley | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 10.0
Based on 2 answers
In my opinion, the Palo Alto Firewall is the simplest firewall in terms of management interfaces; though it has more advanced options that apply to more advanced use cases. Configuring basic features on the firewall is nearly self-explanatory; configuring more advanced features can be met with very thorough vendor documentation.
Anonymous | TrustRadius Reviewer

Support Rating

Cisco Secure IPS (NGIPS)

Cisco Secure IPS (NGIPS) 9.0
Based on 4 answers
We didn't have any major issues that let us need support. Only, for this reason, I think Cisco Firepower deserves the rating. Even for small issues, the partner that helped us during the project could solve it quickly. There are also tons of documents and other online resources to help maintain, administer and support the product.
Eduardo Viero | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 8.5
Based on 12 answers
We've run into a couple undocumented bugs, but that seems to happen with every brand and technology. Any time we've had to engage Palo Alto support they've always been professional, knowledgeable and prompt. In almost all cases we've been able to resolve our issues without having to escalate our tickets.
Paul Luchini | TrustRadius Reviewer

Alternatives Considered

Cisco Secure IPS (NGIPS)

Cisco Firepower is as well positioned in the Gartner magic quadrant as the others I mentioned and not just because of that, but the product is really good, delivers what it's intended to deliver. For us, the main strategy is to simplify administration and operation and as we're a Cisco customer for several other products, our long term relationship gives us a competitive vantage to negotiate and have great deals. In summary: Cisco Firepower is a great product, can cost the same or less than competitors and it's made by a company we already know and trust.
Eduardo Viero | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

I have used Cisco & Sonicwall primarily in most of my 23+ years of network security experience. Over the years all of these platforms have matured, but Palo Alto beats them all in terms of user interface.

The ability to run reports, get access to data immediately, and have the data be extremely accurate and granular is what sets Palo Alto apart from the others. Deployment of the VPN client(s) on multiple platforms is simple to manage and doesn't break other applications like many other VPN client software does. The performance of the firewall from a throughput and monitoring standpoint is second to none.
Anonymous | TrustRadius Reviewer

Return on Investment

Cisco Secure IPS (NGIPS)

  • Good visibility into our traffic and automatic threat protection keeps our network and users safe.
Wouter Hindriks | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • Utilizing Panorama to manage all of our Firewalls Policies by creating device groups is a real time saver. We only need to configure policies once and push them to the appropriate firewalls saving a lot of time.
  • Having the added security feature protection is good peace of mind in an ever-increasing threat landscape.
  • Monitoring traffic by IP, URL or username provides excellent insight into our traffic.
Anonymous | TrustRadius Reviewer

Pricing Details

Cisco Secure IPS (NGIPS)

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Next-Generation Firewalls - PA Series

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Rating Summary

Likelihood to Recommend

Cisco Secure IPS (NGIPS)
8.9
Next-Generation Firewalls - PA Series
9.6

Likelihood to Renew

Cisco Secure IPS (NGIPS)
9.0
Next-Generation Firewalls - PA Series
10.0

Usability

Cisco Secure IPS (NGIPS)
10.0
Next-Generation Firewalls - PA Series
10.0

Support Rating

Cisco Secure IPS (NGIPS)
9.0
Next-Generation Firewalls - PA Series
8.5

Add comparison