Skip to main content
Cisco Secure IPS

Cisco Secure IPS
Formerly Cisco NGIPS


What is Cisco Secure IPS?

Cisco Secure IPS (formerly Firepower Next-Generation Intrusion Prevention System, or NGIPS) is an intrusion detection response system that produces security data and enhances the analysis by InsightOps. The technology replaces the former Sourcefire 3D IPS. Cisco acquired Sourcefire in 2013.

Read more
Recent Reviews
Read all reviews


Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Return to navigation

Product Details

What is Cisco Secure IPS?

Cisco Secure IPS Video

What is an NGIPS?

Cisco Secure IPS Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation


View all alternatives
Return to navigation

Reviews and Ratings


Attribute Ratings


(1-6 of 6)
Companies can't remove reviews or game the system. Here's why
Basant Gupta | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Cisco Secure IPS is very advanced and provides all the advanced security features. It gives us more visibility and control over our network. Cyber attacks are increasing day by day. With the help of Cisco Secure IPS, we can detect and prevent any cyber attack on your network. We are using the Cisco Secure IPS firewall on our site for the last 2 years and now we have more control over your incoming and outgoing users' traffic and we can easy to block any threats. The performance is very fast and it is continually synced with the server for last updates.
  • Easy GUI.
  • Easy to export the report.
  • Very fast performance and quick response on threats.
  • It provides us more network security.
  • It provides us more network visibility.
  • Centralized management.
  • Easy to manage.
  • Very less documentation available for study.
Cisco Secure IPS is required for every organization and it gives us all the advanced security features for more visibility and control on our incoming and outgoing network traffic. We can easy to configure and management is also very easy. You can deploy in the existing network very easily. The price is very low and performance is very high and it works very quickly on threats and takes the necessary action.
Anjali Nair | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
An Intrusion Prevention System [IPS] is necessary for every organization. It will keep an eye on a network and find any malicious activities. We are using Cisco Secure IPS in our organization for high-level network security. It provides a lot of advanced features for detecting and preventing any type of cyber attack on your organization. The main function of Cisco Secure IPS is to identify any suspicious activity, prevent the activity from happening, and send an alert to the SOC team.
  • You will get more visibility in your network.
  • Very fast performance
  • Easy to detect and prevent the suspicious activities.
  • Easy to export report[s]
  • Daily security updates
  • Efficacy
  • Very low cost
  • Cisco Threat Intelligence Director
  • A lot of Cisco documentation available
  • I have never faced an issue with Cisco Secure IPS
Cisco Secure Intrusion Prevention System [IPS] is well suited for every organization that needs good, deep-level traffic scanning. It keeps an eye on our network's incoming and outgoing traffic, detects and prevents any suspicious activity, and sends the alert to your information security team to investigate. The performance of this device is very fast and it is easy to configure. We can create the rules very easily. There is a lot of documentation available on the Cisco website which will help you to configure and manage.
Score 9 out of 10
Vetted Review
Verified User
Here at our organization, we have about 15 remote locations, from small sales offices to manufacturing plants, all connected to our HQ using VPN. 2 years ago, we started to deploy Firepower NGIPS in some of those locations. Our main goal was to offer a robust, secure and centralized option for each location. Having centralized administration in our HQ, we can have the same policies applied for all the locations, check status, audit logs, etc. Also, once you have the templates, it's just a matter of order the same p/n and the setup will be very easy. Also, as we already, use Cisco routers for other purposes, like voice gateway, wan optimization, having the Firepower as a virtual machine inside the router was also a key feature for our convergence strategy.
  • The option to deploy it as a virtual machine in a UCS-E inside a Cisco Router is something to consider a lot. It simplifies a lot the deployment in places where you need to optimize resources and keep things simple. It also saves some money on unnecessary hardware.
  • Having the most complete license, we can have in the same box IPS, inspection for malware and URL filtering. As Cisco uses Talos Intelligence network to mitigate and evaluate risks, having this complete set of security features turns the box into a powerful resource to protect our remote locations. Considering the hyper-connected business we have today, it's almost impossible to think that we can run a business without this kind of protection.
  • The integration between Firepower NGIPS and other products, like Cisco ISE and Splunk, is also a key feature for this solution. In both cases, you can integrate the product to have the best of both. As a security appliance, it's very important for us to have all the logs centralized in Splunk and this is done simply connecting FMC (Firepower Management Console) to the Splunk collector.
  • The initial setup of the box can be a little tricky, especially in deployments like ours, where you have it running on a UCSE server inside a router. I think Cisco could do it a little easier, like having a script to configure it.
  • The interface of the FMC (Firepower Management Console) is a little outdated. Cisco could use the latest design language they already used for other platforms like Cisco Prime to make that interface more user-friendly.
For scenarios, I described before, like when you have centralized administration and several locations, and the majority of those locations have the same size/requirements, Firepower is well suited. Easy to maintain, relatively cheap to buy. For scenarios too small, like small sales offices like ours, I don't think Firepower could fit, basically because you'll need to invest a certain amount of money to buy, license and deploy.
Jonathan Pauley | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Firepower NGIPS is our primary IPS/IDS solution. It provides a layer of defense against network intrusion that provides very meaningful feedback via the Firepower Management Center (FMC). We use it both internally and recommend it to our customers as the leading NGIPS/IDS solutions available on the market. We are using Firepower NGIPS to both detect and proactively prevent unauthorized network access.
  • Stops unauthorized network access
  • Provides meaningful event and incident reporting via the FMC
  • Provides robust detection, prevention, and alerting of IPS/IDS events
  • Fine tuning the Firepower policies is tedious and time consuming
Any network that contains sensitive customer or user information that has to have any ports open to the internet for any reason needs to have some kind of IPS/IDS solution. Cisco Firepower NGIPS is a Gartner Industry Leader and is very effective for the purpose, especially when combined with other Cisco Security platform solutions.
Wouter Hindriks | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
We use Sourcefire Defense Center to manage and deploy the Firepower software on our Cisco ASA 5500-X firewalls. This adds layer 4-7 visibility to our networks edge.
  • Rules are based on the SNORT engine which has a tremendous base of rules.
  • Helps protect your network and users by leveraging Talos Intelligence resources, like the domain and IP reputation databases.
  • Allows you to define a policy which can then be applied to all FirePower devices in your networks.
  • The performance is not always as good as you'd want. Some operations take the better part of a minute (drilling down in traffics analysis).
  • Deploying or upgrading the FirePower software to the ASA firewalls takes a long time and deployment might fail without a clear reason.
The only way to get layer 4-7 security on your Cisco ASA devices. The solution has a lot of potential but I think that it still needs work to perform better.
Marc Uydess | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
We utilize Sourcefire 3D to monitor network traffic at our egress points as well as our critical subnets within the infrastructure. We also have it inline at our egress points to drop packets that match specific signature sets. It helps us add a layer of security to our infrastructure by blocking and alerting on malicious traffic that matches various signatures such as CnC and Exploit Kits. This also helps us achieve PCI compliance.
  • Low false positive rate as long as it is properly managed/tuned.
  • Easy to manage and configure with the GUI.
  • Support is great if assistance is needed.
  • Wish additional modules were included such as FireAmp.
  • Wish it was easier to include customized signatures if needed. Required to know how to code with Snort in order to add real customization.
This is great for large and small organizations as they have different models and modules that fit every scenario.
Return to navigation