Item: Cisco Firepower 1000 Series
Rating: 10
Author: Verified User

Use Cases and Deployment Scope

We use the IDPS as a tool for entry into all of our data centers, be they the large group ones or individual ones in the local markets. We've got an estate of just under a hundred IDPS devices across the business and they're all Cisco Firepower.

Pros and Cons

So what we are finding it's very good at is actually blocking malicious threat actors from getting into our core data centers since we made some changes a couple of years ago going from more of a detection mode into a prevention mode. So the tool, the IDPS name is the clue in the name, it's an intrusion detection and prevention system. For a long time, the tool was being used to detect but not prevent. We spun it to use it to prevent having done a lot of work on making sure that the detections are accurate and correct. And what we've seen since we've done that is hesitate to say it, but we haven't seen a compromise in any of our data centers. As a result of traffic being passed through one of these boxes, they've stopped everything.

So one of the things that we, well we've been working with Cisco on for improvement on this is because we block so much traffic, there is an enormous amount of information about what the threat actors are trying to do if you just block it and discard it. And so I blocked it. That's good. What you are missing is information about who might've been trying to attack you, what they were trying to achieve, and what their long-term objective might be. It's one of the things we've been doing a lot of work with Cisco to map all of those detections against the Mitra attack framework, which is a framework that allows us to work out what threat actors are trying to get, what they're trying to do and what they're trying to achieve. That's an area where, and I know Cisco's got some plans to take what we've done together further and elaborate on that one key development where the whole thing is going to become very interesting is the use of AI in that space. We're quite excited actually about working together to understand how we can maximize the use of AI for benefit.

Return on Investment

So it's had a positive effect in, as I said earlier, we talked about moving from detection to prevention and that move to prevention has reduced the number of incidents that we've had. So it's reduced the cost to us of actually dealing with malicious threat actors getting into our network and into our infrastructure. So it's had a very positive impact.

Simplified Administration

N/A

Performance

N/A

Support Rating

N/A

Key Insights

Do you think Cisco Firepower 1000 Series delivers good value for the price?

Yes

Are you happy with Cisco Firepower 1000 Series's feature set?

Yes

Did Cisco Firepower 1000 Series live up to sales and marketing promises?

Yes

Did implementation of Cisco Firepower 1000 Series go as expected?

Yes

Would you buy Cisco Firepower 1000 Series again?

Yes

Likelihood to Recommend

So it meets the needs that we have for protecting our core data centers. That's where it's best applied. We have a policy within our business of actually segregating firewalls and IDPS. Next-Gen Firewall is a combination of the two device Firepower is very capable of doing that, but at the moment we keep the two segregated. So it's another area that we're looking to move forward in potentially having one device to cover both the firewall and the IDPs functionality.

Firepower Review

Software Version

Overall Satisfaction with Cisco Firepower 1000 Series