Cisco Firepower NGFW (formerly Sourcefire): The nextGen Solution
January 29, 2020
Cisco Firepower NGFW (formerly Sourcefire): The nextGen Solution
Score 7 out of 10
Vetted Review
Verified User
Software Version
Other
Overall Satisfaction with Cisco Firepower NGFW (formerly Sourcefire)
Cisco Firepower NGFW (formerly Sourcefire), as we call it, is being used by our Department for managing the security of our campus. The primary reason behind using it is to trigger alerts when there is an intrusion activity on our perimeter or even within our boundaries. Cisco Firepower NGFW (formerly Sourcefire) gives us a detailed report of suspicious packets going through it. These reports provide insight into the daily flow of malicious traffic on our network, university computers that show suspicious behavior, intruders trying to scan our network, users downloading/uploading malicious files, etc. It increases the visibility of our cyberinfrastructure, thereby helping us to secure it.
- Cisco Firepower NGFW (formerly Sourcefire) shows a very detailed report of traffic that it finds as malicious. From Capturing Pcaps to generating analytics corresponding to an incident it makes it very easy for us analysts to decide the next steps.
- Cisco Firepower NGFW (formerly Sourcefire) has search functionality that allows us to go very specific while on the managing window, unlike Palo Alto Panorama.
- The UI in Cisco Firepower formerly Sourcefire) is complicated and entirely redundant. A lot of these features are not useful, and therefore, it can be removed from the main window.
- The interface is very slow, with each operation taking a lot of time. Searching through the logs takes too much time.
- Cisco Firepower (formerly Sourcefire) helped us to detect a lot of malware that was downloaded by some users within our network. A lot of them are backdoor for potential ransomware.
- Once, it detected lateral movement of a ransomware within our network and helped us in containing and destroying it before it spreads, saving thousands of dollars worth of data.
Snort is an excellent tool for signature-based intrusion detection. Cisco Firepower NGFW (formerly Sourcefire) uses Snort under the hood. This makes it a potent detection tool with almost no false positives. When it comes to Comparison, it is at par with Palo Alto Panorama in terms of the only detection.
However, Panorama beats Cisco Firepower NGFW (formerly Sourcefire) because it provides a whole lot of features and is much faster at all scales of usage at a lower price.
Do you think Cisco Secure Firewall delivers good value for the price?
No
Are you happy with Cisco Secure Firewall's feature set?
No
Did Cisco Secure Firewall live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Cisco Secure Firewall go as expected?
I wasn't involved with the implementation phase
Would you buy Cisco Secure Firewall again?
No