Overall Satisfaction with Cisco Firepower NGIPS (formerly Sourcefire 3D)
Here at our organization, we have about 15 remote locations, from small sales offices to manufacturing plants, all connected to our HQ using VPN. 2 years ago, we started to deploy Firepower NGIPS in some of those locations. Our main goal was to offer a robust, secure and centralized option for each location. Having centralized administration in our HQ, we can have the same policies applied for all the locations, check status, audit logs, etc. Also, once you have the templates, it's just a matter of order the same p/n and the setup will be very easy. Also, as we already, use Cisco routers for other purposes, like voice gateway, wan optimization, having the Firepower as a virtual machine inside the router was also a key feature for our convergence strategy.
- The option to deploy it as a virtual machine in a UCS-E inside a Cisco Router is something to consider a lot. It simplifies a lot the deployment in places where you need to optimize resources and keep things simple. It also saves some money on unnecessary hardware.
- Having the most complete license, we can have in the same box IPS, inspection for malware and URL filtering. As Cisco uses Talos Intelligence network to mitigate and evaluate risks, having this complete set of security features turns the box into a powerful resource to protect our remote locations. Considering the hyper-connected business we have today, it's almost impossible to think that we can run a business without this kind of protection.
- The integration between Firepower NGIPS and other products, like Cisco ISE and Splunk, is also a key feature for this solution. In both cases, you can integrate the product to have the best of both. As a security appliance, it's very important for us to have all the logs centralized in Splunk and this is done simply connecting FMC (Firepower Management Console) to the Splunk collector.
- The initial setup of the box can be a little tricky, especially in deployments like ours, where you have it running on a UCSE server inside a router. I think Cisco could do it a little easier, like having a script to configure it.
- The interface of the FMC (Firepower Management Console) is a little outdated. Cisco could use the latest design language they already used for other platforms like Cisco Prime to make that interface more user-friendly.
- As a positive impact, having this centralized administration helped us to speed up our deployments and at the same time, offer a robust solution to the business.
- Having integrations with other platforms, like Splunk, gave us a real vantage to keep all logs centralized and processed by one single SIEM. That represents a positive impact considering we have several locations around the world.
- As a Cisco product, Firepower can count on the biggest partner network in the whole word. No matter where you need, if in China or Argentina, you can find a partner to help on your project. That also represents a huge positive impact when you select a vendor.
Cisco Firepower is as well positioned in the Gartner magic quadrant as the others I mentioned and not just because of that, but the product is really good, delivers what it's intended to deliver. For us, the main strategy is to simplify administration and operation and as we're a Cisco customer for several other products, our long term relationship gives us a competitive vantage to negotiate and have great deals. In summary: Cisco Firepower is a great product, can cost the same or less than competitors and it's made by a company we already know and trust.
We didn't have any major issues that let us need support. Only, for this reason, I think Cisco Firepower deserves the rating. Even for small issues, the partner that helped us during the project could solve it quickly. There are also tons of documents and other online resources to help maintain, administer and support the product.
Do you think Cisco Secure IPS delivers good value for the price?
Are you happy with Cisco Secure IPS's feature set?
Did Cisco Secure IPS live up to sales and marketing promises?
Did implementation of Cisco Secure IPS go as expected?
Would you buy Cisco Secure IPS again?
For scenarios, I described before, like when you have centralized administration and several locations, and the majority of those locations have the same size/requirements, Firepower is well suited. Easy to maintain, relatively cheap to buy. For scenarios too small, like small sales offices like ours, I don't think Firepower could fit, basically because you'll need to invest a certain amount of money to buy, license and deploy.