See our complete list of top Intrusion Detection and Prevention Systems.
Based in San Jose, California, Cisco is the world’s largest networking infrastructure vendor. It also has a broad server, storage and security portfolio, and has had intrusion detection and prevention system (IDPS) offerings for many years. The acquisition of Sourcefire has improved Cisco’s network security capabilities, as Sourcefire possessed an enterprise-class IDPS.
Cisco has 22 models of IDPS available. These include physical and virtual appliances, a software-based IDPS available within the enterprise firewall, Cisco Internetwork Operating System (IOS)-based routers and Integrated Services Routers (ISR) IDPSs. The same IDPS is also available within the Cisco Adaptive Security Appliance (ASA). Gartner named Cisco as the top vendor in its Leaders quadrant of its most recent IDPS Magic Quadrant, saying Cisco has the most widely deployed IDPS on the market today.
Cisco Firepower Next-Generation IPS (NGIPS) threat appliances provide visibility, embedded security intelligence, and automated analysis.?It shares a management console with the Cisco firewall offerings, called the Firepower Management Center. Recently added capabilities include DNS security for inspection and sinkholing, as well as URL-based security intelligence and Advanced Malware Protection (AMP) Threat Grid integration. With IBM leaving the IDPS market, that company is now co-selling Cisco IDPS.
Markets and Use Cases
Cisco appliances range from small models for remote branches up to large data center use cases. The company supports AWS but not Microsoft Azure. Gartner said some of its advanced security features that offer IDS analysis and investigation tool are typically beyond the budget of smaller firms. The company has a wide presence in most verticals.
Appliances range from 50 Mbps to 60 Gbps of inspected IDPS throughput.
Cisco has multiple intelligence features. This includes URL-based security intelligence, AMP Threat Grid integration. In addition, Talos, Cisco’s security research team, prowls around for new malware and vulnerabilities, rapidly developing security content for all Cisco security products.
Cisco Firepower NGIPS is available in 22 physical and virtual form factors, as well as via software installed in Cisco suites. Cisco Firepower (4100 Series and 9000 Series) and FirePOWER (7000 Series and 8000 Series) appliances incorporate a low-latency, single-pass design.
Agents are used.
Prices vary from small, inexpensive appliances for small companies and branches, to enterprise-class appliances such as the Cisco Firepower 4120, which is listed by resellers at close to $100,000.