Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Next-Generation Intrusion Prevention System (NGIPS)

Deep visibility. Preeminent intelligence. Superior protection.

Network security for the threats you face

Get better protection against today’s sophisticated attacks. Stop more threats, gain more insight into your environment, and protect your digital business initiatives. Cisco Firepower Next-Generation IPS (NGIPS) threat appliances combine superior visibility, embedded security intelligence, automated analysis, and industry-leading threat effectiveness. 

NGIPS features and benefits

Real-time contextual awareness

If you can’t see it, you can’t protect it. Gain deep insight into your network devices, applications, users, operating systems, files, and more. Use this information to better understand network behavior, identify out-of-compliance situations, and evaluate intrusion events.

Advanced threat protection

Address known and unknown threats through fully integrated advanced malware protection (AMP) and sandboxing solutions. Rapidly detect, block, contain, and remediate advanced threats. Our median time to detection (MTTD) is an industry-leading 13 hours.

Global threat intelligence

Get up-to-the-minute threat protection through Cisco’s worldwide threat visibility and analysis organization. Their efforts result in more than 35,000 vulnerability-focused IPS rules, advanced malware detections, and embedded IP-based, URL-based, and DNS-based security intelligence.

Intelligent security automation

Correlate threat events with the intended target’s vulnerabilities to prioritize the threats that matter most. Analyze your network vulnerabilities to identify needed security policies. Associate users with our intrusion events to speed investigations. Do more with less staff.

High-performance appliances

Cisco Firepower (4100 Series and 9000 Series) and FirePOWER (7000 Series and 8000 Series) appliances are purpose-built to provide the right throughput, modular design, and carrier-class scalability. They incorporate a low-latency, single-pass design and include fail-to-wire interfaces.

View data sheet

Find the best NGIPS for you

Cisco Firepower NGIPS is available on many appliance models and in both physical and virtual form factors. Choose the best option for your use case and throughput needs.

Firepower 4100 Series

  • Designed for Internet-edge, high-performance environments
  • Threat inspection from 10 to 20 Gbps
  • Includes AVC, with AMP and URL options
  • Fail-to-wire interfaces available

FirePOWER 7000 Series

  • Designed for sales and remote offices
  • Threat inspection from 50 Mbps to 1.25 Gbps
  • 8-12 monitoring interfaces
  • Small Form-Factor Pluggable (SFP): 2 models

Firepower 9000 Series

  • Designed for service provider and data center deployments
  • Threat inspection up to 90 Gbps
  • Includes AVC, with AMP and URL options
  • Fail-to-wire interfaces available

NGIPSv for VMware

  • Small branch offices and remote locations
  • Threat inspection up to 800 Mbps
  • East-west data center/PCI critical servers
  • Full NGIPS and options functionality

FirePOWER 8000 Series

  • Designed for campus and enterprise deployments
  • Threat inspection up to 60 Gbps
  • Stackable scalability
  • Fail-to-wire interfaces available

Firepower Threat Defense for ISR

  • Designed for branch and remote offices
  • Threat inspection up to 800 Mbps
  • Deployed on ISR G2 and 4000 Series routers
  • Increase security, reduce WAN costs

Upgrade to Firepower NGIPS

If you have a Cisco IPS or Sourcefire NGIPS, find an upgrade path that’s best for you. (PDF - 328 KB)

Related products

Firepower Management Center

Complete and unified management over Firepower NGIPS, Firepower NGFW, and Cisco AMP deployments.

AMP Threat Grid

This integrated sandboxing technology produces both static and dynamic malware analysis.

Advanced Malware Protection (AMP)

Get rapid malware detection, tracking, containment, and remediation for advanced threat protection.

Identity Services Engine (ISE)

Our access control policy platform is integrated with Firepower NGIPS to provide rapid threat containment.

Improve your results with our services


Work with our strategic and technical advisors to align security, compliance, and threat management with your business goals.


Reduce expenses and increase security with offerings that range from monitoring and management to managed threat solutions.


Design the best technical architecture for your company, plus speed the adoption of and optimize your network security technologies.


Increase efficiency, lower support costs, and improve network availability with our award-winning product support services.

News and events

Protect your digital business with an NGIPS

Get visibility, threat detection, and response where firewalls can't go.

Gartner: Cisco is an IPS Leader

Cisco Next-Generation IPS (NGIPS) a leader in the Magic Quadrant.

NSS Labs validates our NGIPS

Cisco FirePOWER again leads in efficacy, throughput, and low TCO.

For partners

Are you a Cisco partner?  Log in to see additional resources.

Looking for a solution from a Cisco partner? Connect with our partner ecosystem.