We performed a comparison between Check Point IPS and Cisco Sourcefire SNORT based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."IPS can protect our organization with any old vulnerabilities or if any vulnerability detected minutes ago IPS can protect us as per our configured policy."
"IPS signatures can be set quite granularly depending on your environment. You can filter on performance impact, severity, and confidence which makes sizing and adapting easier."
"Protection in real-time is very good. It helps us detect things on time and make decisions to improve perimeter security."
"I can easily monitor all of our connected devices and I get instant notification of reconnections and new connections, which removes some of the monitoring burden."
"The number of the IPS protections is amazing - after the latest update I see more than 11000 in the SmartConsole."
"Some of the features for views and visualization are already predefined as default files."
"The reports are useful in helping to verify the threats where we can see the level of severity in order to be able to take action."
"The notifications are the most valuable feature of the solution."
"It is quite an intelligent product."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"The URL filtering is very good and you can create a group for customized URLs."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"Solid intrusion detection and prevention that scales easily in very large environments."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"There is a performance impact on the NGFW post-enabling the IPS blade/Module, which can even lead to downtime if IPS starts to monitor or block high-volume traffic."
"I would like to have the possibility of adding features to this IPS solution in the future."
"There is an issue with precision."
"It would be good to update the public documentation of Check Point so that we can generate improvements and best practices based on the documentation."
"Occasionally there are glitches and errors like false positives, which would be a nice area of this solution to improve upon."
"When exceptions need to be done for certain profiles, it is easy to get them done, however, implementation on some general ones may cause some extra work as the IPS is not easy to overwrite."
"Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns."
"Sometimes protections are 'aggregated' into a single threat name when you look at the logs. I would prefer to see all protections named individually (for example, right now, 'web enforcement' is a category that contains several signatures)."
"I would like to have analytics included in the suite."
"The solution's approach to managing traffic blocking is confusing and impractical."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"The cloud can be improved."
"The customization of the rules can be simplified."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have."
"Performance needs improvement."
Check Point IPS is ranked 3rd in Intrusion Detection and Prevention Software (IDPS) with 46 reviews while Cisco Sourcefire SNORT is ranked 11th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews. Check Point IPS is rated 8.6, while Cisco Sourcefire SNORT is rated 7.6. The top reviewer of Check Point IPS writes "Great for detection and access with the capabilities of defining specific rules". On the other hand, the top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". Check Point IPS is most compared with Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Palo Alto Networks Advanced Threat Prevention, Trend Micro TippingPoint Threat Protection System and Vectra AI, whereas Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Palo Alto Networks Advanced Threat Prevention, Darktrace and Vectra AI. See our Check Point IPS vs. Cisco Sourcefire SNORT report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.