We performed a comparison between Cisco Sourcefire SNORT and Darktrace based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The URL filtering is very good and you can create a group for customized URLs."
"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"The most valuable feature of this solution is the filtering."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"The solution is rather easy to use."
"I like most of Cisco's features, like malware detection and URL filtering."
"It is quite an intelligent product."
"The most valuable feature is the visibility that we have across the virtual environment."
"Technical support is helpful and responsive."
"A simple, powerful AI solution that just does all the work for you when you turn it on."
"The solution is outstanding from a monitoring perspective."
"Darktrace is very useful for us because it has a large number of models for detecting threats."
"It is a very simple product to use."
"I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities."
"The most valuable feature has been the behavioral analytics that allows us to monitor all the traffic."
"The most valuable features of Darktrace are its full capabilities. You have visibility of everything."
"The cloud can be improved."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."
"The customization of the rules can be simplified."
"The solution's approach to managing traffic blocking is confusing and impractical."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"It's quite expensive to have."
"The pricing model is a little too high and could be more flexible."
"I'd love them to see maybe covering the cloud a bit more."
"Darktrace needs to automate the reports of false positives, botnets and everything."
"This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
"I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools."
"I would like to see some additional enhancements."
Cisco Sourcefire SNORT is ranked 11th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 66 reviews. Cisco Sourcefire SNORT is rated 7.6, while Darktrace is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Vectra AI, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x). See our Cisco Sourcefire SNORT vs. Darktrace report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.