We performed a comparison between Cisco Sourcefire SNORT and Darktrace based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"I like most of Cisco's features, like malware detection and URL filtering."
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"The most valuable feature of this solution is the filtering."
"The most valuable feature is the visibility that we have across the virtual environment."
"The solution is rather easy to use."
"The whole solution is very good, and stable."
"It is quite an intelligent product."
"I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities."
"Darktrace is very flexible."
"The most valuable feature is the alerts. The alerts are meaningful. The event rolls up into meaningful and actionable alerts rather than just being noise."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"I find the complete portfolio to be excellent."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"It is very stable and easy to use."
"The AI-based pattern is the most valuable feature."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"The customization of the rules can be simplified."
"The implementation could be a bit easier."
"To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"The interface and dashboards could be improved for ease-of-use."
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not."
"The interface is too mathematical and it should be simplified."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"It's a very complex platform."
"The user interface and the configuration are a bit complex and should be improved or simplified."
Cisco Sourcefire SNORT is ranked 12th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 66 reviews. Cisco Sourcefire SNORT is rated 7.6, while Darktrace is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Vectra AI, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x). See our Cisco Sourcefire SNORT vs. Darktrace report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.