Cisco Sourcefire SNORT Reviews

It has a huge rate of protection. It has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions. It has a good support channel, technical assistance. It's good. 

It's really good to sell as far as a Cisco firewall. It's really good to sell in the complex Cisco project because Cisco's really good for networking and routing. When we are networking, it's easier to sell a security-based firewall. It's a complex product. It's really good. There is syndication between different security products, and in Cisco's case, it's with integration.

Performance needs improvement. If you compare Cisco Sourcefire with other products, it performs at the same level of compliance. For Cisco Sourcefire, it's not really horrible and it's not really the market and price-performance rate. The performance can be improved. 

We have been using Sourcefire since 2011.

It's scalable. Sourcefire has a classic deployment model and you can scale up through the appliance if you need the same deployment so it's quite simple. It's quite scalable. We mostly work with mid-sized companies. 

Sourcefire Snort is the kind of software that is constantly running like 24/7,

In general, Cisco provides really good and reliable support. Overall it's good but sometimes, around 1% of the time, it doesn't work so well. 

We also use IBM and Palo Alto and from the technical perspective, it's probably equal. It's equal by the features, by the functionality, by the performance. But again, for the pricing, it's really bumpy.  For Palo Alto for example, the pricing is almost equal. But for the performance and the features, they are on the next level.

It is easy to setup. For a basic deployment, it can take up to three or four days to deploy in a minimal setup. If it's a huge project with a huge data center, a lot of configuration, a lot of work, and a lot of integration, it will take two or three weeks up to one month. 

You only need one person for a basic deployment. 

Make sure to have good sizing because it matters for the performance of the features. Also make sure to have a good design. Before starting with the deployment and installation for Sourcefire. Have a technical session with the local Cisco office or the local department to provide a good design. 

I would rate it an eight out of ten. 

We have some architecture concerns. I'm not really sure that Cisco can quickly solve this concern. Palo Alto has a user-friendly interface for the management. 

The main features of the Cisco Sourcefire are that it's a next-generation firewall with new features. It has application security, advanced malware protection, URL filterings, encryption, and decryption.

It is also used for email filtration and web application cyber protection.

The deployment model we used was on-premises.

This solution has improved our security level for our organization. It's a more intellectual system with many features that can help us with decryption. 

At this time, we have more than eighty-six percent of the traffic is SSL. We must decrypt this, and these devices provide us with tools for encrypted traffic inspection.

 It's user-friendly for engineers and works well for configuration and debugging.

The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates.

This is a good solution, but some others may have some advantages. For example, Palo Alto has more useful and suitable application abilities. This solution has a better Firepower but the functionalities are not as good.

With the next release, I would like to see some PBR, so that you can do the configuration with the features.

This solution is stable if we talk about boxes, and usually, it is a strong system, but with some software versions, we have had some trouble. I think that it depends on the manufacturers. 

This solution is scalable and reliable.

You can use it in a cluster for one PC or a cluster for two different data centers.

The support is good.

For customers, there are many features and we try to resolve as many issues as we can, but we only have access to some of the core elements. They can only be resolved by contacting technical support.

The initial setup and configuration are easy.

You can create panels with deeper functionalities, but you need a bit more experience with the technology. 

Providing videos and materials are useful, but really what you need is the experience in analyzing logs. Without that, you wouldn't be able to problem-solve on your own, even with the assistance of videos.

I would recommend this solution. It's reliable and scalable, with easy installation and integration.

I would rate this solution an eight out of ten.