We performed a comparison between Check Point IPS and Cisco Sourcefire SNORT based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The possibility of customizing the rules is great."
"Real-time protection has blocked most threats that could affect system operations."
"The solution's IPS functionality and firewall functionality are the solution's most valuable features."
"There's less admin burden to detect these threats as Check Point IPS will do it all for you and suggest the best preventive actions to protect the network."
"What I like best about Check Point IPS is that it can prevent attacks. I also like that it has a log feature."
"The Check Point IPS module allows me granularity in creating rules."
"The most valuable feature is that it protects us against hundreds of different attack vectors, like ransomware. The protection is always being triggered. People try to access websites that are categorized as malware, so when the users do a DNS request for the IP of those malware websites, the IPS Blade replaces the real IP of the website that is malware with a bogus IP. The user gets an IP that doesn't exist and when he tries to access, it won't work."
"The number of the IPS protections is amazing - after the latest update I see more than 11000 in the SmartConsole."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"Solid intrusion detection and prevention that scales easily in very large environments."
"The most valuable feature is the visibility that we have across the virtual environment."
"I like most of Cisco's features, like malware detection and URL filtering."
"Cisco technical support is unbeatable. It offers a premium service every time."
"The solution is stable."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"The service that we want to see in the future is a capacity to segment the IPS services by equipment."
"It requires a lot of people to maintain the solution."
"Setting up Check Point IPS isn't easy, but it's not too complex, either. I rate it seven out of 10 for ease of setup. Generally, customers cannot do it themselves. They need an integrator."
"Sometimes protections are 'aggregated' into a single threat name when you look at the logs. I would prefer to see all protections named individually (for example, right now, 'web enforcement' is a category that contains several signatures)."
"The only thing they could maybe improve is that we notice right away that the performance decreases when we enable the IPS, especially beyond the CPU and memory usage. If you want to enable the IPS and you have a lot of traffic, it can have an impact. The performance could be improved."
"Sometimes Check Point documentation is not always updated, which is why when some implementations change, it generates confusion about details."
"Sometimes we had false positives where packages that were legitimate for us were blocked and we had to unblock them through exceptions."
"In my opinion, the Check Point software engineers should works on the performance of the blade - when it is activated with the big number of the protections in place, the monitoring shows us the significant increase in the CPU utilization for the gateway appliances - up to 30 percents, even so we are cherry-picking only the profiles that we really needed."
"There are problems setting up VPNs for some regions."
"The cloud can be improved."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"The implementation could be a bit easier."
"The solution's approach to managing traffic blocking is confusing and impractical."
Check Point IPS is ranked 3rd in Intrusion Detection and Prevention Software (IDPS) with 45 reviews while Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews. Check Point IPS is rated 8.6, while Cisco Sourcefire SNORT is rated 7.6. The top reviewer of Check Point IPS writes "Great for detection and access with the capabilities of defining specific rules". On the other hand, the top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". Check Point IPS is most compared with Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Palo Alto Networks Advanced Threat Prevention, Trend Micro TippingPoint Threat Protection System and Vectra AI, whereas Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Palo Alto Networks Advanced Threat Prevention, Darktrace and Trend Micro TippingPoint Threat Protection System. See our Check Point IPS vs. Cisco Sourcefire SNORT report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.