We performed a comparison between Cisco Secure Network Analytics and Cisco Sourcefire SNORT based on real PeerSpot user reviews.
Find out in this report how the two Network Monitoring Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can manage the entire system across the network and troubleshoot the pain points."
"There are already many functionalities, so I don't think there is anything to improve."
"The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now."
"Stealthwatch has greatly improved our network visibility, in terms of bandwidth, malware, and PCI violations."
"The most valuable part is that Stealthwatch is part of a portfolio of security devices from Cisco. Cisco literally can touch every single end point, every single ingress and egress point in the network. Nobody else has that."
"The most valuable feature of this solution is the way the net flow is being merged together in a single pane. That's been extremely useful for us, because can see what's going on with traffic in one single place."
"Most of the engineers I've worked with have been really good. Very knowledgeable and easy to work with."
"I value the feature which enables me to detect devices talking to suspect IPs."
"Cisco Stealthwatch has reduced the amount of time to detect an immediate threat."
"The whole solution is very good, and stable."
"I like most of Cisco's features, like malware detection and URL filtering."
"The most valuable feature of this solution is the filtering."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"The solution is rather easy to use."
"The most valuable feature is the visibility that we have across the virtual environment."
"The solution is stable."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The Wi-Fi side needs improvement."
"It's a good solid solution but integration with Network Access Control products with Cisco ISE would be good."
"One update I would like to see is an agent-based client. Currently StealthWatch is network based."
"We've run into some issues with the configuration."
"Stealthwatch is still maturing in AI. It uses artificial intelligence for predictions, but AI still needs to mature. It is in a phase where you get 95% correct detection. As its AI engine learns more, it will become more accurate. This is applicable to all the devices that are using AI because they support both supervised and unsupervised machine learning. The accuracy in the case of supervised machine learning is dependent on the data you feed into the box. The accuracy in the case of unsupervised machine learning is dependent on the algorithm. The algorithm matures depending on retrospective learning, and this is how it is able to detect zero-day attacks."
"The overall visibility into the actual device itself would be helpful. I don't just want support-specific data, but also to be able to see information such as CPU and other internal components or usage of the devices."
"The initial setup was complex."
"We haven't seen ROI."
"The initial setup is complex, as there is a lot to configure."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."
"I would like to have analytics included in the suite."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews while Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews. Cisco Secure Network Analytics is rated 8.2, while Cisco Sourcefire SNORT is rated 7.6. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Palo Alto Networks URL Filtering with PAN-DB. See our Cisco Secure Network Analytics vs. Cisco Sourcefire SNORT report.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.