We performed a comparison between Cisco Sourcefire SNORT and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The most valuable feature of this solution is the filtering."
"Cisco technical support is unbeatable. It offers a premium service every time."
"The solution is rather easy to use."
"The most valuable feature is the visibility that we have across the virtual environment."
"User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"I like the tool's user analysis feature."
"I rate Rapid7 nine out of 10 for affordability"
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"Very intuitive and easy to set up."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Performance needs improvement."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"The implementation could be a bit easier."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"The ability to tune the collector for custom logs would greatly help."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"Inability to get access to compliance reports within the solution."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. Cisco Sourcefire SNORT is rated 7.6, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Darktrace, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.