We performed a comparison between Cisco Sourcefire SNORT and Trellix Intrusion Prevention System based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is rather easy to use."
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"It is quite an intelligent product."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The most valuable feature is the visibility that we have across the virtual environment."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"The most valuable features of the solution stem from the fact that it is a good product for dealing with DDoS attacks and for the inspection of network traffic."
"McAfee NSP is much more stable than Cisco."
"There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks."
"Great monitoring feature."
"The most valuable features in Trellix for me are the automated signature updates. It is a great and convenient feature."
"The initial setup is straightforward."
"It has a lot of functions, such as firewall. We are administrators, and we create some rules to protect our network. We also monitor the traffic in and out and have disk encryption on-premises. When we detect malware, we scan for the virus on the PC. We can then delete or block the malware."
"The product is worth the investment."
"The customization of the rules can be simplified."
"Performance needs improvement."
"The cloud can be improved."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"The solution's approach to managing traffic blocking is confusing and impractical."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"The solution needs to improve the graphical interface. And they had a limitation in some of the sensor modems as well."
"We would like to have a simpler version. Some settings and functions on the McAfee console are complex and complicated. I want the management console to be simpler."
"The Network Security Managers could be more stable, agile, and work faster. When it comes to instability, there is room for improvement."
"The platform’s GUI could be the latest."
"Integration with Global Thereat Intelligence could be better. Also, I think management solutions are end of life now at McAfee. Network threat analyzer may be used for endpoint quarantines. Integration between these sides, as well as endpoint APO, will help you quarantine the risky endpoints."
"There are limited resources for configuration guidance."
"Some of the documentation is not as straightforward as it could be."
"The management component could be simplified."
More Trellix Intrusion Prevention System Pricing and Cost Advice →
Cisco Sourcefire SNORT is ranked 12th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Trellix Intrusion Prevention System is ranked 15th in Intrusion Detection and Prevention Software (IDPS) with 14 reviews. Cisco Sourcefire SNORT is rated 7.6, while Trellix Intrusion Prevention System is rated 8.4. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Trellix Intrusion Prevention System writes "Protects from attacks in real-time and provides accurate threat intelligence updates". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Cisco Secure Network Analytics, whereas Trellix Intrusion Prevention System is most compared with Trend Micro TippingPoint Threat Protection System, Cisco NGIPS, Palo Alto Networks Advanced Threat Prevention, Check Point IPS and Darktrace. See our Cisco Sourcefire SNORT vs. Trellix Intrusion Prevention System report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.