We performed a comparison between Cisco Sourcefire SNORT and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"The most valuable feature is the visibility that we have across the virtual environment."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"The solution is rather easy to use."
"The whole solution is very good, and stable."
"Cisco technical support is unbeatable. It offers a premium service every time."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."
"It's easy to manage, and I love the UX. It's very well designed. When we are looking for something, it's quite easy to find it."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."
"The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us."
"The solution is currently used as a central threat detection and response system."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"The customization of the rules can be simplified."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."
"The implementation could be a bit easier."
"To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have."
"Performance needs improvement."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"We have had a few issues with the integration of Vectra AI with EDR. Some filters have not been working. We've also had issues with the brain not being powerful enough."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"Vectra Recall could be utilized much more, and I'm seeing some indications of that today with the investigative components. I use the Visualize feature to visualize components and dashboards a lot. I'm interested in new ways to build automated searches or having them leveraged already from Vectra."
"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."
"The main improvement I can see would be to integrate with more external solutions."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Cisco Sourcefire SNORT is rated 7.6, while Vectra AI is rated 8.6. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Fortra's Tripwire Enterprise, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight. See our Cisco Sourcefire SNORT vs. Vectra AI report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.