We performed a comparison between Cisco Sourcefire SNORT and Darktrace based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The URL filtering is very good and you can create a group for customized URLs."
"It is quite an intelligent product."
"The solution is rather easy to use."
"I like most of Cisco's features, like malware detection and URL filtering."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"The most valuable feature is the visibility that we have across the virtual environment."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"The solution is stable. We've never had any problems with it."
"I am impressed with the product's ability to give insights into network traffic."
"It is a stable solution without downtime."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"I find it very good in the way that they show the past events, including the attack history."
"The AI-based pattern is the most valuable feature."
"Performance needs improvement."
"To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have."
"There are problems setting up VPNs for some regions."
"The solution's approach to managing traffic blocking is confusing and impractical."
"The customization of the rules can be simplified."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"I would like to have analytics included in the suite."
"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."
"It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"It is expensive, but everything else has been great so far."
"The module can improve so that every time it's more intelligent."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"I would like to see some additional enhancements."
"It can have more integration with orchestration or event management solutions. They can provide more knowledge or research information for analysts for investigating cases and detecting anomalies in networks."
"The price point for the product was too high for what our possible use case could be."
Cisco Sourcefire SNORT is ranked 12th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 65 reviews. Cisco Sourcefire SNORT is rated 7.6, while Darktrace is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Vectra AI, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics. See our Cisco Sourcefire SNORT vs. Darktrace report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.