2019-07-02T06:57:00Z

What needs improvement with Cisco Sourcefire SNORT?

Miriam Tover - PeerSpot reviewer
  • 0
  • 8
PeerSpot user
16

16 Answers

Netwrkengin67 - PeerSpot reviewer
Real User
Top 20
2023-03-09T09:05:38Z
Mar 9, 2023

The main dashboard of Cisco Sourcefire SNORT could improve.

Search for a product comparison
Sherwin De Claro - PeerSpot reviewer
Real User
Top 5
2022-12-07T09:45:46Z
Dec 7, 2022

The solution is expensive and can improve by lowering the cost. I would like to have analytics included in the suite.

Osereme Osobase - PeerSpot reviewer
Real User
Top 20
2022-10-11T19:26:33Z
Oct 11, 2022

The security landscape is changing, so the cloud can be improved. As we move, we try to adopt more cloud services and integrate everything, such as on-premise solutions, to get them to work with cloud solutions. The utopia is to see everything from one dashboard, but sometimes that's not very possible.

SK
Real User
2021-03-18T19:15:54Z
Mar 18, 2021

The solution is still very new to us. Maybe if I extensively start using it on our environment I will be able to, based on the events and other things, come back with insights on features. But currently, it is quite new to us, so we are still using it and learning it. The implementation could be a bit easier. As long as they continue to develop security features to protect our company, they will be doing quite well.

Art Astafiev - PeerSpot reviewer
Real User
Top 10
2020-12-08T14:56:35Z
Dec 8, 2020

I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it.

SC
Real User
2020-07-22T08:17:21Z
Jul 22, 2020

While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive.

Find out what your peers are saying about Cisco, Darktrace, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS). Updated: March 2024.
765,234 professionals have used our research since 2012.
AR
Real User
2020-04-13T06:27:00Z
Apr 13, 2020

Performance needs improvement. If you compare Cisco Sourcefire with other products, it performs at the same level of compliance. For Cisco Sourcefire, it's not really horrible and it's not really the market and price-performance rate. The performance can be improved.

it_user1259517 - PeerSpot reviewer
Real User
2020-01-12T12:02:00Z
Jan 12, 2020

There are problems setting up VPNs for some regions. There are cases where they are permitted in Sourcefire but blocked in Check Point. There are some outside ports that are allowed by default but should not be. It would be helpful if a list of third-party services were listed so that the rules could be easily added. An example of this would be a ticket booking site. It would be in a list of services and selecting it would allow transactions with that site.

AE
Real User
2020-01-09T06:15:00Z
Jan 9, 2020

We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco. Sourcefire SNORT is very resource heavy in terms of CPU usage and memory consumption. Technical support has told us that this is related to bugs that have yet to be fixed.

GF
Real User
2019-11-26T05:43:00Z
Nov 26, 2019

To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team is working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have. Another issue where there's room for improvement is that sometimes I feel like the device is heavy. For example, we can use either the physical or virtual device. Most of the time if you are using the virtual device, you need to have very good RAM. If, for example, we don't have a good RAM in the environment, the device will be kind of heavy. It will not run as quick as you want. Most of the time we need a minimum of 4GB of RAM. Maybe they should add the possibility that we could use 2GB of RAM so that the device can be more lightweight. Those are all small things, but if they can improve them it would be great. Of course, everything is dependent on the process running behind it. I don't know if they have the possibility to make these changes, but if they can, it would be great.

GT
Real User
Top 5
2019-11-19T06:35:00Z
Nov 19, 2019

I don't think this solution is a time-based control system, because one cannot filter traffic based on time.

NT
Real User
2019-10-13T05:49:00Z
Oct 13, 2019

The price of this solution could be improved. If the price is brought down then everybody will be happy. I would like to see a cloud-based version of this solution.

OS
Real User
2019-10-06T16:38:00Z
Oct 6, 2019

This is a good solution, but some others may have some advantages. For example, Palo Alto has more useful and suitable application abilities. This solution has a better Firepower but the functionalities are not as good. With the next release, I would like to see some PBR, so that you can do the configuration with the features.

Netwrkengin67 - PeerSpot reviewer
Real User
Top 20
2019-08-30T04:51:00Z
Aug 30, 2019

This solution needs to be more customizable. The customization of the rules can be simplified.

SA
Real User
2019-08-28T09:52:00Z
Aug 28, 2019

The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market.

BT
Real User
2019-07-02T06:57:00Z
Jul 2, 2019

One addition to the current product that I think would be helpful is if it was integrated into the Cisco DNA Center. Between their security side, their routing, and the wireless side, they kind of have a gap. If they could bridge the gap and integrate all those in the DNA Center, I think that would be a good goal and something useful to users.

Intrusion Detection and Prevention Software (IDPS)
What Is an Intrusion Detection System? Intrusion detection systems (IDSes) analyze network traffic for signatures of known attackers. The systems can be hardware devices or software solutions. An IDS can mitigate existing malware, such as backdoors, rootkits, and trojans.The goal of an intrusion detection system is to detect an attack as it occurs. The system starts by analyzing inbound and outbound network traffic for signs of known attackers. Some activities an IDS performs...
Download Intrusion Detection and Prevention Software (IDPS) ReportRead more