We performed a comparison between Check Point CloudGuard CNAPP, Cisco Secure Network Analytics, and Cisco Sourcefire SNORT based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."The user interface is responsive and quite intuitive; when selecting an object it automatically shows the relevant actions."
"The most valuable feature is the ability to apply common tools across all accounts."
"This solution helps to keep everything visible, and it also alerts us if something is wrong, such as if someone opened extra ports or services that they are not supposed to. This is a valuable tool for monitoring and maintaining our cloud environment."
"The most valuable feature is the separate environment."
"It is able to bring visibility into that cloudy space where the security departments do not really see what is happening on the DevOps side. It brings visibility, security control, and standardization."
"The reporting against compliance is an important feature that helps you comply with policies and standards within your organization."
"On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures."
"It offers a range of features tailored to address the unique security challenges."
"The most valuable feature is NetFlow. The beginning of any security investigation starts with NetFlow data."
"The most valuable feature of this solution is data hoarding because it catches threats on a frequent basis that we had no idea of."
"The most valuable feature we got out of Stealthwatch is to be able to, while troubleshooting, go deep into one of our interfaces and verify what the bandwidth is and if there's any activity there that's causing problems."
"The most valuable feature about this solution is that it gives me insight of my network."
"Great network monitoring, looking at anomaly detection and evaluation."
"The solution reduces the amount of time it takes to detect and remediate threats."
"From what I understand, you can encrypt and unencrypt traffic moving in transit. This is one of the features that we liked about it."
"The most valuable features of this solution are the logging, keeping threats under control, and keeping our data and environment secure."
"The whole solution is very good, and stable."
"I like most of Cisco's features, like malware detection and URL filtering."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The solution is stable."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"Cisco technical support is unbeatable. It offers a premium service every time."
"The support it provides is not very good. They should improve it since we have had several setbacks due to support issues."
"The technical support could be better, but I do not know of any other needed improvements."
"The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be."
"I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations."
"When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."
"CloudGuard could be improved by including integration with vendors other than AWS, especially Azure, especially in permissions."
"I would like them to include support for their products in languages other than English."
"Integration could be improved."
"Complexity on integration is not so straightforward and you really need an expert to help build it out."
"We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too."
"If they can make this product more web-based, that would be amazing."
"The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure."
"I would like to see better filters."
"The overall visibility into the actual device itself would be helpful. I don't just want support-specific data, but also to be able to see information such as CPU and other internal components or usage of the devices."
"I would like to see a hybrid solution that can work without being connected directly to the internet for those destinations."
"The initial setup was complex."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"If the price is brought down then everybody will be happy."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"I would like to have analytics included in the suite."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"The implementation could be a bit easier."
"The customization of the rules can be simplified."
More Cisco Secure Network Analytics Pricing and Cost Advice →