We performed a comparison between Cisco Sourcefire SNORT, Darktrace, and RedSeal based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."Cisco technical support is unbeatable. It offers a premium service every time."
"I like most of Cisco's features, like malware detection and URL filtering."
"The whole solution is very good, and stable."
"The solution is stable."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"Solid intrusion detection and prevention that scales easily in very large environments."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"We have found the product to be stable and issue-free."
"What I like about Darktrace, is that you can quickly identify threats."
"The solution is outstanding from a monitoring perspective."
"The NDR is good in their solution and they have NTG for email."
"We liked their approach to identifying intrusions or network anomalies using AI."
"I find it very good in the way that they show the past events, including the attack history."
"The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
"RedSeal integrates the network and gives us a visual or graphical overview of our network. If an organization is geographically dispersed, for instance, with one office in Canada and one office in the Philippines, the whole network, including all devices, is integrated into RedSeal, and you can see from where the traffic is going in and out."
"The most valuable features are network mapping and configuration."
"This is the only solution in the world that gives you a digital resilience score."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"The cloud can be improved."
"The customization of the rules can be simplified."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"Performance needs improvement."
"There are problems setting up VPNs for some regions."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"The implementation could be a bit easier."
"The pricing model is a little too high and could be more flexible."
"The interface and dashboards could be improved for ease-of-use."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"I'd love them to see maybe covering the cloud a bit more."
"This is quite an expensive product so the pricing is something that can be improved."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
"It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not."
"Upper management wasn't sold on the value proposition."
"One of the areas of concern is the GUI. It is important to our customers that the GUI looks beautiful. It's a Java Client, so you have a Java dependency."
"Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus."
"The dashboard should be improved to make correlating data easier to do."
Earn 20 points