Cisco Sourcefire SNORT Review

User-friendly and provides important insights into SSL traffic

What is our primary use case?

The main features of the Cisco Sourcefire are that it's a next-generation firewall with new features. It has application security, advanced malware protection, URL filterings, encryption, and decryption.

It is also used for email filtration and web application cyber protection.

The deployment model we used was on-premises.

How has it helped my organization?

This solution has improved our security level for our organization. It's a more intellectual system with many features that can help us with decryption. 

At this time, we have more than eighty-six percent of the traffic is SSL. We must decrypt this, and these devices provide us with tools for encrypted traffic inspection.

What is most valuable?

 It's user-friendly for engineers and works well for configuration and debugging.

The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates.

What needs improvement?

This is a good solution, but some others may have some advantages. For example, Palo Alto has more useful and suitable application abilities. This solution has a better Firepower but the functionalities are not as good.

With the next release, I would like to see some PBR, so that you can do the configuration with the features.

For how long have I used the solution?

I have been using this solution for six years.

What do I think about the stability of the solution?

This solution is stable if we talk about boxes, and usually, it is a strong system, but with some software versions, we have had some trouble. I think that it depends on the manufacturers. 

What do I think about the scalability of the solution?

This solution is scalable and reliable.

You can use it in a cluster for one PC or a cluster for two different data centers.

How are customer service and technical support?

The support is good.

For customers, there are many features and we try to resolve as many issues as we can, but we only have access to some of the core elements. They can only be resolved by contacting technical support.

How was the initial setup?

The initial setup and configuration are easy.

You can create panels with deeper functionalities, but you need a bit more experience with the technology. 

What other advice do I have?

Providing videos and materials are useful, but really what you need is the experience in analyzing logs. Without that, you wouldn't be able to problem-solve on your own, even with the assistance of videos.

I would recommend this solution. It's reliable and scalable, with easy installation and integration.

I would rate this solution an eight out of ten.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment