Cisco Sourcefire SNORT Reviews

Filter by:Reset all filters
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
GoumouFerdinand
Real User
Security Engineer at Socitech SA
Nov 27 2019

What is most valuable?

In general, the features are all great. However, if I need to take hardware for ASA because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular… more»

What needs improvement?

To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team is working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I… more»

What other advice do I have?

I would recommend this solution and give it a rating of seven out of ten. That is mainly because of the expense. I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco devices are expensive compared to… more»
Real User
Network Engineer at a individual & family service with 10,001+ employees
Jul 16 2019

What is most valuable?

For us, the scalability of the solution is really useful. We were able to rebuild our network recently and we plan to add another 500 nodes throughout South America.

How has it helped my organization?

With Cisco Sourcefire SNORT, we've been able to prevent and detect intrusion in our network and actually decrease our SLA (Service Level Agreement).

What needs improvement?

One addition to the current product that I think would be helpful is if it was integrated into the Cisco DNA Center. Between their security side, their routing, and the wireless side, they kind of… more»

Which solution did I use previously and why did I switch?

The main reason why we switched to this solution had to do with growth. We were growing at a very high rate at the time so we needed a solution that could handle a much larger architecture reliably… more»

What other advice do I have?

I'd give the product a nine out of ten because it is excellent in scalability, ease of management, and ease of use. The only reason it isn't a ten out of ten is some of the gaps in integration. I… more»

Which other solutions did I evaluate?

There were a couple of other products that we considered at the time. None of them made it very far in the process because they just didn't have a lot of the capabilities that we were looking for… more»
Find out what your peers are saying about Cisco, Darktrace, Splunk and others in Intrusion Detection and Prevention Software. Updated: February 2020.
399,540 professionals have used our research since 2012.
AhmedElsayed1
Real User
Information Security Operations Expert at Asiacell
Jan 12 2020

What is most valuable?

The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that. It can tune its IPS rules automatically based on what it has learned. This feature is not… more»

How has it helped my organization?

The current solution that we are using is actually a bottleneck for us. It is negatively impacting our performance because it cannot handle our traffic. The SSL offloading did not work and gives us an error regarding resources in terms of… more»

What needs improvement?

We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco. Sourcefire SNORT is very resource heavy in terms of CPU usage and memory consumption. Technical support has told… more»

Which solution did I use previously and why did I switch?

We did use another product prior to Cisco Sourcefire SNORT but it was before I joined the company and I am unable to comment on it.

What other advice do I have?

A lot of Cisco equipment is very good, but in judging the model of this solution that we have, I feel that it is the worst. It has very big issues for us in terms of performance, reliability, and stability. It is slowing our network traffic… more»
Real User
Senior Engineer at a tech services company with 51-200 employees
Oct 08 2019

What is most valuable?

It's user-friendly for engineers and works well for configuration and debugging. The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates.

How has it helped my organization?

This solution has improved our security level for our organization. It's a more intellectual system with many features that can help us with decryption. At this time, we have more than eighty-six percent of the traffic is SSL. We must decrypt this, and these devices provide us with tools for… more»

What needs improvement?

This is a good solution, but some others may have some advantages. For example, Palo Alto has more useful and suitable application abilities. This solution has a better Firepower but the functionalities are not as good. With the next release, I would like to see some PBR, so that you can do the… more»

What other advice do I have?

Providing videos and materials are useful, but really what you need is the experience in analyzing logs. Without that, you wouldn't be able to problem-solve on your own, even with the assistance of videos. I would recommend this solution. It's reliable and scalable, with easy installation and… more»
GebremichaelTeklemariam
Real User
Networking and Security Engineer at IE Network Solutions PLC (Ethiopia)
Nov 19 2019

What is most valuable?

I like most of Cisco's features, like malware detection and URL filtering.

What needs improvement?

I don't think this solution is a time-based control system, because one cannot filter traffic based on time.

What other advice do I have?

The main problem we have when we implement security policies for our customers is scheduling. For example, customers want to take up with a time-based security policy, so that we have a different setup for working hours and non-working hours, and for weekends. But that feature is not supported by Cisco Sourcefire. So, I think it would be very good if Cisco can implement this scheduling feature… more»
Netwrkengin67
Real User
Network Engineer at a financial services firm with 201-500 employees
Aug 30 2019

What is most valuable?

The most valuable feature of this solution is support for everything in the same box, including IPS, High Availability, etc.

What needs improvement?

This solution needs to be more customizable. The customization of the rules can be simplified.

What's my experience with pricing, setup cost, and licensing?

We have a three-year license for this solution.

Which solution did I use previously and why did I switch?

Prior to this solution, we used McAfee. We switched because we replace our firewalls every five or six years.

What other advice do I have?

We are satisfied with this solution. The whole solution is very good, and stable. There are three modes that can be configured. The first is collectivity over security, the second is security over… more»

Which other solutions did I evaluate?

We evaluated Fortinet FortiGate and Palo Alto before choosing this solution.
NAWAF-TAWAKOL
Real User
Pre-Sales Engineer at a tech services company with 51-200 employees
Oct 14 2019

What do you think of Cisco Sourcefire SNORT?

What is our primary use case?

We are a system integrator and this is one of the solutions that we provide to our customers. This solution is for inspecting traffic. It works with the firewall, email, etc. This is for an on-premises deployment.

How has it helped my organization?

This is a solution that we trust for protection.

What is most valuable?

The most valuable feature of this solution is the filtering. It does well for eliminating email spam. The GUI is user-friendly.

What needs improvement?

The price of this solution could be improved. If the price is brought down then everybody will be happy. I would like to see a cloud-based version of this solution.

For how long have I used the solution?

I have been familiar with this solution for five years.

What do I

Real User
Network Engineer at a tech services company with 501-1,000 employees
Jan 15 2020

What is most valuable?

The most valuable feature is reliability. This solution is better than Check Point. The URL filtering is very good and you can create a group for customized URLs. Cisco SNORT is easy to manage.

How has it helped my organization?

Sourcefire SNORT has been good for us.

What needs improvement?

There are problems setting up VPNs for some regions. There are cases where they are permitted in Sourcefire but blocked in Check Point. There are some outside ports that are allowed by default but should not be. It would be helpful if a… more»

Which solution did I use previously and why did I switch?

We are also using Check Point but it does not work as well as Sourcefire SNORT, which is why we are switching. For example, customized URLs do not work in Check Point. Check Point is also more complex.

What other advice do I have?

This is a good solution and one that I would recommend to others. I would rate this solution an eight out of ten.
See 1 More Cisco Sourcefire SNORT Reviews

Articles

User Assessments By Topic About Cisco Sourcefire SNORT

Find out what your peers are saying about Cisco, Darktrace, Splunk and others in Intrusion Detection and Prevention Software. Updated: February 2020.
399,540 professionals have used our research since 2012.

Cisco Sourcefire SNORT Questions

What is Cisco Sourcefire SNORT?

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

Also known as
Sourcefire SNORT
Cisco Sourcefire SNORT customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia