Cisco Sourcefire SNORT Valuable Features

GoumouFerdinand
Security Engineer at Socitech SA
In general, the features are all great. However, if I need to take hardware for ASA because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower, you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well. The functionality they have deployed is also very good. They provide the possibility to have one manager for other firewalls, which is Firepower Management Center. I can manage many other firewalls from Firepower Management Center, by just logging on to the other device. That feature is also very great. The idea that they implement the malware protection inside the firewall is another great feature. This has the same features and functionality as they had for the IPS device. The way they deploy the AMP is also great because from there we can even go to the packet level, both to the header of the packet, as well as inside the packet, to see if there is any virus there. Right now, the firewall has the possibility to pick up inspection, not only on the header of the packet but off the packet itself. That feature is very great. There are a lot of features that I really appreciate with Firepower, which is why I advise most of my customers to go with Firepower. View full review »
NetworkE4b4a
Network Engineer at a individual & family service with 10,001+ employees
For us, the scalability of the solution is really useful. We were able to rebuild our network recently and we plan to add another 500 nodes throughout South America. View full review »
AhmedElsayed1
Information Security Operations Expert at Asiacell
The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that. It can tune its IPS rules automatically based on what it has learned. This feature is not available in other IPS solutions, so it is very beneficial for us. Manually tuning the IPS rules is difficult because we have thousands of them. View full review »
Find out what your peers are saying about Cisco, Darktrace, Splunk and others in Intrusion Detection and Prevention Software. Updated: January 2020.
391,329 professionals have used our research since 2012.
reviewer1057971
Senior Engineer at a tech services company with 51-200 employees
It's user-friendly for engineers and works well for configuration and debugging. The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates. View full review »
GebremichaelTeklemariam
Networking and Security Engineer at IE Network Solutions PLC (Ethiopia)
I like most of Cisco's features, like malware detection and URL filtering. View full review »
Netwrkengin67
Network Engineer at a financial services firm with 201-500 employees
The most valuable feature of this solution is support for everything in the same box, including IPS, High Availability, etc. View full review »
NAWAF-TAWAKOL
Pre-Sales Engineer at a tech services company with 51-200 employees
The most valuable feature of this solution is the filtering. It does well for eliminating email spam. The GUI is user-friendly. View full review »
reviewer1259517
Network Engineer at a tech services company with 501-1,000 employees
The most valuable feature is reliability. This solution is better than Check Point. The URL filtering is very good and you can create a group for customized URLs. Cisco SNORT is easy to manage. View full review »
Sola Ayoade
Chief technology officer at Next Generation Systems Nigeria Limited
The ability to roll out the services is an excellent aspect of the solution. They have advanced malware protection for URL filtering. I like working with both of these features. View full review »
Find out what your peers are saying about Cisco, Darktrace, Splunk and others in Intrusion Detection and Prevention Software. Updated: January 2020.
391,329 professionals have used our research since 2012.