Cisco Sourcefire SNORT Valuable Features

SK
reviewer1420032
Lead Program Manager at a computer software company with 10,001+ employees

You can do a lot of feasibility in terms of SSLI configuration which can be enabled.

You can encrypt and encrypt your data through Cisco Sourcefire so that your IPS solution can be effectively utilized.

Users have access to intelligent security automation as one of the features. It can easily automate your event impact assessment and your IPS policy tuning can be done as well as your network behavior analysis. They have introduced this intelligent security automation as part of that and then you can do a real-time contextual awareness. Basically, you can see a correlation of events that are created on your application, user devices, operating systems, or vulnerabilities. All of this real-time data can be captured including on your apps and port scans.

It is quite an intelligent product.

It can look into your north-south traffic in case of IPv6 attacks, DOS attacks, or buffer overflow. They say that it also supports against zero-day threats and items like that. They are up-to-date in terms of their threat protection, anti-bot, antivirus, and all kinds of signatures.

They have something called Firepower, which is advanced threat protection that they offer. It's a new subscription which we use for additional malware protection. It offers blocking capabilities and continuous analysis.

The solution is very stable.

View full review »
GoumouFerdinand
Security Engineer at Socitech SA

In general, the features are all great. However, if I need to take hardware for ASA because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower, you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well. 

The functionality they have deployed is also very good. They provide the possibility to have one manager for other firewalls, which is Firepower Management Center. I can manage many other firewalls from Firepower Management Center, by just logging on to the other device. That feature is also very great. 

The idea that they implement the malware protection inside the firewall is another great feature. This has the same features and functionality as they had for the IPS device. The way they deploy the AMP is also great because from there we can even go to the packet level, both to the header of the packet, as well as inside the packet, to see if there is any virus there. Right now, the firewall has the possibility to pick up inspection, not only on the header of the packet but off the packet itself. That feature is very great.

There are a lot of features that I really appreciate with Firepower, which is why I advise most of my customers to go with Firepower.

View full review »
BT
NetworkE4b4a
Network Engineer at a individual & family service with 10,001+ employees

For us, the scalability of the solution is really useful. We were able to rebuild our network recently and we plan to add another 500 nodes throughout South America.

View full review »
Learn what your peers think about Cisco Sourcefire SNORT. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,641 professionals have used our research since 2012.
AE
AhmedElsayed1
Information Security Operations Expert at Asiacell

The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that. It can tune its IPS rules automatically based on what it has learned. This feature is not available in other IPS solutions, so it is very beneficial for us. Manually tuning the IPS rules is difficult because we have thousands of them.

View full review »
AR
Alexander Rudenko
Team Lead at a tech services company with 201-500 employees

It has a huge rate of protection. It has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions. It has a good support channel, technical assistance. It's good. 

It's really good to sell as far as a Cisco firewall. It's really good to sell in the complex Cisco project because Cisco's really good for networking and routing. When we are networking, it's easier to sell a security-based firewall. It's a complex product. It's really good. There is syndication between different security products, and in Cisco's case, it's with integration.

View full review »
SC
reviewer1200357
Team Lead with 501-1,000 employees

The solution is rather easy to use. 

The signatures are uploaded and there's a set of recommended ones that we are using, which makes a lot easier than having to configure individual signatures together.

View full review »
OS
reviewer1057971
Senior Engineer at a tech services company with 51-200 employees

 It's user-friendly for engineers and works well for configuration and debugging.

The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates.

View full review »
GebremichaelTeklemariam
Networking and Security Engineer at IE Network Solutions PLC (Ethiopia)

I like most of Cisco's features, like malware detection and URL filtering.

View full review »
OH
Netwrkengin67
Network Engineer at a financial services firm with 201-500 employees

The most valuable feature of this solution is support for everything in the same box, including IPS, High Availability, etc.

View full review »
NAWAF-TAWAKOL
Pre-Sales Engineer at a tech services company with 51-200 employees

The most valuable feature of this solution is the filtering.

It does well for eliminating email spam.

The GUI is user-friendly.

View full review »
SS
reviewer1259517
Network Engineer at a tech services company with 501-1,000 employees

The most valuable feature is reliability. This solution is better than Check Point.

The URL filtering is very good and you can create a group for customized URLs. 

Cisco SNORT is easy to manage.

View full review »
SA
Sola Ayoade
Chief technology officer at Next Generation Systems Nigeria Limited

The ability to roll out the services is an excellent aspect of the solution. They have advanced malware protection for URL filtering. I like working with both of these features.

View full review »
AA
reviewer1447215
NOC Supervisor / Network Architect / System Analyst at a non-profit with 10,001+ employees

Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly.

View full review »
Learn what your peers think about Cisco Sourcefire SNORT. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,641 professionals have used our research since 2012.