We performed a comparison between Check Point IPS and Cisco Sourcefire SNORT based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There's an automatic update after every 2 hours which makes sure that the database is up to date and providing zero-day vulnerability protection."
"IPS can protect our organization with any old vulnerabilities or if any vulnerability detected minutes ago IPS can protect us as per our configured policy."
"Check Point Intrusion Prevention System has great profiles, and we can continuously create, modify, activate, deactivate or configure any specific setting to allow the profile to focus on just one thing or for certain attacks."
"The Check Point IPS module allows me granularity in creating rules."
"The number of the IPS protections is amazing - after the latest update I see more than 11000 in the SmartConsole."
"It offers robust protection with features such as Next Generation firewall capabilities, mobile solutions, and proactive threat prevention."
"IPS easily allows follow-up flags on recently updated patterns. If, in rare cases, a false positive does occur, it is quickly detected and an exception can be easily created."
"User-friendly and easy to implement."
"The most valuable feature of this solution is the filtering."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"It is quite an intelligent product."
"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"The solution is rather easy to use."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The most valuable feature is the visibility that we have across the virtual environment."
"The pain point that I have with this solution is contacting technical support."
"I would like the product to provide us with intelligence to understand what we really have in our environment."
"The only thing they could maybe improve is that we notice right away that the performance decreases when we enable the IPS, especially beyond the CPU and memory usage. If you want to enable the IPS and you have a lot of traffic, it can have an impact. The performance could be improved."
"Despite being a blade, this is expensive."
"Setting up Check Point IPS isn't easy, but it's not too complex, either. I rate it seven out of 10 for ease of setup. Generally, customers cannot do it themselves. They need an integrator."
"Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns."
"It would be good to update the public documentation of Check Point so that we can generate improvements and best practices based on the documentation."
"The cost is a bit high but it is worth it."
"The cloud can be improved."
"There are problems setting up VPNs for some regions."
"Performance needs improvement."
"The customization of the rules can be simplified."
"The implementation could be a bit easier."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"The solution's approach to managing traffic blocking is confusing and impractical."
Check Point IPS is ranked 3rd in Intrusion Detection and Prevention Software (IDPS) with 45 reviews while Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews. Check Point IPS is rated 8.6, while Cisco Sourcefire SNORT is rated 7.6. The top reviewer of Check Point IPS writes "Great for detection and access with the capabilities of defining specific rules". On the other hand, the top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". Check Point IPS is most compared with Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Palo Alto Networks Advanced Threat Prevention, Trend Micro TippingPoint Threat Protection System and Vectra AI, whereas Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Palo Alto Networks Advanced Threat Prevention, Darktrace and Trend Micro TippingPoint Threat Protection System. See our Check Point IPS vs. Cisco Sourcefire SNORT report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
