We performed a comparison between Cisco Secure Network Analytics and Cisco Sourcefire SNORT based on real PeerSpot user reviews.
Find out in this report how the two Network Monitoring Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can manage the entire system across the network and troubleshoot the pain points."
"The deployment was a breeze. It is a very innovative and robust platform that allows us to bi-directionally stitch together data elements from Netflow-enabled devices to provide a context for network utilization."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"It's a dependable product that is able to pinpoint where we have vulnerabilities if they occur."
"It does change the way we troubleshoot and it is relatively easy to use once you learn it. I would recommend it to someone considering it."
"It has improved our internal knowledge of what's going on with the network, and that's helpful."
"From what I understand, you can encrypt and unencrypt traffic moving in transit. This is one of the features that we liked about it."
"The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now."
"The solution has increased our threat detection rate. Cisco Stealthwatch has not reduced our incident response times. It has not reduced the amount of time it takes us to detect immediate threats. It has reduced false positives."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"The URL filtering is very good and you can create a group for customized URLs."
"The whole solution is very good, and stable."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"The Wi-Fi side needs improvement."
"The reporting of day-to-day metrics still has room for improvement."
"I would like to see more and cleaner reporting. For example, if I pull up Steven and I want to look and maybe compare him to what you've done in the past week, and compare that to the past six months, the point would be to see what the difference in activity looks like over this time. I don't see that capability in reporting to date. You see that trend but you don't really see a straightforward comparison. That right there is key to what we want to see about the normal activity."
"Initially, I felt Cisco Secure Network Analytics lacked integration with Splunk."
"One thing I would like to see improved is if it could automatically be tied through ISE, instead of you having to manually get notifications and disable it yourself."
"We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too."
"We haven't seen ROI."
"It's not great as a standalone solution."
"The initial setup was complex."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"The solution's approach to managing traffic blocking is confusing and impractical."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"Performance needs improvement."
"The implementation could be a bit easier."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews while Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews. Cisco Secure Network Analytics is rated 8.2, while Cisco Sourcefire SNORT is rated 7.6. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Palo Alto Networks URL Filtering with PAN-DB. See our Cisco Secure Network Analytics vs. Cisco Sourcefire SNORT report.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.