Compare Cisco Sourcefire SNORT vs. Fortinet FortiWeb

Cisco Sourcefire SNORT is ranked 8th in Intrusion Detection and Prevention Software with 9 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 13 reviews. Cisco Sourcefire SNORT is rated 7.4, while Fortinet FortiWeb is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "Good functionality and has the possibility to have one manager for other firewalls but stability needs to improve". On the other hand, the top reviewer of Fortinet FortiWeb writes "Good pricing, and provides for faster and more secure application deployment". Cisco Sourcefire SNORT is most compared with Cisco Stealthwatch, Splunk User Behavior Analytics and Fortinet FortiWeb, whereas Fortinet FortiWeb is most compared with F5 BIG-IP, FortiADC and Cloudflare.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Cisco, Darktrace, GFI and others in Intrusion Detection and Prevention Software. Updated: January 2020.
391,329 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
The URL filtering is very good and you can create a group for customized URLs.The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that.In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well.I like most of Cisco's features, like malware detection and URL filtering.The most valuable feature of this solution is the filtering.The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates.The whole solution is very good, and stable.Cisco technical support is unbeatable. It offers a premium service every time.

Read more »

FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives.It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet.The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability.What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options.All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features.When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up.Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.).The most valuable feature is the web application firewall (WAF).

Read more »

Cons
There are problems setting up VPNs for some regions.We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco.To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have.I don't think this solution is a time-based control system, because one cannot filter traffic based on time.If the price is brought down then everybody will be happy.With the next release, I would like to see some PBR, so that you can do the configuration with the features.The customization of the rules can be simplified.The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market.

Read more »

Fortinet FortiWeb is not scalable. You'll need more budget to change the hardware.The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures.We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point.Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only.New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems.I would like to have an antivirus option.FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection.​Their support needs improvement.

Read more »

Pricing and Cost Advice
I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices.Licensing for this solution is paid on a yearly basis.We have a three-year license for this solution.

Read more »

The solution gives us the best price to performance ratio.The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size.​The pricing is reasonable.​It really pays off to buy licences for multiple years​.Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes.Cheaper than others.FortiWeb can be purchased in VM mode for a lower price and the same features.

Read more »

report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software solutions are best for your needs.
391,329 professionals have used our research since 2012.
Ranking
Views
2,232
Comparisons
1,929
Reviews
7
Average Words per Review
519
Avg. Rating
8.1
Views
8,889
Comparisons
6,995
Reviews
10
Average Words per Review
350
Avg. Rating
8.1
Top Comparisons
Compared 25% of the time.
Compared 23% of the time.
Compared 5% of the time.
Also Known As
Sourcefire SNORT
Learn
Cisco
Fortinet
Overview

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.

Offer
Learn more about Cisco Sourcefire SNORT
Learn more about Fortinet FortiWeb
Sample Customers
CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western AustraliaLush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
Top Industries
No Data Available
REVIEWERS
Financial Services Firm30%
Comms Service Provider20%
Consumer Goods10%
Mining And Metals Company10%
VISITORS READING REVIEWS
Software R&D Company32%
Comms Service Provider22%
Media Company8%
Government8%
Find out what your peers are saying about Cisco, Darktrace, GFI and others in Intrusion Detection and Prevention Software. Updated: January 2020.
391,329 professionals have used our research since 2012.
We monitor all Intrusion Detection and Prevention Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.