We performed a comparison between Cisco Secure Network Analytics and Cisco Sourcefire SNORT based on real PeerSpot user reviews.
Find out in this report how the two Network Monitoring Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can manage the entire system across the network and troubleshoot the pain points."
"The feature most valuable for us is to gain visibility of what is actually floating through, so we can stop it based on whether it's good or bad traffic."
"The most valuable features of this solution are its reporting and mitigation capabilities."
"Using this solution has helped us to detect and identify viruses or malicious activity in the network early on."
"I value the feature which enables me to detect devices talking to suspect IPs."
"The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration."
"Visibility. The ability to look East and West. To see what is passing through your circuits, where it is coming from, and how big it is."
"Ease of deployment, once you get your ducks in a row."
"Most valuable features are the network maps and server and network response time."
"The most valuable feature is the visibility that we have across the virtual environment."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"It is quite an intelligent product."
"The solution is rather easy to use."
"Solid intrusion detection and prevention that scales easily in very large environments."
"The solution is stable."
"The Wi-Fi side needs improvement."
"They should include Citrix VDIs in the next release."
"One update I would like to see is an agent-based client. Currently StealthWatch is network based."
"Stealthwatch is still maturing in AI. It uses artificial intelligence for predictions, but AI still needs to mature. It is in a phase where you get 95% correct detection. As its AI engine learns more, it will become more accurate. This is applicable to all the devices that are using AI because they support both supervised and unsupervised machine learning. The accuracy in the case of supervised machine learning is dependent on the data you feed into the box. The accuracy in the case of unsupervised machine learning is dependent on the algorithm. The algorithm matures depending on retrospective learning, and this is how it is able to detect zero-day attacks."
"Some of our customers find this solution to be a little bit tough because they don't understand how to configure and use it."
"One thing I would like to see improved is if it could automatically be tied through ISE, instead of you having to manually get notifications and disable it yourself."
"We need to be able to filter out internal IPs as non-threats."
"Cisco Stealthwatch needs more integration with device discovery. We have to do a lot of hard work to figure out what things are. Better service integration is required."
"If they can make this product more web-based, that would be amazing."
"The implementation could be a bit easier."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"There are problems setting up VPNs for some regions."
"To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"The cloud can be improved."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews while Cisco Sourcefire SNORT is ranked 12th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews. Cisco Secure Network Analytics is rated 8.2, while Cisco Sourcefire SNORT is rated 7.6. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Trellix Intrusion Prevention System. See our Cisco Secure Network Analytics vs. Cisco Sourcefire SNORT report.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.