We performed a comparison between Cisco Sourcefire SNORT and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."The most valuable feature of this solution is the filtering."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The whole solution is very good, and stable."
"I like most of Cisco's features, like malware detection and URL filtering."
"It is quite an intelligent product."
"Solid intrusion detection and prevention that scales easily in very large environments."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"InsightIDR helps us investigate an environment to discover information about incidents."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"Very intuitive and easy to set up."
"The web interface is great — very useful and user-friendly."
"I rate Rapid7 nine out of 10 for affordability"
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"The cloud can be improved."
"The customization of the rules can be simplified."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"If the price is brought down then everybody will be happy."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"Lacks a mobile application."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"The ability to tune the collector for custom logs would greatly help."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
Cisco Sourcefire SNORT is ranked 12th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. Cisco Sourcefire SNORT is rated 7.6, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Splunk User Behavior Analytics, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.