We performed a comparison between Cisco Sourcefire SNORT and Darktrace based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"The most valuable feature is the visibility that we have across the virtual environment."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"Solid intrusion detection and prevention that scales easily in very large environments."
"The whole solution is very good, and stable."
"I like most of Cisco's features, like malware detection and URL filtering."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"The solution is stable."
"The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network."
"It is a very simple product to use."
"A simple, powerful AI solution that just does all the work for you when you turn it on."
"The product offers us a very good user interface and we've found the network visibility to be very good so far."
"One thing I appreciate is Antigena Email, which is for email protection."
"The most valuable feature has been the behavioral analytics that allows us to monitor all the traffic."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"The solution is stable. We've never had any problems with it."
"Performance needs improvement."
"The customization of the rules can be simplified."
"The solution's approach to managing traffic blocking is confusing and impractical."
"To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have."
"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"There are problems setting up VPNs for some regions."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"The solution can improve the reporting."
"It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening."
"I'd love them to see maybe covering the cloud a bit more."
"Darktrace could improve by being more user-friendly."
"I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools."
"I believe their network monitoring device licensing module could use some improvement."
Cisco Sourcefire SNORT is ranked 12th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 66 reviews. Cisco Sourcefire SNORT is rated 7.6, while Darktrace is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Vectra AI, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x). See our Cisco Sourcefire SNORT vs. Darktrace report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.