Cisco Sourcefire SNORT Reviews

Name: Cisco Sourcefire SNORT
Brand: Cisco
Rating: 3.9 (20 reviews)

Vendor: Cisco

3.9 out of 5

20 reviews
95% willing to recommend

Leave a review

What is Cisco Sourcefire SNORT?

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

Get the Cisco Sourcefire SNORT Buyer's Guide and find out what your peers are saying about Cisco Sourcefire SNORT, Fortinet FortiGate, Darktrace and more!

Cisco Sourcefire SNORT is the #14 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Cisco Sourcefire SNORT an average rating of 7.8 out of 10. Cisco Sourcefire SNORT is most commonly compared to Fortinet FortiGate: Cisco Sourcefire SNORT vs Fortinet FortiGate. Cisco Sourcefire SNORT is popular among the large enterprise segment, accounting for 55% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a university, accounting for 12% of all views.

Buyer's Guide

Cisco Sourcefire SNORT

December 2025

Get the report

Helped 879,310 peers since 2012

Featured Cisco Sourcefire SNORT reviews

reviewer2772102

Cloud Architect at a consultancy with 1-10 employees

The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.

Read full review

Syed Shahnawaz Hussain

Sr. Executive Design Engineering Team at Wateen Telecom (pvt.)

We assess the client's environment, including the size of the workforce responsible for firewall management. Sourcefire can be effective despite its complexity if you have a capable team. Sourcefire might not be more appropriate if you lack a strong IT team. When it comes to real-time traffic analysis, the requirements can vary significantly. Discussing an organization's or individual user's security posture adds another layer of complexity. It's important to note that there isn't a single device that can fully meet the demands of real-time traffic analysis for security purposes. Multiple appliances and solutions are often necessary to achieve comprehensive real-time visibility. We've successfully integrated Sourcefire into various environments, making the process relatively straightforward. We've incorporated it with certain NMS, so I foresee no significant challenges in integrating the Sourcefire. Cisco Sourcefire SNORT offers visibility and robust support. Its resource management documentation is notably extensive, enhancing usability. However, its complexity may pose challenges, especially as the market trends toward simpler solutions for intricate issues. While concerns regarding maturity and stability exist, the development team has actively addressed these issues, requiring ongoing scrutiny to ensure complete resolution. Overall, I rate the solution a 7 out of 10.

Read full review

Jack Poon

Treasury Specialist at Dah Sing Bank

When it comes to the product's deployment phase, we have a lot of vendor support. We have a lot of skills here in Hong Kong. Our company doesn't find any problem deploying Cisco solutions. The solution is deployed on an on-premises version. Speaking about the time required to deploy the solution, I would say that we have quite a lot of previous experience with deploying Cisco products. We have our company's standard design document, which we need to follow. We have a standard testing procedure for all those features. We just take out some appropriate parts and then compile them into one document for an individual project. It is actually quite easy for us to do the documentation, so it just takes one or two hours, and we can do the implementation because all the materials and testing procedures are already in our company standard documents, so it is not that difficult for us.

Read full review

Cisco Sourcefire SNORT mindshare

As of December 2025, the mindshare of Cisco Sourcefire SNORT in the Intrusion Detection and Prevention Software (IDPS) category stands at 3.1%, up from 2.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
Product	Market Share (%)
Cisco Sourcefire SNORT	3.1%
Fortinet FortiGate	14.8%
Darktrace	12.8%
Other	69.3%

Intrusion Detection and Prevention Software (IDPS)

PeerResearch reports based on Cisco Sourcefire SNORT reviews

Type	Title	Date
Category	Intrusion Detection and Prevention Software (IDPS)	Dec 31, 2025	Download
Product	Reviews, tips, and advice from real users	Dec 31, 2025	Download
Comparison	Cisco Sourcefire SNORT vs Fortinet FortiGate	Dec 31, 2025	Download
Comparison	Cisco Sourcefire SNORT vs Darktrace	Dec 31, 2025	Download
Comparison	Cisco Sourcefire SNORT vs Check Point IPS	Dec 31, 2025	Download

Valuable Features

Cisco Sourcefire SNORT offers scalability, advanced malware protection with URL filtering, and integrated support for IPS and high availability. Users appreciate its user-friendly interface, seamless integration with other Cisco tools, robust threat protection, and automated IPS rule tuning. It provides thorough visibility, reliable monitoring, and effective logging. The system's intelligent security automation and adaptability ensure strong protection against diverse threats, offering extensive customizability for organizations to tailor their security needs efficiently.

"The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT; being able to log and store it in a file allows you to push it to a centralized repository."
"The tool's most valuable feature is threat detection, which is important because we have multiple layers not only in Cisco."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."

Room for Improvement

Users note integration into Cisco DNA Center would be beneficial. Cost reduction is necessary due to budget constraints. Simplified customization and improved performance are desired. Alert details need enhancement to reduce false positives. Some report stability issues and high resource demands. A cloud version is requested. Also mentioned are setup challenges, especially with VPNs, and a need for better dashboards. Overall, a more lightweight design and enhanced technical support are recommended.

"Cisco Sourcefire SNORT can scale, but if you have too much, you could fill up your log files, which I consider when discussing scalability."
"I want to see a better dashboard for the product. The dashboard can be a bit modified or enhanced."
"The solution's approach to managing traffic blocking is confusing and impractical."

Pricing

Cisco Sourcefire SNORT pricing is characterized by a three-year subscription model, often involving purchases of complete appliances including software and hardware licenses. Costs can vary, being higher per port but including training and support. Some consider it more affordable than leading brands like Palo Alto, with prices being comparable or occasionally cheaper than Fortinet. Pricing perception is moderate, rated around middle in value, and is influenced by potential Cisco discounts.

"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"The cost is per port and can be expensive but it does include training and support for three years."
"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."

Popular Use Cases

Organizations primarily use Cisco Sourcefire SNORT for security purposes, including intrusion prevention, URL filtering, malware protection, application security, and firewall functions. It is deployed for safeguarding VPNs, data centers, and internet access, often in conjunction with Cisco Firepower series. Users appreciate its advanced features like email filtration, edge firewall protection, and ease of deployment with pre-defined security configurations. It effectively manages network security policies and integrates with other Cisco systems.

Service and Support

Many users rarely rely on technical support for Cisco Sourcefire SNORT due to its reliability. Those who have used Cisco's support describe it as excellent, helpful, fast, and knowledgeable. Cisco's support is often compared favorably to other vendors, with features like global availability and premium service. Users appreciate responsive support, although the expertise of assigned engineers can vary. Resellers or community forums are also helpful in resolving issues.

Deployment

Initial setup of Cisco Sourcefire SNORT is generally straightforward, though complexity varies by environment. Deployments range from a few hours to several weeks depending on project size and configuration requirements. Many find it simple due to thorough documentation and support, while others find it more complex compared to competitors. Deployment time can be influenced by user experience and environment type, with one person typically managing installation and maintenance.

Scalability

Cisco Sourcefire SNORT demonstrates strong scalability with adaptability across various deployment scenarios. Users report deploying it in clusters, expanding across locations, and managing thousands of machines. While performance limitations may exist, particularly with certain features, the consensus is positive about its scalability potential. Reviewers praise its integration capabilities with other devices and its capacity to handle large-scale operations. It is suitable for enterprises seeking to expand their operations without significant issues.

Stability

Cisco Sourcefire SNORT demonstrates consistent stability and reliability for many, with numerous users experiencing minimal issues. Some have noted complications during updates, occasional bugs, high memory and CPU usage, and challenges with high availability and OS upgrades. Several rate it between six and nine out of ten in terms of stability. Initial implementations across locations encountered minor issues, but many have found Cisco Sourcefire SNORT to be a solid and dependable network security platform.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Cisco Sourcefire SNORT Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	7
Large Enterprise	4

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	36
Midsize Enterprise	18
Large Enterprise	66

By visitors reading reviews

Top industries

By visitors reading reviews

University

12%

Financial Services Firm

10%

Comms Service Provider

Computer Software Company

Government

Manufacturing Company

Energy/Utilities Company

Healthcare Company

Educational Organization

Performing Arts

Retailer

Logistics Company

Wholesaler/Distributor

Construction Company

Non Profit

Outsourcing Company

Pharma/Biotech Company

Security Firm

Transportation Company

Program Development Consultancy

Real Estate/Law Firm

Recreational Facilities/Services Company

Recruiting/Hr Firm

Renewables & Environment Company

Marketing Services Firm

Insurance Company

Museum Or Institution

Legal Firm

Hospitality Company

Media Company

Leisure / Travel Company

Compare Cisco Sourcefire SNORT with alternative products

Learn more about Cisco Sourcefire SNORT

Cisco Sourcefire SNORT was previously known as Sourcefire SNORT.

Cisco Sourcefire SNORT customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia

Product Categories

Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Fortinet FortiGate vs Cisco Sourcefire SNORT

Darktrace vs Cisco Sourcefire SNORT

WatchGuard Firebox vs Cisco Sourcefire SNORT

Vectra AI vs Cisco Sourcefire SNORT

Splunk User Behavior Analytics vs Cisco Sourcefire SNORT

Trend Micro Deep Discovery vs Cisco Sourcefire SNORT

Trend Micro TippingPoint Threat Protection System vs Cisco Sourcefire SNORT

Palo Alto Networks Advanced Threat Prevention vs Cisco Sourcefire SNORT

ExtremeCloud IQ vs Cisco Sourcefire SNORT

Check Point IPS vs Cisco Sourcefire SNORT

Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT

Palo Alto Networks URL Filtering with PAN-DB vs Cisco Sourcefire SNORT

Trellix Intrusion Prevention System vs Cisco Sourcefire SNORT

Fortra's Tripwire Enterprise vs Cisco Sourcefire SNORT

Zscaler Cloud IPS vs Cisco Sourcefire SNORT

See all alternatives

Cisco Sourcefire SNORT Reviews Summary
Author info	Rating	Review Summary
Cloud Architect at a consultancy with 1-10 employees	4.5	I've used Cisco Sourcefire SNORT for endpoint protection, valuing its logging, reporting, and customizable rules. It's stable and scalable with proper limits, and the setup is straightforward, though I lack experience with zero-day detection and community rules.
Sr. Executive Design Engineering Team at Wateen Telecom (pvt.)	3.5	We use Cisco Sourcefire SNORT for IT security prevention systems, integrated with a next-generation firewall. It offers good protection and visibility but suffers from stability issues and complexity compared to competitors like FortiGate.
Treasury Specialist at Dah Sing Bank	4.0	I can't share specific use cases due to industry restrictions, but the most valuable feature of Cisco Sourcefire SNORT is its threat detection. While the setup is easy, the dashboard needs improvement. We are considering alternatives like Huawei and H3C.
Sr. Manager - Infosec at PAGCOR	4.5	We protect our virtual server funds using Cisco Sourcefire SNORT, valuing its visibility across the virtual environment. Although it's expensive, we switched from TippingPoint through public bidding and see a positive ROI without breaches.
Network Engineer at Arab Islamic Bank	4.0	We are using Cisco Sourcefire SNORT primarily as an edge firewall for security. Its most valuable feature is the event monitoring dashboard, though it needs improvement. We previously used McAfee but replaced it with Cisco Sourcefire SNORT.
Network Security Engineer at a computer software company with 501-1,000 employees	4.0	Cisco Sourcefire SNORT is an effective intrusion detection system that simplifies configuration with pre-defined settings, streamlining deployment and management. However, its traffic blocking approach is confusing and challenging to implement due to architectural constraints.
Director at Baverianvine	4.0	No summary available
Lead Program Manager at a computer software company with 10,001+ employees	3.5	No summary available

Title	Rating	Mindshare	Recommending
Fortinet FortiGate	4.2	14.8%	92%	580 interviews Add to research
Darktrace	4.1	12.8%	94%	82 interviews Add to research

Cisco Sourcefire SNORT Reviews

What is Cisco Sourcefire SNORT?

Featured Cisco Sourcefire SNORT reviews

Cisco Sourcefire SNORT mindshare

PeerResearch reports based on Cisco Sourcefire SNORT reviews

Valuable Features

Room for Improvement

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Cisco Sourcefire SNORT with alternative products

Learn more about Cisco Sourcefire SNORT

Cisco Sourcefire SNORT customers

Related questions

Product Categories

Popular Comparisons