Cisco Sourcefire SNORT Reviews

Name: Cisco Sourcefire SNORT
Brand: Cisco
Rating: 3.9 (20 reviews)

Vendor: Cisco

3.9 out of 5

20 reviews
95% willing to recommend

Leave a review

What is Cisco Sourcefire SNORT?

Cisco Sourcefire SNORT is a versatile cybersecurity tool offering threat detection, scalability, and integration with Cisco tools. It is recognized for ease of configuration and comprehensive protection, making it suitable for intrusion prevention and firewall applications.

Get the Cisco Sourcefire SNORT Buyer's Guide and find out what your peers are saying about Cisco Sourcefire SNORT, Fortinet FortiGate, Darktrace and more!

Cisco Sourcefire SNORT is the #14 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Cisco Sourcefire SNORT an average rating of 7.8 out of 10. Cisco Sourcefire SNORT is most commonly compared to Fortinet FortiGate: Cisco Sourcefire SNORT vs Fortinet FortiGate. Cisco Sourcefire SNORT is popular among the large enterprise segment, accounting for 49% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 10% of all views.

Buyer's Guide

Cisco Sourcefire SNORT

April 2026

Get the report

Helped 892,383 peers since 2012

Featured Cisco Sourcefire SNORT reviews

reviewer2772102

Cloud Architect at a consultancy with 1-10 employees

The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.

Read full review

Jack Poon

Treasury Specialist at Dah Sing Bank

When it comes to the product's deployment phase, we have a lot of vendor support. We have a lot of skills here in Hong Kong. Our company doesn't find any problem deploying Cisco solutions. The solution is deployed on an on-premises version. Speaking about the time required to deploy the solution, I would say that we have quite a lot of previous experience with deploying Cisco products. We have our company's standard design document, which we need to follow. We have a standard testing procedure for all those features. We just take out some appropriate parts and then compile them into one document for an individual project. It is actually quite easy for us to do the documentation, so it just takes one or two hours, and we can do the implementation because all the materials and testing procedures are already in our company standard documents, so it is not that difficult for us.

Read full review

Syed Shahnawaz Hussain

Sr. Executive Design Engineering Team at Wateen Telecom (pvt.)

We assess the client's environment, including the size of the workforce responsible for firewall management. Sourcefire can be effective despite its complexity if you have a capable team. Sourcefire might not be more appropriate if you lack a strong IT team. When it comes to real-time traffic analysis, the requirements can vary significantly. Discussing an organization's or individual user's security posture adds another layer of complexity. It's important to note that there isn't a single device that can fully meet the demands of real-time traffic analysis for security purposes. Multiple appliances and solutions are often necessary to achieve comprehensive real-time visibility. We've successfully integrated Sourcefire into various environments, making the process relatively straightforward. We've incorporated it with certain NMS, so I foresee no significant challenges in integrating the Sourcefire. Cisco Sourcefire SNORT offers visibility and robust support. Its resource management documentation is notably extensive, enhancing usability. However, its complexity may pose challenges, especially as the market trends toward simpler solutions for intricate issues. While concerns regarding maturity and stability exist, the development team has actively addressed these issues, requiring ongoing scrutiny to ensure complete resolution. Overall, I rate the solution a 7 out of 10.

Read full review

Cisco Sourcefire SNORT mindshare

As of April 2026, the mindshare of Cisco Sourcefire SNORT in the Intrusion Detection and Prevention Software (IDPS) category stands at 3.1%, up from 2.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
Product	Mindshare (%)
Cisco Sourcefire SNORT	3.1%
Fortinet FortiGate	11.4%
Darktrace	10.8%
Other	74.7%

Intrusion Detection and Prevention Software (IDPS)

PeerResearch reports based on Cisco Sourcefire SNORT reviews

Type	Title	Date
Category	Intrusion Detection and Prevention Software (IDPS)	Apr 30, 2026	Download
Product	Reviews, tips, and advice from real users	Apr 30, 2026	Download
Comparison	Cisco Sourcefire SNORT vs Fortinet FortiGate	Apr 30, 2026	Download
Comparison	Cisco Sourcefire SNORT vs Darktrace	Apr 30, 2026	Download
Comparison	Cisco Sourcefire SNORT vs Check Point IPS	Apr 30, 2026	Download

Valuable Features

Cisco Sourcefire SNORT offers scalability, advanced malware protection with URL filtering, and integrated support for IPS and high availability. Users appreciate its user-friendly interface, seamless integration with other Cisco tools, robust threat protection, and automated IPS rule tuning. It provides thorough visibility, reliable monitoring, and effective logging. The system's intelligent security automation and adaptability ensure strong protection against diverse threats, offering extensive customizability for organizations to tailor their security needs efficiently.

"Users have access to intelligent security automation as one of the features, which can easily automate your event impact assessment so your IPS policy tuning can be done as well as your network behavior analysis, and you can do real-time contextual awareness with correlation of events created on your applications, user devices, operating systems, or vulnerabilities, with all of this real-time data captured including your apps and port scans."
"We primarily use this solution as an intrusion prevention system for external firewalls and deploy the solution on-premises."
"This solution makes life a lot easier as there are fewer man-hours required and we no longer need too many resources to manage it."

Room for Improvement

Users note integration into Cisco DNA Center would be beneficial. Cost reduction is necessary due to budget constraints. Simplified customization and improved performance are desired. Alert details need enhancement to reduce false positives. Some report stability issues and high resource demands. A cloud version is requested. Also mentioned are setup challenges, especially with VPNs, and a need for better dashboards. Overall, a more lightweight design and enhanced technical support are recommended.

"The implementation could be a bit easier."
"The utopia is to see everything from one dashboard, but sometimes that's not very possible."
"Sometimes the solution will offer up false positives."

Pricing

Cisco Sourcefire SNORT pricing is characterized by a three-year subscription model, often involving purchases of complete appliances including software and hardware licenses. Costs can vary, being higher per port but including training and support. Some consider it more affordable than leading brands like Palo Alto, with prices being comparable or occasionally cheaper than Fortinet. Pricing perception is moderate, rated around middle in value, and is influenced by potential Cisco discounts.

"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"The cost is per port and can be expensive but it does include training and support for three years."
"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."

Popular Use Cases

Organizations primarily use Cisco Sourcefire SNORT for security purposes, including intrusion prevention, URL filtering, malware protection, application security, and firewall functions. It is deployed for safeguarding VPNs, data centers, and internet access, often in conjunction with Cisco Firepower series. Users appreciate its advanced features like email filtration, edge firewall protection, and ease of deployment with pre-defined security configurations. It effectively manages network security policies and integrates with other Cisco systems.

Service and Support

Many users rarely rely on technical support for Cisco Sourcefire SNORT due to its reliability. Those who have used Cisco's support describe it as excellent, helpful, fast, and knowledgeable. Cisco's support is often compared favorably to other vendors, with features like global availability and premium service. Users appreciate responsive support, although the expertise of assigned engineers can vary. Resellers or community forums are also helpful in resolving issues.

Deployment

Initial setup of Cisco Sourcefire SNORT is generally straightforward, though complexity varies by environment. Deployments range from a few hours to several weeks depending on project size and configuration requirements. Many find it simple due to thorough documentation and support, while others find it more complex compared to competitors. Deployment time can be influenced by user experience and environment type, with one person typically managing installation and maintenance.

Scalability

Cisco Sourcefire SNORT demonstrates strong scalability with adaptability across various deployment scenarios. Users report deploying it in clusters, expanding across locations, and managing thousands of machines. While performance limitations may exist, particularly with certain features, the consensus is positive about its scalability potential. Reviewers praise its integration capabilities with other devices and its capacity to handle large-scale operations. It is suitable for enterprises seeking to expand their operations without significant issues.

Stability

Cisco Sourcefire SNORT demonstrates consistent stability and reliability for many, with numerous users experiencing minimal issues. Some have noted complications during updates, occasional bugs, high memory and CPU usage, and challenges with high availability and OS upgrades. Several rate it between six and nine out of ten in terms of stability. Initial implementations across locations encountered minor issues, but many have found Cisco Sourcefire SNORT to be a solid and dependable network security platform.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Cisco Sourcefire SNORT Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	7
Large Enterprise	4

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	39
Midsize Enterprise	23
Large Enterprise	60

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

10%

University

Construction Company

Comms Service Provider

Computer Software Company

Manufacturing Company

Government

Healthcare Company

Energy/Utilities Company

Marketing Services Firm

Transportation Company

Retailer

Performing Arts

Outsourcing Company

Educational Organization

Logistics Company

Pharma/Biotech Company

Security Firm

Media Company

Wholesaler/Distributor

Religious Institution

Renewables & Environment Company

Non Profit

Legal Firm

Leisure / Travel Company

Hospitality Company

Museum Or Institution

Real Estate/Law Firm

Recreational Facilities/Services Company

Recruiting/Hr Firm

Compare Cisco Sourcefire SNORT with alternative products

Learn more about Cisco Sourcefire SNORT

Cisco Sourcefire SNORT provides advanced malware protection and integrates seamlessly with Cisco products. It enables automatic IPS tuning, real-time visibility, and intelligent security automation, which together enhance network security. Users benefit from its URL filtering, email spam elimination, and it delivers low false positives. Though highly effective, feedback highlights a desire for improvements in stability, dashboard effectiveness, traffic blocking customizations, and integration with Cisco DNA Center. Cost concerns and calls for cloud-based deployments also emerge in user feedback. Technical support and performance are also discussed, with VPN configuration posing challenges.

What are the key features of Cisco Sourcefire SNORT?

Threat Detection: Identifies and mitigates network threats efficiently.
Scalability: Easily adapts to growing network demands.
Cisco Integration: Works smoothly with existing Cisco infrastructure.
Advanced Malware Protection: Provides comprehensive security against sophisticated threats.
Real-Time Visibility: Offers live insights into network activity.
Automatic IPS Tuning: Adjusts security policies dynamically.

What benefits can be found in user reviews?

Ease of Configuration: Streamlined setup process.
Comprehensive Protection: Low false positive rates ensuring broader security.
Robust Support: Access to extensive Cisco support network.

Organizations primarily deploy Cisco Sourcefire SNORT for network security in sectors like finance and healthcare. Used extensively in data centers with Cisco Firepower, it provides intrusion prevention, URL filtering, and VPN security. Pre-configured settings make it practical for on-premises deployment, ensuring secure user-to-server and server-to-server interactions.

Cisco Sourcefire SNORT was previously known as Sourcefire SNORT.

Cisco Sourcefire SNORT customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia

Product Categories

Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Fortinet FortiGate vs Cisco Sourcefire SNORT

Darktrace vs Cisco Sourcefire SNORT

WatchGuard Firebox vs Cisco Sourcefire SNORT

Vectra AI vs Cisco Sourcefire SNORT

KerioControl vs Cisco Sourcefire SNORT

Splunk User Behavior Analytics vs Cisco Sourcefire SNORT

TrendAI Tipping Point vs Cisco Sourcefire SNORT

ExtremeCloud IQ vs Cisco Sourcefire SNORT

Palo Alto Networks Advanced Threat Prevention vs Cisco Sourcefire SNORT

Lumu vs Cisco Sourcefire SNORT

Check Point IPS vs Cisco Sourcefire SNORT

Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT

Trellix Intrusion Prevention System vs Cisco Sourcefire SNORT

Palo Alto Networks URL Filtering with PAN-DB vs Cisco Sourcefire SNORT

Fortra's Tripwire Enterprise vs Cisco Sourcefire SNORT

See all alternatives

Cisco Sourcefire SNORT Reviews Summary
Author info	Rating	Review Summary
Cloud Architect at a consultancy with 1-10 employees	4.5	I've used Cisco Sourcefire SNORT for endpoint protection, valuing its logging, reporting, and customizable rules. It's stable and scalable with proper limits, and the setup is straightforward, though I lack experience with zero-day detection and community rules.
Treasury Specialist at Dah Sing Bank	4.0	I can't share specific use cases due to industry restrictions, but the most valuable feature of Cisco Sourcefire SNORT is its threat detection. While the setup is easy, the dashboard needs improvement. We are considering alternatives like Huawei and H3C.
Sr. Executive Design Engineering Team at Wateen Telecom (pvt.)	3.5	We use Cisco Sourcefire SNORT for IT security prevention systems, integrated with a next-generation firewall. It offers good protection and visibility but suffers from stability issues and complexity compared to competitors like FortiGate.
Sr. Manager - Infosec at PAGCOR	4.5	We protect our virtual server funds using Cisco Sourcefire SNORT, valuing its visibility across the virtual environment. Although it's expensive, we switched from TippingPoint through public bidding and see a positive ROI without breaches.
Director at Baverianvine	4.0	I use this stable on-premise IPS solution for external firewalls, serving 10,000 users for over seven years. While its cloud integration could improve, I find it effective and recommend it, rating it eight out of ten.
Network Engineer at Arab Islamic Bank	4.0	We are using Cisco Sourcefire SNORT primarily as an edge firewall for security. Its most valuable feature is the event monitoring dashboard, though it needs improvement. We previously used McAfee but replaced it with Cisco Sourcefire SNORT.
Lead Program Manager at a computer software company with 10,001+ employees	3.5	I find this an intelligent and stable IDS/IPS, offering strong SSL encryption and advanced threat protection like Firepower. While implementation could be easier, I'm satisfied with its scalability and support. I rate it 7/10, pending further use.
Network Security Engineer at a computer software company with 501-1,000 employees	4.0	Cisco Sourcefire SNORT is an effective intrusion detection system that simplifies configuration with pre-defined settings, streamlining deployment and management. However, its traffic blocking approach is confusing and challenging to implement due to architectural constraints.

Title	Rating	Mindshare	Recommending
Fortinet FortiGate	4.2	11.4%	92%	592 interviews Add to research
Darktrace	4.1	10.8%	95%	84 interviews Add to research

Cisco Sourcefire SNORT Reviews

What is Cisco Sourcefire SNORT?

Featured Cisco Sourcefire SNORT reviews

Cisco Sourcefire SNORT mindshare

PeerResearch reports based on Cisco Sourcefire SNORT reviews

Valuable Features

Room for Improvement

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Cisco Sourcefire SNORT with alternative products

Learn more about Cisco Sourcefire SNORT

Cisco Sourcefire SNORT customers

Related questions

Product Categories

Popular Comparisons