No more typing reviews! Try our Samantha, our new voice AI agent.

Check Point IPS vs Cisco Sourcefire SNORT comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 19, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Check Point IPS
Ranking in Intrusion Detection and Prevention Software (IDPS)
3rd
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
68
Ranking in other categories
No ranking in other categories
Cisco Sourcefire SNORT
Ranking in Intrusion Detection and Prevention Software (IDPS)
13th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Check Point IPS is 3.4%, down from 3.7% compared to the previous year. The mindshare of Cisco Sourcefire SNORT is 3.0%, up from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
ProductMindshare (%)
Check Point IPS3.4%
Cisco Sourcefire SNORT3.0%
Other93.6%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

GR
Support at a security firm with 51-200 employees
Real-Time Blocking Improves Response and Reduces Manual Logs
The best feature in my experience with Check Point IPS is the real-time prevention because it uses thousands of preventive protections based on both known exploit signatures and behavioral analysis to detect and block threats before they reach vulnerable systems. I find the behavioral analysis feature of Check Point IPS to be a most valuable feature because it can detect sophisticated threats that do not match known signatures. For example, when I need to view anomaly detections, instead of relying solely on known attack patterns, Check Point IPS monitors network traffic for unusual behavior such as unexpected protocol use, abnormal data flows, or suspicious command sequences. Check Point IPS impacts my organization positively because it has had a strong positive impact by strengthening our network defense, reducing manual work, and improving our incident response times.
reviewer2772102 - PeerSpot reviewer
Cloud Architect at a consultancy with 1-10 employees
Logging and customizable rules have helped improve threat monitoring and detection
The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Check Point IPS gives me more confidence because I know exploits are being stopped before they reach critical systems, and it makes my job easier by reducing the number of incidents that require hands-on intervention."
"It is easy to configure."
"The reports are well written so that you can understand what type of attack has occurred, the originating IP address, and other details."
"Check Point IPS's cloud threat intelligence is outstanding."
"The Check Point IPS module allows me granularity in creating rules."
"Behavior analytics and monitoring capabilities of Check Point IPS are valuable, especially for cybersecurity purposes."
"The mechanism where you can let the system automatically turn the IPS signature to a different mode (prevent / monitor / inactive) is a nice feature that allows us to easily adjust the balance between security protection and the risk of business impact."
"What I like best about Check Point IPS is that it can prevent attacks. I also like that it has a log feature."
"Users have access to intelligent security automation as one of the features, which can easily automate your event impact assessment so your IPS policy tuning can be done as well as your network behavior analysis, and you can do real-time contextual awareness with correlation of events created on your applications, user devices, operating systems, or vulnerabilities, with all of this real-time data captured including your apps and port scans."
"With Cisco Sourcefire SNORT, we've been able to prevent and detect intrusion in our network and actually decrease our SLA (Service Level Agreement)."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"Scalability is something that Cisco has always cared about."
"The solution is stable."
"The most valuable feature is the visibility that we have across the virtual environment."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
 

Cons

"We want the solution to continue to move towards cloud-based and portability focused for telecommuting users."
"There is no standalone IPS appliance available."
"The cost is a bit high but it is worth it."
"When entering, it always takes a long time to load."
"The scalability of Check Point IPS is on point, while the customer support is sometimes a bit slow."
"After the R80 release, there are almost all feature sets available under IPS Configuration. However, further to this, adding a direct vulnerability scan based on ports and protocol for every zone (LAN, DMZ, or Outside) will make Check Point very different compared to other vendors on the market."
"The only thing they could maybe improve is that we notice right away that the performance decreases when we enable the IPS, especially beyond the CPU and memory usage. If you want to enable the IPS and you have a lot of traffic, it can have an impact. The performance could be improved."
"The price has room for improvement."
"This is a good solution, but some others may have some advantages."
"To be frank, the product is not really stable, although they're working on that."
"A lot of Cisco equipment is very good, but in judging the model of this solution that we have, I feel that it is the worst."
"I want to see a better dashboard for the product. The dashboard can be a bit modified or enhanced."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"The cloud can be improved."
"There are problems setting up VPNs for some regions."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
 

Pricing and Cost Advice

"The pricing for Check Point IPS is competitive and brings good value for the money."
"The tool's licensing model is good. The licensing costs are yearly. I rate it an eight out of ten."
"My company pays for the yearly licensing of Check Point IPS. It is a very expensive tool."
"The module has a considerable cost but you can save by purchasing a package with several modules instead of making a single purchase."
"There is a license needed to use the Check Point IPS which is not expensive. However, the Check Point IPS device is expensive."
"I give the price of the solution a five out of ten."
"The price of this product should be reduced."
"I rate the product price an eight on a scale of one to ten, where one means it is very cheap and ten means it is very expensive. The product is expensive."
"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
"Licensing for this solution is paid on a yearly basis."
"We have a three-year license for this solution."
"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"The cost is per port and can be expensive but it does include training and support for three years."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Outsourcing Company
18%
Financial Services Firm
12%
Computer Software Company
8%
Security Firm
6%
Construction Company
12%
Financial Services Firm
10%
Comms Service Provider
8%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business50
Midsize Enterprise22
Large Enterprise23
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise8
Large Enterprise7
 

Questions from the Community

What is your experience regarding pricing and costs for Check Point IPS?
I have saved around two or three hours a week since I started using Check Point IPS. My experience with pricing, setup cost, and licensing for Check Point IPS is great, and I have no problem with t...
What needs improvement with Check Point IPS?
Check Point IPS is working well for our organization. In the future, more automated and more AI-based intelligence could be fed into Check Point IPS, and that would be helpful for us.
What is your primary use case for Check Point IPS?
Check Point IPS is used as a security feature to prevent zero-day attacks and the execution of malicious files in our network. Check Point IPS is an Intrusion Prevention System that prevents malici...
What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
What needs improvement with Cisco Sourcefire SNORT?
I have not had much experience with the community-driven rule set while utilizing Cisco Sourcefire SNORT. I don't have experience with recognizing zero-day vulnerabilities, but based on my knowledg...
What is your primary use case for Cisco Sourcefire SNORT?
Endpoint protection is the main use case. The main aspect involves specifying different rules, and when network traffic hits these rules, it will try to block the traffic or at least log the traffi...
 

Also Known As

Check Point Intrusion Prevention System
Sourcefire SNORT
 

Overview

 

Sample Customers

Morton Salt, Medical Advocacy and Outreach, BH Telecom, Lightbeam Health Solutions, X by Orange, Cadence, Nihondentsu, Datastream Connexion, Good Sam, Omnyway, FIASA, Pacific Life, Banco del Pacifico, Control Southern, Xero, Centrify
CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Find out what your peers are saying about Check Point IPS vs. Cisco Sourcefire SNORT and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.