No more typing reviews! Try our Samantha, our new voice AI agent.

Check Point IPS vs Cisco Sourcefire SNORT comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 19, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Check Point IPS
Ranking in Intrusion Detection and Prevention Software (IDPS)
3rd
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
68
Ranking in other categories
No ranking in other categories
Cisco Sourcefire SNORT
Ranking in Intrusion Detection and Prevention Software (IDPS)
13th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Check Point IPS is 3.4%, down from 3.7% compared to the previous year. The mindshare of Cisco Sourcefire SNORT is 3.0%, up from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
ProductMindshare (%)
Check Point IPS3.4%
Cisco Sourcefire SNORT3.0%
Other93.6%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

GR
Support at a security firm with 51-200 employees
Real-Time Blocking Improves Response and Reduces Manual Logs
The best feature in my experience with Check Point IPS is the real-time prevention because it uses thousands of preventive protections based on both known exploit signatures and behavioral analysis to detect and block threats before they reach vulnerable systems. I find the behavioral analysis feature of Check Point IPS to be a most valuable feature because it can detect sophisticated threats that do not match known signatures. For example, when I need to view anomaly detections, instead of relying solely on known attack patterns, Check Point IPS monitors network traffic for unusual behavior such as unexpected protocol use, abnormal data flows, or suspicious command sequences. Check Point IPS impacts my organization positively because it has had a strong positive impact by strengthening our network defense, reducing manual work, and improving our incident response times.
reviewer2772102 - PeerSpot reviewer
Cloud Architect at a consultancy with 1-10 employees
Logging and customizable rules have helped improve threat monitoring and detection
The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Basically, it is easy to use and offers a wide variety of protections through all kinds of software, services, appliances, and IoT-Devices."
"Check Point helps reduce downtime and costs associated with detected cyberattacks and can block those threats to ensure protection from any significant damage that may be caused within the organization."
"Check Point's IPS simply works and is continuously kept up-to-date on all gateways."
"The integration is a valuable feature."
"It is easy to configure."
"The solution helps our clients because once IPS is implemented, they don't have to worry about the security of their most critical infrastructure, and they can focus on their core business rather than the IT side of things."
"Check Point offers DDoS and endpoint protection called EDR or XDR, so it provides a holistic security architecture for any organization."
"I can easily monitor all of our connected devices and I get instant notification of reconnections and new connections, which removes some of the monitoring burden."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"The most valuable feature is reliability, and this solution is better than Check Point."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"With Cisco Sourcefire SNORT, we've been able to prevent and detect intrusion in our network and actually decrease our SLA (Service Level Agreement)."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"Cisco technical support is unbeatable. It offers a premium service every time."
"The most valuable feature of this solution is the filtering."
"If you compare it to other vendors, the technical support from Cisco is excellent."
 

Cons

"The hardware-based version of Check Point IPS could be more scalable. Right now, it's not scalable."
"When exceptions need to be done for certain profiles, it is easy to get them done, however, implementation on some general ones may cause some extra work as the IPS is not easy to overwrite."
"The service that we want to see in the future is a capacity to segment the IPS services by equipment."
"Pricing can be reduced for the solution."
"It would be good to update the public documentation of Check Point so that we can generate improvements and best practices based on the documentation."
"The installation documentation has room for improvement."
"I hear from my admin that the firmware upgrade process is quite cumbersome."
"We want the solution to continue to move towards cloud-based and portability focused for telecommuting users."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"I want to see a better dashboard for the product. The dashboard can be a bit modified or enhanced."
"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"The utopia is to see everything from one dashboard, but sometimes that's not very possible."
"I would like to have analytics included in the suite."
"To be frank, the product is not really stable, although they're working on that."
"Sometimes the solution will offer up false positives."
"The price of this solution could be improved."
 

Pricing and Cost Advice

"There is a license needed to use the Check Point IPS which is not expensive. However, the Check Point IPS device is expensive."
"The pricing model can be more competitive."
"The module has a considerable cost but you can save by purchasing a package with several modules instead of making a single purchase."
"My company pays for the yearly licensing of Check Point IPS. It is a very expensive tool."
"The pricing is quite reasonable."
"The pricing for Check Point IPS is competitive and brings good value for the money."
"Pricing for this solution is negotiable and I'm happy with our pricing."
"Enabling IPS does not require any additional license purchase from OEM, as it comes by default with the NGFW bundle."
"The cost is per port and can be expensive but it does include training and support for three years."
"Licensing for this solution is paid on a yearly basis."
"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"We have a three-year license for this solution."
"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
904,748 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Outsourcing Company
19%
Financial Services Firm
12%
Computer Software Company
8%
Educational Organization
7%
Construction Company
12%
Financial Services Firm
9%
Comms Service Provider
8%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business51
Midsize Enterprise22
Large Enterprise22
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise8
Large Enterprise7
 

Questions from the Community

What is your experience regarding pricing and costs for Check Point IPS?
I have saved around two or three hours a week since I started using Check Point IPS. My experience with pricing, setup cost, and licensing for Check Point IPS is great, and I have no problem with t...
What needs improvement with Check Point IPS?
Check Point IPS is working well for our organization. In the future, more automated and more AI-based intelligence could be fed into Check Point IPS, and that would be helpful for us.
What is your primary use case for Check Point IPS?
Check Point IPS is used as a security feature to prevent zero-day attacks and the execution of malicious files in our network. Check Point IPS is an Intrusion Prevention System that prevents malici...
What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
What needs improvement with Cisco Sourcefire SNORT?
I have not had much experience with the community-driven rule set while utilizing Cisco Sourcefire SNORT. I don't have experience with recognizing zero-day vulnerabilities, but based on my knowledg...
What is your primary use case for Cisco Sourcefire SNORT?
Endpoint protection is the main use case. The main aspect involves specifying different rules, and when network traffic hits these rules, it will try to block the traffic or at least log the traffi...
 

Also Known As

Check Point Intrusion Prevention System
Sourcefire SNORT
 

Overview

 

Sample Customers

Morton Salt, Medical Advocacy and Outreach, BH Telecom, Lightbeam Health Solutions, X by Orange, Cadence, Nihondentsu, Datastream Connexion, Good Sam, Omnyway, FIASA, Pacific Life, Banco del Pacifico, Control Southern, Xero, Centrify
CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Find out what your peers are saying about Check Point IPS vs. Cisco Sourcefire SNORT and other solutions. Updated: June 2026.
904,748 professionals have used our research since 2012.