Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs Cisco Sourcefire SNORT comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Network Analytics
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
61
Ranking in other categories
Network Monitoring Software (33rd), Network Traffic Analysis (NTA) (4th), Network Detection and Response (NDR) (9th), Cisco Security Portfolio (8th)
Cisco Sourcefire SNORT
Average Rating
7.6
Reviews Sentiment
6.8
Number of Reviews
19
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (14th)
 

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Cisco Secure Network Analytics is designed for Network Monitoring Software and holds a mindshare of 1.2%, down 1.5% compared to last year.
Cisco Sourcefire SNORT, on the other hand, focuses on Intrusion Detection and Prevention Software (IDPS), holds 3.6% mindshare, down 3.8% since last year.
Network Monitoring Software
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Muhammad Harun-Owr-Roshid - PeerSpot reviewer
Have streamlined network visibility and troubleshooting while seeing benefits from AI integration
In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper management of the database is also important; it should be centralized for easier data collection from a single database. When precise manual analysis is needed, it's sometimes difficult, so having a centralized database will allow network admins to find actual scenarios more effectively, especially since some information may not be visible on the GUI. Cisco should upgrade their hardware part to run the database, because sometimes it cannot handle the load while all features are running in the network. The database management should indeed be centralized because while AI runs behind the systems, central management is essential. For example, in a network with 100 Cisco switches, a few routers, firewalls, and access points, all data generated should be preserved in a central database. This approach simplifies management and analysis for troubleshooting, as GUI interfaces may not always provide visible information. Centralizing the database will allow for better understanding of which information is preserved for each specific device.
Jack Poon - PeerSpot reviewer
Offers ease of setup and good documentation
When it comes to the product's deployment phase, we have a lot of vendor support. We have a lot of skills here in Hong Kong. Our company doesn't find any problem deploying Cisco solutions. The solution is deployed on an on-premises version. Speaking about the time required to deploy the solution, I would say that we have quite a lot of previous experience with deploying Cisco products. We have our company's standard design document, which we need to follow. We have a standard testing procedure for all those features. We just take out some appropriate parts and then compile them into one document for an individual project. It is actually quite easy for us to do the documentation, so it just takes one or two hours, and we can do the implementation because all the materials and testing procedures are already in our company standard documents, so it is not that difficult for us.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"From what I understand, you can encrypt and unencrypt traffic moving in transit. This is one of the features that we liked about it."
"The solution reduces the amount of time it takes to detect and remediate threats."
"It does change the way we troubleshoot and it is relatively easy to use once you learn it. I would recommend it to someone considering it."
"The most valuable feature is NetFlow. The beginning of any security investigation starts with NetFlow data."
"Another notable feature of Cisco Secure Network Analytics is its Layer 7 visibility, which allows us to monitor and analyze network communications at the application layer."
"The deployment was a breeze. It is a very innovative and robust platform that allows us to bi-directionally stitch together data elements from Netflow-enabled devices to provide a context for network utilization."
"Cisco products are incredibly stable, boasting a 200% stability."
"Visibility. The ability to look East and West. To see what is passing through your circuits, where it is coming from, and how big it is."
"Solid intrusion detection and prevention that scales easily in very large environments."
"Cisco technical support is unbeatable. It offers a premium service every time."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"I like most of Cisco's features, like malware detection and URL filtering."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"It is quite an intelligent product."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
 

Cons

"There could be better integration on the programming side, which uses Python. StealthWatch could provide a template for Python to manage the switches. For example, it would be nice if StealthWatch bounced a port automatically it detected something anomalous."
"The initial setup was straightforward but required a lot of data entry, to begin with building out the server types and network types."
"Cisco should upgrade their hardware part to run the database, because sometimes it cannot handle the load while all features are running in the network."
"The visualization could be improved, the GUI is not the best."
"They should include Citrix VDIs in the next release."
"I would like to see some improvement when it comes to reporting."
"I would like to see more expansion in artificial intelligence and machine learning features."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"Performance needs improvement."
"There are problems setting up VPNs for some regions."
"The cloud can be improved."
"I want to see a better dashboard for the product. The dashboard can be a bit modified or enhanced."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"I would like to have analytics included in the suite."
"The solution's approach to managing traffic blocking is confusing and impractical."
 

Pricing and Cost Advice

"The tool is not cheaply priced."
"The licensing costs are outrageous."
"Licensing is on a yearly basis."
"NetFlow is very expensive."
"It has a subscription model. There is yearly support, and there is also three-year support. It depends on what the customers want."
"Pricing is much higher compared to other solutions."
"Our fees are approximately $3,000 USD."
"​Licensing is done by flows per second, not including outside (in traffic)."
"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
"Licensing for this solution is paid on a yearly basis."
"The cost is per port and can be expensive but it does include training and support for three years."
"We have a three-year license for this solution."
report
Use our free recommendation engine to learn which Network Monitoring Software solutions are best for your needs.
861,481 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
25%
Financial Services Firm
10%
Government
9%
Manufacturing Company
8%
Computer Software Company
17%
Financial Services Firm
12%
University
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
What is your experience regarding pricing and costs for Cisco Stealthwatch?
Regarding cost, for the Bangladesh context, Cisco Secure Network Analytics is a little bit high-priced because we are a developing country, making it tough to manage affordable solutions. However, ...
What needs improvement with Cisco Stealthwatch?
In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper m...
What do you like most about Cisco Sourcefire SNORT?
The product is inexpensive compared to leading brands such as Palo Alto or Fortinet.
What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
What needs improvement with Cisco Sourcefire SNORT?
Cisco offers the Cisco DNA Center, which is a source that provides crucial information for us to monitor performance, and see whether there is any trouble. We are using Cisco DNA center, but again,...
 

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
Sourcefire SNORT
 

Overview

 

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Find out what your peers are saying about Cisco Secure Network Analytics vs. Cisco Sourcefire SNORT and other solutions. Updated: January 2020.
861,481 professionals have used our research since 2012.