"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"The solution is rather easy to use."
"It is quite an intelligent product."
"It has definitely helped us improve our mean time to resolution on network issues."
"Great network monitoring, looking at anomaly detection and evaluation."
"If you are using Darktrace or NAC solutions you can integrate Stealthwatch."
"From what I understand, you can encrypt and unencrypt traffic moving in transit. This is one of the features that we liked about it."
"Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box."
"It's easy to set up. The deployment takes one or two days. You need to collect the data from a device and then direct it to the portal."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"We find that Stealthwatch can detect the unseen."
"The implementation could be a bit easier."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"There could be better integration on the programming side, which uses Python. StealthWatch could provide a template for Python to manage the switches. For example, it would be nice if StealthWatch bounced a port automatically it detected something anomalous."
"It's a good solid solution but integration with Network Access Control products with Cisco ISE would be good."
"It's not great as a standalone solution."
"Cisco Stealthwatch can improve by having bundled packages for popular add-ons. It would be a lot easier for people implementing it, have let's say a better way to use the product."
"Stealthwatch is still maturing in AI. It uses artificial intelligence for predictions, but AI still needs to mature. It is in a phase where you get 95% correct detection. As its AI engine learns more, it will become more accurate. This is applicable to all the devices that are using AI because they support both supervised and unsupervised machine learning. The accuracy in the case of supervised machine learning is dependent on the data you feed into the box. The accuracy in the case of unsupervised machine learning is dependent on the algorithm. The algorithm matures depending on retrospective learning, and this is how it is able to detect zero-day attacks."
"We would like the solution to make more advances in the way that Extreme Networks has been doing."
"The visualization could be improved, the GUI is not the best."
"We determined that Stealthwatch wouldn't provide the machine learning model that we required."
Earn 20 points
Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.
Cisco Stealthwatch uses NetFlow to provide visibility across the network, data center, branch offices, and cloud. Its advanced security analytics uncover stealthy attacks on the extended network. Stealthwatch helps you use your existing network as a security sensor and enforcer to dramatically improve your threat defense.
Cisco Sourcefire SNORT is ranked 14th in Intrusion Detection and Prevention Software (IDPS) with 3 reviews while Cisco Stealthwatch is ranked 4th in Network Traffic Analysis (NTA) with 10 reviews. Cisco Sourcefire SNORT is rated 7.6, while Cisco Stealthwatch is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "Intelligent with good threat detection capabilities but could be easier to implement". On the other hand, the top reviewer of Cisco Stealthwatch writes "Provides valuable security knowledge and helps us improve network performance". Cisco Sourcefire SNORT is most compared with Check Point IPS, Palo Alto Networks Threat Prevention, Fortinet FortiGate IPS, Cisco NGIPS and Darktrace, whereas Cisco Stealthwatch is most compared with Darktrace, SolarWinds NetFlow Traffic Analyzer, ThousandEyes, Palo Alto Networks Threat Prevention and Vectra AI. See our Cisco Sourcefire SNORT vs. Cisco Stealthwatch report.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.