We performed a comparison between Cisco Secure Network Analytics and Cisco Sourcefire SNORT based on real PeerSpot user reviews.
Find out in this report how the two Network Monitoring Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can manage the entire system across the network and troubleshoot the pain points."
"Cisco Secure Network Analytics has increased the visibility of what is happening in our network, and I think that's the most important reason to use it. We can see what is really happening instead of just looking at numbers from routers or switches."
"The feature most valuable for us is to gain visibility of what is actually floating through, so we can stop it based on whether it's good or bad traffic."
"The deployment was a breeze. It is a very innovative and robust platform that allows us to bi-directionally stitch together data elements from Netflow-enabled devices to provide a context for network utilization."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
"The ability to send data flow from other places and have them all in one place is very valuable for us."
"It works efficiently for encrypted traffic analysis."
"The solution reduces the amount of time it takes to detect and remediate threats."
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"The whole solution is very good, and stable."
"The solution is rather easy to use."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"The most valuable feature is the visibility that we have across the virtual environment."
"Solid intrusion detection and prevention that scales easily in very large environments."
"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"The Wi-Fi side needs improvement."
"One thing I would like to see improved is if it could automatically be tied through ISE, instead of you having to manually get notifications and disable it yourself."
"They should include Citrix VDIs in the next release."
"If they can make this product more web-based, that would be amazing."
"The customizability of the UI should improve."
"There could be better integration on the programming side, which uses Python. StealthWatch could provide a template for Python to manage the switches. For example, it would be nice if StealthWatch bounced a port automatically it detected something anomalous."
"I would like to see it better organized when I'm looking at it."
"Better integration between Cisco Secure Network Analytics and Cisco Secure Workload would be beneficial."
"I would like to see a hybrid solution that can work without being connected directly to the internet for those destinations."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"If the price is brought down then everybody will be happy."
"The cloud can be improved."
"The solution's approach to managing traffic blocking is confusing and impractical."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"The implementation could be a bit easier."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews while Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews. Cisco Secure Network Analytics is rated 8.2, while Cisco Sourcefire SNORT is rated 7.6. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Palo Alto Networks URL Filtering with PAN-DB. See our Cisco Secure Network Analytics vs. Cisco Sourcefire SNORT report.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.