No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Sourcefire SNORT vs Lumu comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 19, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Sourcefire SNORT
Ranking in Intrusion Detection and Prevention Software (IDPS)
13th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
No ranking in other categories
Lumu
Ranking in Intrusion Detection and Prevention Software (IDPS)
15th
Average Rating
9.2
Reviews Sentiment
7.5
Number of Reviews
8
Ranking in other categories
Network Detection and Response (NDR) (10th), Extended Detection and Response (XDR) (23rd)
 

Mindshare comparison

As of July 2026, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Sourcefire SNORT is 3.0%, up from 2.6% compared to the previous year. The mindshare of Lumu is 2.0%, down from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
ProductMindshare (%)
Cisco Sourcefire SNORT3.0%
Lumu2.0%
Other95.0%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

reviewer2772102 - PeerSpot reviewer
Cloud Architect at a consultancy with 1-10 employees
Logging and customizable rules have helped improve threat monitoring and detection
The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.
JJ
Director, Information Technology at a educational organization with 201-500 employees
Constant monitoring and analysis boosts network security
There is always room for improvement. I am not giving it a perfect score because I am sure there is something that could be enhanced.Having some sort of certification or training, along with more periodic webinars might be helpful. Having a larger support network would be beneficial. Nobody I know has heard of Lumu, so they are in the same space as Darktrace or CrowdStrike, but people give blank stares. As the community grows for Lumu then that will improve, but that is not really a criticism of Lumu, they simply have not been around that long.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of this solution is the filtering."
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"Users have access to intelligent security automation as one of the features, which can easily automate your event impact assessment so your IPS policy tuning can be done as well as your network behavior analysis, and you can do real-time contextual awareness with correlation of events created on your applications, user devices, operating systems, or vulnerabilities, with all of this real-time data captured including your apps and port scans."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"The most valuable feature is the visibility that we have across the virtual environment."
"The whole solution is very good, and stable."
"If you compare it to other vendors, the technical support from Cisco is excellent."
"The solution is stable."
"Lumu protects against threats immediately and handles them in time."
"The context provided by the tool is very complete, it includes the miter matrix, playbooks, links, hashes, and much more."
"The automated response to incidents works effectively out of the box, and the number of interfaces and platforms it can work with is impressive."
"With this solution, you don’t need to invest in expensive cybersecurity software because you can operate within the product easily."
"The tool's support team helps partners resolve any problems with the product."
"I like Lumu's simple user interface. When we deployed it, we got full access, allowing us to identify IP addresses on the network and connect machine names to users. It helped us identify and block threats via the firewall. I also appreciate the chat support and ticket closure process. We're currently reviewing network detection solutions, and my recommendations include Lumu, Sentinel, and a few others. Regarding functionality and user-friendliness, I would recommend Lumu over the others."
"Lumu has allowed us to operate cybersecurity in a better way, with a manageable number of incidents that contain all the context including the Mitre matrix and much more, while providing visibility across on-premise, cloud, remote environments, and IoT such as IP cameras, with automatic mitigation that lets our team focus only on incidents that require our full attention."
"It's been helpful for overall extended network visibility."
 

Cons

"The utopia is to see everything from one dashboard, but sometimes that's not very possible."
"I would like to have analytics included in the suite."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"The customization of the rules can be simplified."
"The reports need improvement."
"The integration with different vendors and endpoints could be improved."
"Nothing so far needs to be improved."
"It would be good if we could access the physical logs."
"I am happy with the current features. However, one important one is to improve the reports."
"The free version is minimal compared to the full version."
"Having a larger support network would be beneficial. Nobody I know has heard of Lumu, so they are in the same space as Darktrace or CrowdStrike, but people give blank stares."
"Lumu's ability to discover threats is an area of concern where improvements are needed."
 

Pricing and Cost Advice

"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"The cost is per port and can be expensive but it does include training and support for three years."
"We have a three-year license for this solution."
"Licensing for this solution is paid on a yearly basis."
"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
"It is the cheapest solution we found."
"Compared to Lumu, other solutions are more expensive. SentinelOne was a bit cheaper, and another provider's price structure is unclear, but Lumu fit our budget nicely. SentinelOne's cost depends on the number of devices, and it might be similar to Lumu's, depending on deployment."
"The tool is available at a good price. The tool offers a good and competitive price for customers."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
10%
Comms Service Provider
8%
University
7%
Financial Services Firm
13%
Comms Service Provider
8%
Manufacturing Company
7%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise8
Large Enterprise7
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise1
Large Enterprise4
 

Questions from the Community

What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
What needs improvement with Cisco Sourcefire SNORT?
I have not had much experience with the community-driven rule set while utilizing Cisco Sourcefire SNORT. I don't have experience with recognizing zero-day vulnerabilities, but based on my knowledg...
What is your primary use case for Cisco Sourcefire SNORT?
Endpoint protection is the main use case. The main aspect involves specifying different rules, and when network traffic hits these rules, it will try to block the traffic or at least log the traffi...
What needs improvement with Lumu?
There is always room for improvement. I am not giving it a perfect score because I am sure there is something that could be enhanced.Having some sort of certification or training, along with more p...
What is your primary use case for Lumu?
We use it as our managed SOC instead of contracting with an MSP. It coordinates endpoint and gives us a single pane of glass for our security events.It fulfills the role of a SIEM, serving as our d...
What is your experience regarding pricing and costs for Lumu?
In our environment, it costs approximately 1200 a month.
 

Also Known As

Sourcefire SNORT
No data available
 

Overview

 

Sample Customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Information Not Available
Find out what your peers are saying about Cisco Sourcefire SNORT vs. Lumu and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.