Cisco Sourcefire SNORT vs Plixer Scrutinizer comparison

"The solution is rather easy to use."

"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."

"The whole solution is very good, and stable."

"The solution is stable."

"It is quite an intelligent product."

"The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT; being able to log and store it in a file allows you to push it to a centralized repository."

"The most valuable feature is the visibility that we have across the virtual environment."

"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."

"We have had many requests to understand in the network which devices are connected to others. Most people don't have this information or are able to establish a map of data flow everywhere around the network. Scrutinizer can really help with this. We are using it to understand who is talking to what, how, and which protocols can help us to improve security and analyze flow."

"It helps us determine what is going on with our Internet and who is hogging it all up. If we get a real high throughput or a throughput that's going over and getting dropped fairly quickly, we can tell who (or what device) is consuming that traffic."

"Plixer Scrutinizer is an affordable product. Plixer Scrutinizer is a tool that allows for customization, especially in scenarios where customers need new product features."

"The reporting and generating troubleshooting reports would be the best feature; our host-to-host conversation reporting."

"Visualization of the network traffic is the most valuable feature. It allows you to drill into information quite quickly."

"One feature I found most valuable in Plixer Scrutinizer is the very extensive reporting. Reporting is very flexible, though sometimes you need a little bit of support from Plixer Scrutinizer to create custom-made reporting in a very short time. Reporting is a very strong feature of the product."

"The most valuable features of Plixer Scrutinizer are its ease of use, accessibility, and UI."

"It's agnostic as far as what your network gear is. As long as it supports an sFlow, JFlow, NetFlow, some kind of flow monitoring, Plixer will support it very well."

"To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have."

"The customization of the rules can be simplified."

"If the price is brought down then everybody will be happy."

"The cloud can be improved."

"Performance needs improvement."

"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."

"The implementation could be a bit easier."

"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."

"From what I understand it is that the solution is not very scalable in a high volume traffic environment with a large number of flows."

"I wish the reporting side was easier to work with, but it does a decent job. I also wish the reporting side was a little more intuitive or they offered more reporting examples."

"The visual acuity of how it presents data can sometimes be confusing. It takes a bit for people to spin up how to look at the graphs."

"It would be useful if there was a way to back up the configuration information. E.g., if you wanted to deploy a new instance or disaster recovery, you could quite easily deploy and restore the config, as opposed to having to restore all the NetFlow data. If there was just a button that said "backup config information", that would be good."

"The reporting structure, the front-end GUI, also needs some work. It needs some getting used to. It works fairly well, but it's a technical tool rather than a user tool. You have to understand the structure of the databases before you can really use it."

"Data retention needs improvement. Data retention is a thing where we are looking for a better way to collect flow data for a longer time to do forensic research on security incidents. By default, data retention is quite low. We need detailed data in safe storage for a longer time, e.g., for a couple of months. An improvement would be a way to export data into a secure long-term storage."

"There is room for improvement around the data that they have on the website about solutions... they should have more templated solutions on their website. Going out and identifying how to do RTP performance with a Cisco router, or how to do application response times in an Arrista data center deployment was where most of the work was... They should spend some more time documenting solutions and putting together white papers."

"There was a price lift because previously the product was privately owned, and now there is some external capital in the organization, so pricing could be lower, though, for Plixer Scrutinizer, there is almost no competition at this price point."

"Licensing for this solution is paid on a yearly basis."

"We have a three-year license for this solution."

"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."

"The cost is per port and can be expensive but it does include training and support for three years."

"We recently bought a license upgrade, so we will integrate more exporters. We upgraded from a 25 exporter license to a 50 exporter license. Therefore, there will be more flows, and this will be an extension. I don't know when we will purchase a faster server, because the server that we have is quite new."

"We pay our one-off cost for the licenses, per device, in blocks of 50. And then we pay an annual maintenance fee of about $15,000 Australian, which is, at this point in time, about $9,000 US, for those 250 devices. The upfront costs for the 250-license use, were about $50,000 Australian, which is about $32,000 US."

"We have increased the license over time. We have added more licenses as the network has grown."

"There is a recurring maintenance fee after the initial purchase or if we want the license upgrade."

"The license is per device. We have 50 devices."

"Compared to some of the other tools we have, it's incredibly reasonably priced."

"There are no extra costs. It's about $8,000 a year. The bang for the buck (cost) is definitely a plus."

"Our entire solution, amortized over five years, is in the vicinity of $40,000 to $50,000 a year."