We performed a comparison between Cisco Sourcefire SNORT and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is quite an intelligent product."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"The URL filtering is very good and you can create a group for customized URLs."
"The solution is stable."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"Solid intrusion detection and prevention that scales easily in very large environments."
"I like most of Cisco's features, like malware detection and URL filtering."
"The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk."
"The most valuable features are the indexing and powerful search features."
"Splunk is more user-friendly than some competing solutions we tried."
"It is a solution that helps test and measure customer satisfaction."
"The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them."
"The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus."
"This is a good security product."
"The solution appears to be stable, although we haven't used it heavily."
"There are problems setting up VPNs for some regions."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"The solution's approach to managing traffic blocking is confusing and impractical."
"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"I would like to have analytics included in the suite."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"I'm not aware of any lacking features."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"The price of Splunk UBA is too high."
"The initial setup was complex because some of the configurations that we required needed customization."
"The correlation engine should have persistent and definable rules."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes."
"It could be easier to scale the solution if you are using it on-premise, not in the cloud."
More Splunk User Behavior Analytics Pricing and Cost Advice →
Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Splunk User Behavior Analytics is ranked 12th in Intrusion Detection and Prevention Software (IDPS) with 17 reviews. Cisco Sourcefire SNORT is rated 7.6, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Fortinet FortiWeb, whereas Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, IBM Security QRadar, Varonis Datalert and Cynet. See our Cisco Sourcefire SNORT vs. Splunk User Behavior Analytics report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
