Try our new research platform with insights from 80,000+ expert users

Cisco Sourcefire SNORT vs Vectra AI comparison

Cisco and Vectra AI are both solutions in the Intrusion Detection and Prevention Software (IDPS) category. Cisco is ranked #16 with an average rating of 7.7, while Vectra AI is ranked #5 with an average rating of 8.0. Cisco holds a 2.7% mindshare in ID, compared to Vectra AI’s 8.1% mindshare. Additionally, 95% of Cisco users are willing to recommend the solution, compared to 97% of Vectra AI users who would recommend it.
Cisco Sourcefire SNORT
Read 19 Cisco Sourcefire SNORT reviews
  • 1,131 Views
  • 950 Comparison Views
95% willing to recommend
Vectra AI
Read 45 Vectra AI reviews
  • 8,741 Views
  • 3,759 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 19, 2024

Cisco Sourcefire SNORT and Vectra AI compete in the cybersecurity space, offering distinct sets of features aimed at enhancing network security. Cisco Sourcefire SNORT leads in pricing and customer support, while Vectra AI excels in advanced threat detection, making it attractive despite higher costs.

Features: Cisco Sourcefire SNORT provides effective intrusion detection and prevention using a comprehensive rule-based system, ensuring robust security controls. It benefits from an open-source foundation allowing community-driven improvements. Vectra AI employs AI and machine learning to deliver automated threat detection and insightful threat responses, offering real-time visibility and reducing the manual workload.

Room for Improvement: Cisco Sourcefire SNORT could enhance its ease of use, as its rule customization requires significant technical expertise. The interface could also be more intuitive to streamline usability. Vectra AI might look at further improving its complexity reduction, as setting initial configurations requires significant time investment. Some users may benefit from enhanced documentation to better navigate advanced features.

Ease of Deployment and Customer Service: Cisco Sourcefire SNORT offers clear deployment paths with extensive documentation, yet requires more technical skills. Its open-source community provides added support. Conversely, Vectra AI's cloud-based infrastructure simplifies deployment, complemented by superior customer service for smoother system integration.

Pricing and ROI: Cisco Sourcefire SNORT is known for favorable pricing due to its open-source nature, offering potentially high ROI with customizable capabilities. Vectra AI, while more expensive, justifies its cost with advanced features that promise reduced long-term risks, appealing to those investing in comprehensive security solutions.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cisco Sourcefire SNORT vs. Vectra AI Report (Updated: September 2025).
Buyer's Guide
Cisco Sourcefire SNORT vs. Vectra AI
September 2025
Download the complete report
Helped 867,497 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Sourcefire SNORT
Ranking in Intrusion Detection and Prevention Software (IDPS)
16th
Average Rating
7.6
Reviews Sentiment
6.8
Number of Reviews
19
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
5th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (18th), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of September 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Sourcefire SNORT is 2.7%, up from 2.3% compared to the previous year. The mindshare of Vectra AI is 8.1%, up from 7.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
ProductMarket Share (%)
Vectra AI8.1%
Cisco Sourcefire SNORT2.7%
Other89.2%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Jack Poon - PeerSpot reviewer
Offers ease of setup and good documentation
When it comes to the product's deployment phase, we have a lot of vendor support. We have a lot of skills here in Hong Kong. Our company doesn't find any problem deploying Cisco solutions. The solution is deployed on an on-premises version. Speaking about the time required to deploy the solution, I would say that we have quite a lot of previous experience with deploying Cisco products. We have our company's standard design document, which we need to follow. We have a standard testing procedure for all those features. We just take out some appropriate parts and then compile them into one document for an individual project. It is actually quite easy for us to do the documentation, so it just takes one or two hours, and we can do the implementation because all the materials and testing procedures are already in our company standard documents, so it is not that difficult for us.
Read full review
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"I like most of Cisco's features, like malware detection and URL filtering."
"The tool's most valuable feature is threat detection, which is important because we have multiple layers not only in Cisco."
"The solution is stable."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"The most valuable feature is the visibility that we have across the virtual environment."
"The whole solution is very good, and stable."
More Cisco Sourcefire SNORT pros
"Using this tool for automation has provided more benefits to our processes."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload."
"Vectra AI is the best. It is a major product in our cybersecurity."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
More Vectra AI pros
 

Cons

"The implementation could be a bit easier."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"The solution's approach to managing traffic blocking is confusing and impractical."
"The customization of the rules can be simplified."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"If the price is brought down then everybody will be happy."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"There are problems setting up VPNs for some regions."
More Cisco Sourcefire SNORT cons
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"Other alternatives, like Darktrace, have a fancier UI."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
More Vectra AI cons
 

Pricing and Cost Advice

"The cost is per port and can be expensive but it does include training and support for three years."
"Licensing for this solution is paid on a yearly basis."
"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"We have a three-year license for this solution."
"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
"The pricing is very good. It's less expensive than many of the tools out there."
"Its cost is too much. It's an investment that we can afford. It's a lot, but it's worth it."
"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
"It is an expensive solution, but it's not the most expensive we've seen. We also know how much we're going to pay, unlike with some other providers where all of a sudden our license explodes."
"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"The solution's pricing was 50 percent lower than the other vendors shortlisted."
"It's relatively on the pricier side, but when compared to other solutions. It's not the most budget-friendly option, but it can be considered somewhat more cost-effective in comparison to other alternatives."
More Vectra AI pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
See recommendations
867,497 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
10%
University
9%
Manufacturing Company
7%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise7
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise10
Large Enterprise27
 

Questions from the Community

What do you like most about Cisco Sourcefire SNORT?
The product is inexpensive compared to leading brands such as Palo Alto or Fortinet.
See all answers
What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
See all answers
What needs improvement with Cisco Sourcefire SNORT?
Cisco offers the Cisco DNA Center, which is a source that provides crucial information for us to monitor performance, and see whether there is any trouble. We are using Cisco DNA center, but again,...
See all answers
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
See all answers
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
See all answers
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
See all answers
 

Comparisons

Fortinet FortiGate vs Cisco Sourcefire SNORT Logo
Fortinet FortiGate vs Cisco Sourcefire SNORT
Compared 20% of the time
Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT Logo
Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT
Compared 20% of the time
Palo Alto Networks Advanced Threat Prevention vs Cisco Sourcefire SNORT Logo
Palo Alto Networks Advanced Threat Prevention vs Cisco Sourcefire SNORT
Compared 18% of the time
Zscaler Cloud IPS vs Cisco Sourcefire SNORT Logo
Zscaler Cloud IPS vs Cisco Sourcefire SNORT
Compared 9% of the time
Darktrace vs Cisco Sourcefire SNORT Logo
Darktrace vs Cisco Sourcefire SNORT
Compared 7% of the time
More Cisco Sourcefire SNORT Competitors
Darktrace vs Vectra AI Logo
Darktrace vs Vectra AI
Compared 29% of the time
ExtraHop Reveal(x) vs Vectra AI Logo
ExtraHop Reveal(x) vs Vectra AI
Compared 11% of the time
Corelight vs Vectra AI Logo
Corelight vs Vectra AI
Compared 7% of the time
Cisco Secure Network Analytics vs Vectra AI Logo
Cisco Secure Network Analytics vs Vectra AI
Compared 5% of the time
Arista NDR vs Vectra AI Logo
Arista NDR vs Vectra AI
Compared 5% of the time
More Vectra AI Competitors
 

Product Reports

Buyer's Guide
Cisco Sourcefire SNORT
September 2025
Cisco Sourcefire SNORT reportDownload Cisco Sourcefire SNORT product report
Buyer's Guide
Vectra AI
August 2025
Vectra AI reportDownload Vectra AI product report
 

Also Known As

Sourcefire SNORT
Vectra Networks, Vectra AI NDR
 

Overview

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

Cisco

Vectra AI enhances security operations by pinpointing attack locations, correlating alerts, and providing in-depth visibility across attack lifecycles, ultimately prioritizing threats and improving incident responses.

Vectra AI integrates AI and machine learning to detect anomalies early and supports proactive threat response. Its features like risk scoring, alert correlation, and streamlined SOC efficiency are supplemented by integration with tools like Office 365. Users highlight integration, reporting, and customization challenges, alongside limitations in syslog data and false positive management. They seek enhancements in visualization, UI, TCP replay, endpoint visibility, and tool orchestration, with requests for improved documentation, licensing, and cloud processing innovation.

What are the key features of Vectra AI?
  • Attack Location Identification: Pinpoints specific locations of security breaches.
  • Alert Correlation: Combines multiple alerts into a single incident for efficiency.
  • Visibility Across Attack Lifecycle: Offers detailed insight through different attack stages.
  • Risk Scoring: Aggregates risk scores to prioritize imminent threats.
  • AI and Machine Learning: Detects anomalies early to aid in proactive threat response.
  • Integration with Office 365: Seamlessly consolidates data for enriched investigations.
What benefits should users look for?
  • Enhanced SOC Efficiency: Reduces alert fatigue and improves operational efficiency.
  • Threat Prioritization: Focuses on the most critical threats with risk scoring.
  • Proactive Threat Response: Early anomaly detection aids in swift response.
  • Operational Overhead Reduction: Seamless integration minimizes extra workload.
  • Compliance and Policy Support: Assists in adhering to policies and regulations.

In industries like finance, healthcare, and critical infrastructure, Vectra AI is crucial for threat detection and network monitoring. Entities use it for identifying anomalous behaviors and enhancing cybersecurity by responding to network activities and analyzing traffic for potential breaches. It operates on-premises and in hybrid cloud settings, enabling threat detection without endpoint agents and supporting compliance and policy enforcement.

Vectra AI
 

Sample Customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Buyer's Guide
Cisco Sourcefire SNORT vs. Vectra AI
September 2025
Free Report: Cisco Sourcefire SNORT vs. Vectra AI
Find out what your peers are saying about Cisco Sourcefire SNORT vs. Vectra AI and other solutions. Updated: September 2025.
DOWNLOAD NOW
867,497 professionals have used our research since 2012.
See our Cisco Sourcefire SNORT vs. Vectra AI report.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.