Try our new research platform with insights from 80,000+ expert users

Darktrace vs IBM Security Network IPS comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 15, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Darktrace
Ranking in Intrusion Detection and Prevention Software (IDPS)
1st
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
82
Ranking in other categories
Email Security (9th), Network Traffic Analysis (NTA) (1st), Network Detection and Response (NDR) (1st), Extended Detection and Response (XDR) (6th), Cloud Security Posture Management (CSPM) (15th), Cloud-Native Application Protection Platforms (CNAPP) (11th), Attack Surface Management (ASM) (4th), AI-Powered Cybersecurity Platforms (2nd)
IBM Security Network IPS
Ranking in Intrusion Detection and Prevention Software (IDPS)
23rd
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Darktrace is 18.8%, up from 17.8% compared to the previous year. The mindshare of IBM Security Network IPS is 0.7%, down from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Malebo Lethoba Group - PeerSpot reviewer
Have found the AI analyst and detection functions highly valuable for network operations while managing complexity in initial setup
The functions I find most valuable in Darktrace ( /products/darktrace-reviews ) are the AI analyst as well as the detection.The autonomous response capabilities of Darktrace are not crucial for me because it doesn't work in a network where there are no core switches. In a modern network, the autonomous response doesn't work, especially when sitting in a shared data center.If I'm running a traditional network where I am not in a shared data center with a layer two dedicated for my resources, then it can work for me. However, if I am in a data center where I don't have layer two, it becomes an issue because the autonomous response is reliant on sending spoofed TCP resets to my core switch to block traffic, which is a major issue.
Jacob_Koithra - PeerSpot reviewer
User-friendly and has a good blocking feature but is quite expensive
Defining the new security rules and policies sometimes becomes a challenge. Integration with other platforms becomes a challenge as well. I'd like to see more integration with other tools and technologies. XGS 7100 has an end of support for the 30th of December 2022. Many are losing support. All the products of the XGS, including XGS 3100, 4100, 5100, and 7100, support is ending in December 2022. We need to know what is the plan post that? Do we need to spend money on them? Will that be extended? There has been no communication on the website either. It's an expensive device.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Darktrace is valuable since it offers full packet capture and detailed metadata."
"The initial setup is simple."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"The most beneficial feature in Darktrace is identifying phishing emails with the help of the AI engine and machine learning."
"The technical support from Darktrace is very good, including support from their resellers."
"The most valuable feature has been the behavioral analytics that allows us to monitor all the traffic."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"Darktrace is extremely stable."
"The most valuable feature is its simplicity."
"The initial setup is simple."
 

Cons

"The solution can improve the reporting."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"Darktrace needs significant improvement in its notification capabilities."
"It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"Needs to improve its collaboration with local partners."
"It can have more integration with orchestration or event management solutions. They can provide more knowledge or research information for analysts for investigating cases and detecting anomalies in networks."
"I'd like to see more integration with other tools and technologies."
"In the future, I would like to see a hybrid option so that we can work both on-premises and in the cloud."
 

Pricing and Cost Advice

"In the ballpark, we're talking about $30K, $50K, and up. It can even be as much as $50K or $100K."
"The tool's pricing is costly."
"The cost of the solution can be reduced to make it more appealing to customers."
"The price of Darktrace is high and could be reduced. We pay approximately $30,000 to $54,000 annually."
"The pricing is reasonable."
"It was $3,600 a month or $2,000 plus or so. I am not sure. Its licensing is pretty simple."
"If you consider the features and the cost of market leaders, we are satisfied with the pricing."
"The pricing is subscription-based and it is high."
"The cost of operations is very low."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Manufacturing Company
8%
Financial Services Firm
8%
Government
7%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about Darktrace?
A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time.
Ask a question
Earn 20 points
 

Also Known As

No data available
Security Network Intrusion Prevention System, IBM Security Network Protection, XGS, GX
 

Overview

 

Sample Customers

Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Equifax, Christian Hospital Centre
Find out what your peers are saying about Darktrace vs. IBM Security Network IPS and other solutions. Updated: July 2025.
861,390 professionals have used our research since 2012.