2019-07-02T06:57:00Z
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 10

What needs improvement with Cisco Sourcefire SNORT?

Please share with the community what you think needs improvement with Cisco Sourcefire SNORT.

What are its weaknesses? What would you like to see changed in a future version?

12
PeerSpot user
12 Answers
AA
NOC Supervisor / Network Architect / System Analyst at a non-profit with 10,001+ employees
Real User
Top 10
2020-12-08T14:56:35Z
Dec 8, 2020

I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it.

Search for a product comparison
SC
Team Lead Manager with 501-1,000 employees
Real User
2020-07-22T08:17:21Z
Jul 22, 2020

While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive.

AR
Team Lead at a tech services company with 201-500 employees
Real User
2020-04-13T06:27:00Z
Apr 13, 2020

Performance needs improvement. If you compare Cisco Sourcefire with other products, it performs at the same level of compliance. For Cisco Sourcefire, it's not really horrible and it's not really the market and price-performance rate. The performance can be improved.

SS
Network Engineer at a tech services company with 501-1,000 employees
Real User
2020-01-12T12:02:00Z
Jan 12, 2020

There are problems setting up VPNs for some regions. There are cases where they are permitted in Sourcefire but blocked in Check Point. There are some outside ports that are allowed by default but should not be. It would be helpful if a list of third-party services were listed so that the rules could be easily added. An example of this would be a ticket booking site. It would be in a list of services and selecting it would allow transactions with that site.

AE
Information Security Operations Expert at Asiacell
Real User
2020-01-09T06:15:00Z
Jan 9, 2020

We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco. Sourcefire SNORT is very resource heavy in terms of CPU usage and memory consumption. Technical support has told us that this is related to bugs that have yet to be fixed.

GoumouFerdinand - PeerSpot reviewer
Security Engineer at Socitech SA
Real User
2019-11-26T05:43:00Z
Nov 26, 2019

To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team is working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have. Another issue where there's room for improvement is that sometimes I feel like the device is heavy. For example, we can use either the physical or virtual device. Most of the time if you are using the virtual device, you need to have very good RAM. If, for example, we don't have a good RAM in the environment, the device will be kind of heavy. It will not run as quick as you want. Most of the time we need a minimum of 4GB of RAM. Maybe they should add the possibility that we could use 2GB of RAM so that the device can be more lightweight. Those are all small things, but if they can improve them it would be great. Of course, everything is dependent on the process running behind it. I don't know if they have the possibility to make these changes, but if they can, it would be great.

Find out what your peers are saying about Cisco, Darktrace, Splunk and others in Intrusion Detection and Prevention Software (IDPS). Updated: November 2022.
653,522 professionals have used our research since 2012.
GebremichaelTeklemariam - PeerSpot reviewer
Networking and Security Engineer at IE Network Solutions PLC (Ethiopia)
Real User
Top 5
2019-11-19T06:35:00Z
Nov 19, 2019

I don't think this solution is a time-based control system, because one cannot filter traffic based on time.

NAWAF-TAWAKOL - PeerSpot reviewer
Pre-Sales Engineer at a tech services company with 51-200 employees
Real User
2019-10-13T05:49:00Z
Oct 13, 2019

The price of this solution could be improved. If the price is brought down then everybody will be happy. I would like to see a cloud-based version of this solution.

OS
Senior Engineer at a tech services company with 51-200 employees
Real User
2019-10-06T16:38:00Z
Oct 6, 2019

This is a good solution, but some others may have some advantages. For example, Palo Alto has more useful and suitable application abilities. This solution has a better Firepower but the functionalities are not as good. With the next release, I would like to see some PBR, so that you can do the configuration with the features.

OH
Network Engineer at a financial services firm with 201-500 employees
Real User
2019-08-30T04:51:00Z
Aug 30, 2019

This solution needs to be more customizable. The customization of the rules can be simplified.

SA
Chief technology officer at Next Generation Systems Nigeria Limited
Real User
2019-08-28T09:52:00Z
Aug 28, 2019

The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market.

BT
Network Engineer at a individual & family service with 10,001+ employees
Real User
2019-07-02T06:57:00Z
Jul 2, 2019

One addition to the current product that I think would be helpful is if it was integrated into the Cisco DNA Center. Between their security side, their routing, and the wireless side, they kind of have a gap. If they could bridge the gap and integrate all those in the DNA Center, I think that would be a good goal and something useful to users.

Related Questions
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
Mar 18, 2021
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 3 answers
OH
Network Engineer at a financial services firm with 201-500 employees
Aug 30, 2019
We have a three-year license for this solution.
NAWAF-TAWAKOL - PeerSpot reviewer
Pre-Sales Engineer at a tech services company with 51-200 employees
Oct 13, 2019
Licensing for this solution is paid on a yearly basis.
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
Mar 18, 2021
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 3 answers
OH
Network Engineer at a financial services firm with 201-500 employees
Aug 30, 2019
We have a three-year license for this solution.
NAWAF-TAWAKOL - PeerSpot reviewer
Pre-Sales Engineer at a tech services company with 51-200 employees
Oct 13, 2019
Licensing for this solution is paid on a yearly basis.
Download Free Report
Download our free Intrusion Detection and Prevention Software (IDPS) Report and find out what your peers are saying about Cisco, Darktrace, Splunk, and more! Updated: November 2022.
DOWNLOAD NOW
653,522 professionals have used our research since 2012.