Cisco Sourcefire SNORT Reviews

Our primary uses for this solution are URL filtering and malware filtering.

Sourcefire SNORT has been good for us.

The most valuable feature is reliability. This solution is better than Check Point.

The URL filtering is very good and you can create a group for customized URLs. 

Cisco SNORT is easy to manage.

There are problems setting up VPNs for some regions. There are cases where they are permitted in Sourcefire but blocked in Check Point. 

There are some outside ports that are allowed by default but should not be.

It would be helpful if a list of third-party services were listed so that the rules could be easily added. An example of this would be a ticket booking site. It would be in a list of services and selecting it would allow transactions with that site.

I have been working with Sourcefire SNORT for six months.

There are some bugs in this solution and troubleshooting them is complicated.

The scalability of this solution is good.

The technical support is good and is better than Check Point.

We are also using Check Point but it does not work as well as Sourcefire SNORT, which is why we are switching. For example, customized URLs do not work in Check Point. Check Point is also more complex.

The initial setup is straightforward.

This is a good solution and one that I would recommend to others.

I would rate this solution an eight out of ten.

We are a system integrator and this is one of the solutions that we provide to our customers.

This solution is for inspecting traffic. It works with the firewall, email, etc.

This is for an on-premises deployment.

This is a solution that we trust for protection.

The most valuable feature of this solution is the filtering.

It does well for eliminating email spam.

The GUI is user-friendly.

The price of this solution could be improved. If the price is brought down then everybody will be happy.

I would like to see a cloud-based version of this solution.

This is a stable solution.

Scalability is something that Cisco has always cared about. There is no problem with it. For example, if you have one branch and you want to expand to two or three then it will work without any problems.

The technical support is very good. I deal with several Cisco departments, and they have a good team. The team around the world is large and their support is very good.

We had a customer who had a problem with their server, and Cisco sent an entirely new one as a replacement. 

The initial setup of this solution is a little bit complex compared to other solutions.

The average deployment takes approximately half a day. It depends on the environment. If we are connecting braches versus only connecting the head office, the length of time to deploy can change.

Licensing for this solution is paid on a yearly basis.

This solution has improved a lot in the past few years.

I would rate this solution an eight out of ten.

The main features of the Cisco Sourcefire are that it's a next-generation firewall with new features. It has application security, advanced malware protection, URL filterings, encryption, and decryption.

It is also used for email filtration and web application cyber protection.

The deployment model we used was on-premises.

This solution has improved our security level for our organization. It's a more intellectual system with many features that can help us with decryption. 

At this time, we have more than eighty-six percent of the traffic is SSL. We must decrypt this, and these devices provide us with tools for encrypted traffic inspection.

 It's user-friendly for engineers and works well for configuration and debugging.

The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates.

This is a good solution, but some others may have some advantages. For example, Palo Alto has more useful and suitable application abilities. This solution has a better Firepower but the functionalities are not as good.

With the next release, I would like to see some PBR, so that you can do the configuration with the features.

This solution is stable if we talk about boxes, and usually, it is a strong system, but with some software versions, we have had some trouble. I think that it depends on the manufacturers. 

This solution is scalable and reliable.

You can use it in a cluster for one PC or a cluster for two different data centers.

The support is good.

For customers, there are many features and we try to resolve as many issues as we can, but we only have access to some of the core elements. They can only be resolved by contacting technical support.

The initial setup and configuration are easy.

You can create panels with deeper functionalities, but you need a bit more experience with the technology. 

Providing videos and materials are useful, but really what you need is the experience in analyzing logs. Without that, you wouldn't be able to problem-solve on your own, even with the assistance of videos.

I would recommend this solution. It's reliable and scalable, with easy installation and integration.

I would rate this solution an eight out of ten.