Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT comparison

Cisco Secure IPS (NGIPS) and Cisco Sourcefire SNORT are both solutions in the Intrusion Detection and Prevention Software (IDPS) category. Cisco Secure IPS (NGIPS) is ranked #6 with an average rating of 8.2, while Cisco Sourcefire SNORT is ranked #10 with an average rating of 8.0. Cisco Secure IPS (NGIPS) holds a 4.3% mindshare in ID, compared to Cisco Sourcefire SNORT’s 3.4% mindshare. Additionally, 93% of Cisco Secure IPS (NGIPS) users are willing to recommend the solution, compared to 94% of Cisco Sourcefire SNORT users who would recommend it.

Cisco Secure IPS (NGIPS)

Read 63 Cisco Secure IPS (NGIPS) reviews

2,428 Views
1,385 Comparison Views

93% willing to recommend

Cisco Sourcefire SNORT

Read 18 Cisco Sourcefire SNORT reviews

1,717 Views
1,272 Comparison Views

94% willing to recommend

Cisco Secure IPS (NGIPS)

Cisco Sourcefire SNORT

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Secure IPS (NGIPS) and Cisco Sourcefire SNORT based on real PeerSpot user reviews.

Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Cisco Secure IPS (NGIPS) vs. Cisco Sourcefire SNORT Report (Updated: September 2024).

Buyer's Guide

Cisco Secure IPS (NGIPS) vs. Cisco Sourcefire SNORT

September 2024

Download the complete report

Helped 801,634 peers since 2012

Categories and Ranking

Cisco Secure IPS (NGIPS)

Ranking in Intrusion Detection and Prevention Software (IDPS)

6th

Average Rating

8.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Cisco Sourcefire SNORT

Ranking in Intrusion Detection and Prevention Software (IDPS)

10th

Average Rating

7.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of September 2024, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Secure IPS (NGIPS) is 4.3%, down from 4.6% compared to the previous year. The mindshare of Cisco Sourcefire SNORT is 3.4%, down from 4.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

MahmoodAbdollahi

Senior Network Engineer at Dejpaad

Jan 11, 2023

The best in the world, high value features, with long term reliability

Our primary use case is for the firewall and other security-related features I think the Cisco Firepower is the best firewall in the world and the other security features like AMP, IPS, and deep inspection packets. The most valuable feature would be the IPS is very important in Cisco Firepower…

Read full review

Carlos Reis

Network Security Engineer at New Era Technology

Feb 27, 2024

Offer a convenient and effective way to implement strong security measures

It provides a centralized platform using Cisco. SNORT is integral to the database. The primary function is expanding the database. As nodes transition, adjustments are made to SNORT, further enhancing its capabilities. It plays a crucial role in managing various protocols. Cisco Sourcefire SNORT is expected to offer improved management capabilities within the ACP. However, navigating the ACP settings can be challenging, particularly when dealing with default configurations. Additionally, upgrading devices may receive unfamiliar database updates from the FMC, such as ETB. This can lead to confusion and necessitate careful handling to ensure proper integration and functionality. Changes in Cisco Sourcefire SNORT, particularly in application settings, can have significant impacts. For instance, transitioning from one application setting to another, such as from a large-scale deployment to a maximum setting, can disrupt operations. This disruption is particularly challenging because it affects various rules and configurations for different applications. It's essential for Cisco to streamline the process of managing these changes, possibly by providing more user-friendly interfaces or tools, as relying solely on technical support can be cumbersome. Specifically, when discussing SmartOps, the complexity of managing configurations and settings becomes apparent, highlighting the need for simpler, more intuitive solutions. When working with Cisco Sourcefire SNORT, creating your profile files and meticulously tracking your activities is essential. When starting out with SNORT and adjusting migration rules, it's crucial to exercise caution and understand the potential impact on the business. Sometimes, you need to put your network into 'inline mode' to observe the traffic and understand what's happening on your network. Enabling this mode allows you to see what's passing through your network. There are some tools we use to analyze specialized traffic. We recently encountered a situation in which Cisco SQL traffic was blocked because of SNORT. It provides good analysis and outputs. You can see everything if you're attached to intrusion testing in the FMC; its database is good. The strength of SNORT, coupled with its integration with the firewall, works well. The database from SNORT contains a lot of data, and it's not just a single tool requirement. Dealing with all this data can be challenging. Firepower had some options like that that couldn't be blocked. Then, you can start to see improvement. We encountered an issue where certain features were blocked after migrating from SNORT version two to three. Despite our efforts to ensure progress, some problems arose, particularly related to the network analysis policy. This occurred even before transitioning to Sourcefire; within the engine, some traffic passing through SNORT faced issues. When migrating to version three, Cisco had to release a patch to address this problem and give you an idea. Overall, I rate this solution an eight out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I think their fingerprints are good in terms of how they whitelist and blacklist."

"Cisco NGIPS is a stable tool...The technical support provided by Cisco NGIPS is okay."

"NGIPS lets you map web requests to a specific user to determine who is downloading files and what they are accessing. You can use it to identify users downloading malware or track time wasters using Facebook or something like that. It gives you visibility into what your users are doing on the Internet."

"This is a stable solution."

"The IPS functionality is useful if you have offices all over the place. It's nice to have centralized management instead of going to a separate ASA or FirePOWER device."

"I like how NGIPS has everything in one console."

"The cost is the most valuable feature."

"The solution is stable. This is one of the good things in Firepower. Especially if we use ESE with it."

More Cisco Secure IPS (NGIPS) pros

"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."

"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."

"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."

"The whole solution is very good, and stable."

"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."

"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."

"The most valuable feature is the visibility that we have across the virtual environment."

"The URL filtering is very good and you can create a group for customized URLs."

More Cisco Sourcefire SNORT pros

Cons

"There are certain limitations that need to be addressed."

"The solution would be better if it offered customers more integrations and more signatures."

"The SSL decrypt could be improved, but it's normal. All the devices in our platform need a lot of memory or CPU to do the SSL decrypt. This is an issue to improve in all platforms, not only in Cisco."

"The price is a little high. It's hard to find solutions that are easy on the budget and strike a balance between affordability and features."

"I would like to see the sanctions lifted so we could use the full solution and have the speed increased."

"Better integration with other products, such as a SIEM tool, would provide better peer visibility about your security posture."

"We have a separate management controller for Cisco NGIPS. If they have not done it already they should integrate Cisco NGIPS with the Cloud Portal."

"The attack patterns and payloads go undetected in Cisco. We would like to see a new solution with more effective detection of attack patterns. There should be more data analyzing patterns as well which provides useful information."

More Cisco Secure IPS (NGIPS) cons

"The cloud can be improved."

"If the price is brought down then everybody will be happy."

"The main dashboard of Cisco Sourcefire SNORT could improve."

"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."

"The implementation could be a bit easier."

"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."

"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."

"Performance needs improvement."

More Cisco Sourcefire SNORT cons

Pricing and Cost Advice

"When it comes to pricing you pay for a permanent licensing structure. One, three, and five-year options. There are no extra costs."

"The annual licensing tends to be expensive, but in terms of implementing the licenses, it's a very uncomplicated process and as easy as copy-paste in its straightforwardness."

"There are licensing fees depending on the features that you are using."

"Licensing fees for this solution are $3,500 USD, and there are no additional costs."

"They are very expensive in some places and not reasonable at times for many customers. I have had customers choose another solution because of the high price."

"The tool's licensing costs are yearly."

"I would rate the pricing four out of 10."

"The price of the solution is expensive to a degree it cannot be used by small businesses. It is best suited for medium and enterprise businesses."

More Cisco Secure IPS (NGIPS) pricing and cost advice

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."

"Licensing for this solution is paid on a yearly basis."

"We have a three-year license for this solution."

"The cost is per port and can be expensive but it does include training and support for three years."

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

801,634 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

20%

University

12%

Financial Services Firm

Government

Computer Software Company

21%

Government

Financial Services Firm

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco NGIPS?

The product's initial setup phase was easy.

See all answers

What is your experience regarding pricing and costs for Cisco NGIPS?

Cisco NGIPS is an expensive product.

See all answers

What needs improvement with Cisco NGIPS?

There are certain limitations that need to be addressed.

See all answers

What do you like most about Cisco Sourcefire SNORT?

The product is inexpensive compared to leading brands such as Palo Alto or Fortinet.

See all answers

What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?

The product is inexpensive compared to leading brands such as Palo Alto or Fortinet. It is cheaper than Palo Alto and comparable to Fortinet. It also depends on Cisco’s discount. Sometimes it's che...

See all answers

What needs improvement with Cisco Sourcefire SNORT?

The solution has some stability issues. Also, it's complicated compared to other products like FortiGate.

See all answers

Comparisons

Check Point IPS vs Cisco Secure IPS (NGIPS)

Compared 22% of the time

Trend Micro TippingPoint Threat Protection System vs Cisco Secure IPS (NGIPS)

Compared 20% of the time

Fortinet FortiGate IPS vs Cisco Secure IPS (NGIPS)

Compared 19% of the time

Trellix Intrusion Prevention System vs Cisco Secure IPS (NGIPS)

Compared 12% of the time

Darktrace vs Cisco Secure IPS (NGIPS)

Compared 4% of the time

More Cisco Secure IPS (NGIPS) Competitors

Fortinet FortiGate IPS vs Cisco Sourcefire SNORT

Compared 18% of the time

Palo Alto Networks Advanced Threat Prevention vs Cisco Sourcefire SNORT

Compared 17% of the time

Vectra AI vs Cisco Sourcefire SNORT

Compared 11% of the time

Check Point IPS vs Cisco Sourcefire SNORT

Compared 10% of the time

Darktrace vs Cisco Sourcefire SNORT

Compared 10% of the time

More Cisco Sourcefire SNORT Competitors

Product Reports

Buyer's Guide

Cisco Secure IPS (NGIPS)

September 2024

Download Cisco Secure IPS (NGIPS) product report

Buyer's Guide

Cisco Sourcefire SNORT

September 2024

Download Cisco Sourcefire SNORT product report

Also Known As

Sourcefire NGIPS, Firepower NGIPS

Sourcefire SNORT

Learn More

Cisco

Overview

Cisco Secure IPS (NGIPS) is designed for intrusion prevention, firewalling, and application filtering. It's deployed on-premises to secure networks and perform real-time traffic inspection, defining security policies to prevent malicious attacks.

Organizations use Cisco Secure IPS (NGIPS) to safeguard data centers, enterprise networks, and server environments. This technology integrates with advanced threat intelligence and multiple security features to enhance cybersecurity. Users deploy it at network perimeters, for firewall replacement, and to secure critical infrastructure. The platform supports modularity, anomaly detection, scalability, and centralized management, making it a comprehensive solution for modern security needs.

What are the key features of Cisco Secure IPS (NGIPS)?

Intrusion Prevention: Detects and blocks various network threats.
Automation: Streamlines security processes for efficiency.
Advanced Threat Detection: Identifies and mitigates sophisticated attacks.
Centralized Management: Simplifies oversight with a unified interface.
Anomaly Detection: Flags unusual behaviors and potential threats.
Compatibility with Firepower: Integrates seamlessly with other Cisco solutions.
DDoS Protection: Mitigates distributed denial-of-service attacks.
Signature Updates: Ensures the latest threat definitions are in use.
Access Policy Management: Enables precise control over user access.
Real-Time Traffic Inspection: Monitors traffic to detect threats immediately.

What benefits and ROI should users look for in reviews?

Enhanced Security: Improved protection against cyber threats.
Operational Efficiency: Reduced time and effort in managing security.
Scalability: Seamless scaling to accommodate growing network demands.
Compliance: Helps meet regulatory and industry standards.
Risk Mitigation: Reduced risk of data breaches and cyber attacks.
Visibility: Increased insight into network traffic and threats.

This technology is widely implemented across industries such as finance, healthcare, and retail, ensuring robust security for sensitive data and critical infrastructure. Typical deployments include network perimeters and data centers, providing real-time threat detection and unified security management. The combination of integrated threat intelligence and advanced security features helps enterprises strengthen their defenses against evolving cyber threats.

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

Sample Customers

American Electric Power, Huntington Bank, Keycorp, Nationwide, Transunion, Marriott, Inova Health, Ford, Thomson Reuters, Dow Chemical, Equifax, Chevron, Walmart, Coca Cola

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia

Buyer's Guide

Cisco Secure IPS (NGIPS) vs. Cisco Sourcefire SNORT

September 2024

Free Report: Cisco Secure IPS (NGIPS) vs. Cisco Sourcefire SNORT

Find out what your peers are saying about Cisco Secure IPS (NGIPS) vs. Cisco Sourcefire SNORT and other solutions. Updated: September 2024.

DOWNLOAD NOW

801,634 professionals have used our research since 2012.

See our Cisco Secure IPS (NGIPS) vs. Cisco Sourcefire SNORT report.

See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.