No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Sourcefire SNORT vs Claroty Platform comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Sourcefire SNORT
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (13th)
Claroty Platform
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
18
Ranking in other categories
Remote Access (9th), Vulnerability Management (23rd), Operational Technology (OT) Security (2nd), Cyber-Physical Systems Protection (2nd), Secure Remote Access (1st)
 

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Cisco Sourcefire SNORT is designed for Intrusion Detection and Prevention Software (IDPS) and holds a mindshare of 3.0%, up 2.6% compared to last year.
Claroty Platform, on the other hand, focuses on Cyber-Physical Systems Protection, holds 37.3% mindshare, down 42.9% since last year.
Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
ProductMindshare (%)
Cisco Sourcefire SNORT3.0%
Darktrace10.2%
Fortinet FortiGate9.2%
Other77.6%
Intrusion Detection and Prevention Software (IDPS)
Cyber-Physical Systems Protection Mindshare Distribution
ProductMindshare (%)
Claroty Platform37.3%
Armis35.4%
Phosphorus Cybersecurity12.0%
Other15.300000000000011%
Cyber-Physical Systems Protection
 

Featured Reviews

reviewer2772102 - PeerSpot reviewer
Cloud Architect at a consultancy with 1-10 employees
Logging and customizable rules have helped improve threat monitoring and detection
The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.
TarunKumar11 - PeerSpot reviewer
Global Leadership Council at a tech company with 10,001+ employees
Improved industrial asset visibility has transformed risk management and compliance monitoring
I think there are some areas of weaknesses in Claroty Platform. The pricing could improve, as some of the features require licensing tiers and therefore the pricing could be higher. Claroty Platform could benefit from simpler licensing and pricing structures. The executive dashboard can improve as well, and they can expand their third-party integration. Additionally, their predictive AI-driven recommendations can be improved. I think it does provide for very good behavior analysis through AI capabilities and risk prioritization, which is generally quite trustworthy. As the capability of AI enhances, I think it can provide for better risk recommendations. Claroty Platform can have a better and simpler licensing arrangement. Their third-party integrations can expand. They can have better executive dashboards and more AI-driven predictive risk recommendations. I would rate them an eight for these reasons. Dashboards, licensing, integrations, and AI-driven recommendations are areas for improvement. Probably one more to add is that they can have better and more enhanced automated remediation workflows.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is stable."
"The tool's most valuable feature is threat detection, which is important because we have multiple layers not only in Cisco."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"If you compare it to other vendors, the technical support from Cisco is excellent."
"The whole solution is very good, and stable."
"It is quite an intelligent product."
"I like most of Cisco's features, like malware detection and URL filtering."
"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."
"Our different execution team is there to handle it, but overall, the product is pretty easy to deploy and integrate with the existing system."
"The solution offers comprehensive tools that greatly enhance your IT operations if implemented correctly."
"The solution's most valuable feature is the map, which shows everything that is connected and communicates with each other."
"Claroty is very beneficial for learning and adds value to your resume."
"The tool's best feature was the UI and the simplicity it offers."
"The product helps mitigate potential threats, especially if its users have signature rules. The product also provides alerts."
"The solution's asset management is really great compared to Dragos or Nozomi."
"The platform ensures security without imposing significant delays."
 

Cons

"The utopia is to see everything from one dashboard, but sometimes that's not very possible."
"The solution's approach to managing traffic blocking is confusing and impractical."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"To be frank, the product is not really stable, although they're working on that."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"The customization of the rules can be simplified."
"The price of this solution could be improved."
"There are some bugs in this solution and troubleshooting them is complicated."
"More modularity would be helpful for Claroty Platform to improve its competitiveness."
"Pricing could be improved."
"The pricing could improve, as some of the features require licensing tiers and therefore the pricing could be higher."
"The Claroty Platform becomes too noisy when it gives numerous CVEs related to vendor match. Sometimes, these CVEs are not actually related to the device in the firmware at the site."
"There are a few protocols that Claroty doesn't currently support."
"I've reported four bugs and three feature requests so far. The main area of focus should be on how attacks are detected. The attack vector information needs to be more detailed. For example, it's not enough to state that an SMB v1 version open can lead to a WannaCry attack. A more detailed explanation should help clients understand the various ways an attack could occur."
"Occasionally, I face a login problem despite entering the correct password."
"I think the only issue is that the hardware Claroty uses is expensive."
 

Pricing and Cost Advice

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
"Licensing for this solution is paid on a yearly basis."
"The cost is per port and can be expensive but it does include training and support for three years."
"We have a three-year license for this solution."
"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"It's a bit expensive compared to other solutions."
"The tool is quite expensive."
"The licensing for physical devices is cheap, but the software version is expensive. The software version costs around 26-28 dollars. I was surprised and even double-checked. It was shocking."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
903,182 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
10%
Comms Service Provider
8%
University
7%
Manufacturing Company
15%
Energy/Utilities Company
9%
Computer Software Company
6%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise8
Large Enterprise7
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise1
Large Enterprise13
 

Questions from the Community

What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
What needs improvement with Cisco Sourcefire SNORT?
I have not had much experience with the community-driven rule set while utilizing Cisco Sourcefire SNORT. I don't have experience with recognizing zero-day vulnerabilities, but based on my knowledg...
What is your primary use case for Cisco Sourcefire SNORT?
Endpoint protection is the main use case. The main aspect involves specifying different rules, and when network traffic hits these rules, it will try to block the traffic or at least log the traffi...
What needs improvement with Claroty Platform?
I think there are some areas of weaknesses in Claroty Platform. The pricing could improve, as some of the features require licensing tiers and therefore the pricing could be higher. Claroty Platfor...
What is your primary use case for Claroty Platform?
I think a lack of visibility into industrial assets is the main use case for Claroty Platform. Claroty Platform is a cyber-physical system security platform. Lack of visibility into industrial asse...
What advice do you have for others considering Claroty Platform?
Claroty Platform has impacted my organization positively by reducing cyber risk, by making the incident detection faster, by improving compliance readiness, reducing operational downtime, and overa...
 

Also Known As

Sourcefire SNORT
No data available
 

Overview

 

Sample Customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Rockwell Automation
Find out what your peers are saying about Fortinet, Darktrace, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS). Updated: June 2026.
903,182 professionals have used our research since 2012.