No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Sourcefire SNORT vs Claroty Platform comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Sourcefire SNORT
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (14th)
Claroty Platform
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
16
Ranking in other categories
Remote Access (9th), Vulnerability Management (23rd), Operational Technology (OT) Security (2nd), Cyber-Physical Systems Protection (2nd)
 

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Cisco Sourcefire SNORT is designed for Intrusion Detection and Prevention Software (IDPS) and holds a mindshare of 3.1%, up 2.3% compared to last year.
Claroty Platform, on the other hand, focuses on Cyber-Physical Systems Protection, holds 40.0% mindshare, down 42.9% since last year.
Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
ProductMindshare (%)
Cisco Sourcefire SNORT3.1%
Fortinet FortiGate11.4%
Darktrace10.8%
Other74.7%
Intrusion Detection and Prevention Software (IDPS)
Cyber-Physical Systems Protection Mindshare Distribution
ProductMindshare (%)
Claroty Platform40.0%
Armis36.5%
Verve Security Center9.1%
Other14.400000000000006%
Cyber-Physical Systems Protection
 

Featured Reviews

reviewer2772102 - PeerSpot reviewer
Cloud Architect at a consultancy with 1-10 employees
Logging and customizable rules have helped improve threat monitoring and detection
The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.
AP
Senior Consultant at Payatu
Passive scanning excels and support proves invaluable
Regarding the cons of the Claroty Platform, it is not about the deployment, but rather the identification. The Claroty Platform becomes too noisy when it gives numerous CVEs related to vendor match. Sometimes, these CVEs are not actually related to the device in the firmware at the site. The Claroty Platform identifies effectively but sometimes identifies many CVEs which might not be the actual issue in certain scenarios.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cisco technical support is unbeatable. It offers a premium service every time."
"If you compare it to other vendors, the technical support from Cisco is excellent."
"The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT; being able to log and store it in a file allows you to push it to a centralized repository."
"The whole solution is very good, and stable."
"The most valuable feature is reliability, and this solution is better than Check Point."
"Scalability is something that Cisco has always cared about."
"Solid intrusion detection and prevention that scales easily in very large environments."
"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."
"The solution's asset management is really great compared to Dragos or Nozomi."
"Claroty is very beneficial for learning and adds value to your resume."
"Claroty assigns a score based on how well you are doing in the course. If you skip a video, your score decreases, making it essential to watch the content attentively."
"I believe the two main aspects where Claroty stands out are their ability to provide a complete platform and their OT-specific focus."
"I have had a very good experience with the Claroty Platform."
"Their SRA solution, the Secure Remote Access solution, is very useful for industrial environments."
"I like how the tool does passive and active discovery and threat detection and shows risks, recommendations, and vulnerabilities. It gives risk scores and gathers everything in one place - IP, device name, etc. We can integrate it with other tools for overall network mapping. It's useful for audits, compliance, and monitoring of all devices in the industry. It provides both monitoring and control. We also have SRA for incident response, which lets us search all alerts if we deploy the Claroty Platform."
"The solution offers comprehensive tools that greatly enhance your IT operations if implemented correctly."
 

Cons

"Sometimes the solution will offer up false positives."
"The pricing needs to be improved."
"The utopia is to see everything from one dashboard, but sometimes that's not very possible."
"The price of this solution could be improved."
"The solution's approach to managing traffic blocking is confusing and impractical."
"If the price is brought down then everybody will be happy."
"There are some bugs in this solution and troubleshooting them is complicated."
"The customization of the rules can be simplified."
"I think the only issue is that the hardware Claroty uses is expensive."
"There is room for improvement in the user interface to make it more vibrant and interactive, similar to IT tools. Improvements could also be made in the Secure Remote Access (SRA) user interaction and graphical representations of recordings."
"Introducing an AI chatbot to assist you when you have doubts could be beneficial."
"The graphical user interface is quite poor."
"There should be AI security solutions implemented."
"Occasionally, I face a login problem despite entering the correct password."
"The Claroty Platform becomes too noisy when it gives numerous CVEs related to vendor match. Sometimes, these CVEs are not actually related to the device in the firmware at the site."
"We face issues in the alert investigation area because it does not properly give the alert communication patterns."
 

Pricing and Cost Advice

"The cost is per port and can be expensive but it does include training and support for three years."
"Licensing for this solution is paid on a yearly basis."
"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"We have a three-year license for this solution."
"The licensing for physical devices is cheap, but the software version is expensive. The software version costs around 26-28 dollars. I was surprised and even double-checked. It was shocking."
"The tool is quite expensive."
"It's a bit expensive compared to other solutions."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
890,124 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
10%
University
9%
Construction Company
9%
Comms Service Provider
8%
Manufacturing Company
15%
Energy/Utilities Company
9%
Computer Software Company
7%
Comms Service Provider
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise8
Large Enterprise7
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise1
Large Enterprise11
 

Questions from the Community

What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
What needs improvement with Cisco Sourcefire SNORT?
I have not had much experience with the community-driven rule set while utilizing Cisco Sourcefire SNORT. I don't have experience with recognizing zero-day vulnerabilities, but based on my knowledg...
What is your primary use case for Cisco Sourcefire SNORT?
Endpoint protection is the main use case. The main aspect involves specifying different rules, and when network traffic hits these rules, it will try to block the traffic or at least log the traffi...
What needs improvement with Claroty Platform?
Regarding the cons of the Claroty Platform, it is not about the deployment, but rather the identification. The Claroty Platform becomes too noisy when it gives numerous CVEs related to vendor match...
What is your primary use case for Claroty Platform?
My clients are using the Claroty Platform for asset identification, finding CVEs and threat intel. I am aware of the continuous threat detection feature of the Claroty Platform, and even if it is g...
What advice do you have for others considering Claroty Platform?
I am using the Claroty Platform but not using Armis. They might be able to integrate AI into the Claroty Platform when they are creating attack vectors. I have had a very good experience with the C...
 

Also Known As

Sourcefire SNORT
No data available
 

Overview

 

Sample Customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Rockwell Automation
Find out what your peers are saying about Fortinet, Darktrace, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS). Updated: April 2026.
890,124 professionals have used our research since 2012.