Cisco Sourcefire SNORT vs Claroty Platform comparison

The compared Cisco and Claroty solutions aren't in the same category. Cisco is ranked #14 in ID , with an average rating of 8.5, and holds a 3.1% mindshare in the category. Claroty is ranked #2 in CPSP , with an average rating of 8.2, and holds a 38.7% mindshare. Additionally, 95% of Cisco users are willing to recommend the solution, compared to 100% of Claroty users who would recommend it.

Cisco Sourcefire SNORT

Read 20 Cisco Sourcefire SNORT reviews

1,857 Views
1,560 Comparison Views

95% willing to recommend

Claroty Platform

Read 16 Claroty Platform reviews

8,188 Views
819 Comparison Views

100% willing to recommend

Cisco Sourcefire SNORT

Claroty Platform

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Sourcefire SNORT and Claroty Platform based on real PeerSpot user reviews.

Find out what your peers are saying about Fortinet, Darktrace, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS).

To learn more, read our detailed Intrusion Detection and Prevention Software (IDPS) Report (Updated: April 2026).

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

April 2026

Download the complete report

Helped 892,678 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Sourcefire SNORT

Average Rating

7.8

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Intrusion Detection and Prevention Software (IDPS) (14th)

Claroty Platform

Average Rating

8.2

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Remote Access (9th), Vulnerability Management (23rd), Operational Technology (OT) Security (2nd), Cyber-Physical Systems Protection (2nd)

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Cisco Sourcefire SNORT is designed for Intrusion Detection and Prevention Software (IDPS) and holds a mindshare of 3.1%, up 2.5% compared to last year.
Claroty Platform, on the other hand, focuses on Cyber-Physical Systems Protection, holds 38.7% mindshare, down 42.2% since last year.

Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
Product	Mindshare (%)
Cisco Sourcefire SNORT	3.1%
Darktrace	10.5%
Fortinet FortiGate	10.3%
Other	76.1%

Intrusion Detection and Prevention Software (IDPS)

Cyber-Physical Systems Protection Mindshare Distribution
Product	Mindshare (%)
Claroty Platform	38.7%
Armis	35.6%
Phosphorus Cybersecurity	10.3%
Other	15.399999999999991%

Cyber-Physical Systems Protection

Featured Reviews

reviewer2772102

Cloud Architect at a consultancy with 1-10 employees

Logging and customizable rules have helped improve threat monitoring and detection

The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.

Read full review

AbhishekPandey5

Senior Consultant at Payatu

Passive scanning excels and support proves invaluable

Regarding the cons of the Claroty Platform, it is not about the deployment, but rather the identification. The Claroty Platform becomes too noisy when it gives numerous CVEs related to vendor match. Sometimes, these CVEs are not actually related to the device in the firmware at the site. The Claroty Platform identifies effectively but sometimes identifies many CVEs which might not be the actual issue in certain scenarios.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It is quite an intelligent product."

"The tool's most valuable feature is threat detection, which is important because we have multiple layers not only in Cisco."

"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."

"The most valuable feature is the visibility that we have across the virtual environment."

"The whole solution is very good, and stable."

"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."

"I would recommend this solution; it's reliable and scalable, with easy installation and integration."

"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."

More Cisco Sourcefire SNORT pros

"Claroty identifies all vulnerabilities available in our environment."

"Customer service is number one and the best."

"The solution offers comprehensive tools that greatly enhance your IT operations if implemented correctly."

"The solution's asset management is really great compared to Dragos or Nozomi."

"The main advantage of Claroty, when compared to its competitors, is integrated secure remote access."

"I believe the two main aspects where Claroty stands out are their ability to provide a complete platform and their OT-specific focus."

"The tool's best feature was the UI and the simplicity it offers."

"The platform ensures security without imposing significant delays, boosts productivity, and allows secure remote access to engineers through advanced methods while providing seamless integration with legacy systems and supporting both passive and active reconnaissance."

More Claroty Platform pros

Cons

"If the price is brought down then everybody will be happy."

"The cloud can be improved."

"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."

"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."

"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."

"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."

"With the next release, I would like to see some PBR, so that you can do the configuration with the features."

"There are problems setting up VPNs for some regions."

More Cisco Sourcefire SNORT cons

"For improvement, I think the training could be more practical. We have external training, but they're mostly theoretical. I want the solution to provide hands-on lab experience to help users learn better."

"Introducing an AI chatbot to assist you when you have doubts could be beneficial."

"Claroty Platform could improve the pricing to get more acceptability in the market."

"The Claroty Platform becomes too noisy when it gives numerous CVEs related to vendor match. Sometimes, these CVEs are not actually related to the device in the firmware at the site."

"There is room for improvement in the user interface to make it more vibrant and interactive, similar to IT tools. Improvements could also be made in the Secure Remote Access (SRA) user interaction and graphical representations of recordings."

"The graphical user interface is quite poor."

"There should be AI security solutions implemented."

"The product's integration capabilities are an area of concern where improvements are required."

More Claroty Platform cons

Pricing and Cost Advice

"Licensing for this solution is paid on a yearly basis."

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."

"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."

"The cost is per port and can be expensive but it does include training and support for three years."

"We have a three-year license for this solution."

"The tool is quite expensive."

"The licensing for physical devices is cheap, but the software version is expensive. The software version costs around 26-28 dollars. I was surprised and even double-checked. It was shocking."

"It's a bit expensive compared to other solutions."

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

892,678 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

10%

Comms Service Provider

University

Construction Company

Manufacturing Company

15%

Energy/Utilities Company

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	8
Large Enterprise	7

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	1
Large Enterprise	11

Questions from the Community

What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?

If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...

See all answers

What needs improvement with Cisco Sourcefire SNORT?

I have not had much experience with the community-driven rule set while utilizing Cisco Sourcefire SNORT. I don't have experience with recognizing zero-day vulnerabilities, but based on my knowledg...

See all answers

What is your primary use case for Cisco Sourcefire SNORT?

Endpoint protection is the main use case. The main aspect involves specifying different rules, and when network traffic hits these rules, it will try to block the traffic or at least log the traffi...

See all answers

What needs improvement with Claroty Platform?

See all answers

What is your primary use case for Claroty Platform?

My clients are using the Claroty Platform for asset identification, finding CVEs and threat intel. I am aware of the continuous threat detection feature of the Claroty Platform, and even if it is g...

See all answers

What advice do you have for others considering Claroty Platform?

I am using the Claroty Platform but not using Armis. They might be able to integrate AI into the Claroty Platform when they are creating attack vectors. I have had a very good experience with the C...

See all answers

Comparisons

Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT

Compared 10% of the time

ExtremeCloud IQ vs Cisco Sourcefire SNORT

Compared 9% of the time

TrendAI Tipping Point vs Cisco Sourcefire SNORT

Compared 9% of the time

Splunk User Behavior Analytics vs Cisco Sourcefire SNORT

Compared 8% of the time

Fortra's Tripwire Enterprise vs Cisco Sourcefire SNORT

Compared 8% of the time

More Cisco Sourcefire SNORT Competitors

Nozomi Networks vs Claroty Platform

Compared 20% of the time

Armis vs Claroty Platform

Compared 8% of the time

Dragos vs Claroty Platform

Compared 8% of the time

Tenable OT Security vs Claroty Platform

Compared 6% of the time

Honeywell Forge vs Claroty Platform

Compared 5% of the time

More Claroty Platform Competitors

Product Reports

Buyer's Guide

Cisco Sourcefire SNORT

May 2026

Download Cisco Sourcefire SNORT product report

Buyer's Guide

Claroty Platform

May 2026

Download Claroty Platform product report

Also Known As

Sourcefire SNORT

No data available

Overview

Cisco Sourcefire SNORT is a versatile cybersecurity tool offering threat detection, scalability, and integration with Cisco tools. It is recognized for ease of configuration and comprehensive protection, making it suitable for intrusion prevention and firewall applications.

Cisco Sourcefire SNORT provides advanced malware protection and integrates seamlessly with Cisco products. It enables automatic IPS tuning, real-time visibility, and intelligent security automation, which together enhance network security. Users benefit from its URL filtering, email spam elimination, and it delivers low false positives. Though highly effective, feedback highlights a desire for improvements in stability, dashboard effectiveness, traffic blocking customizations, and integration with Cisco DNA Center. Cost concerns and calls for cloud-based deployments also emerge in user feedback. Technical support and performance are also discussed, with VPN configuration posing challenges.

What are the key features of Cisco Sourcefire SNORT?

Threat Detection: Identifies and mitigates network threats efficiently.
Scalability: Easily adapts to growing network demands.
Cisco Integration: Works smoothly with existing Cisco infrastructure.
Advanced Malware Protection: Provides comprehensive security against sophisticated threats.
Real-Time Visibility: Offers live insights into network activity.
Automatic IPS Tuning: Adjusts security policies dynamically.

What benefits can be found in user reviews?

Ease of Configuration: Streamlined setup process.
Comprehensive Protection: Low false positive rates ensuring broader security.
Robust Support: Access to extensive Cisco support network.

Organizations primarily deploy Cisco Sourcefire SNORT for network security in sectors like finance and healthcare. Used extensively in data centers with Cisco Firepower, it provides intrusion prevention, URL filtering, and VPN security. Pre-configured settings make it practical for on-premises deployment, ensuring secure user-to-server and server-to-server interactions.

Cisco

The Claroty Platform is tailored for monitoring and securing industrial control systems. It offers deep visibility into OT networks, enabling effective anomaly detection and vulnerability assessments. Its user-friendly interface and robust reporting tools facilitate easy management and compliance, enhancing organizational efficiency and cybersecurity posture in industrial environments.

Claroty

Sample Customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia

Rockwell Automation

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

April 2026

Download Free Report

Find out what your peers are saying about Fortinet, Darktrace, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS). Updated: April 2026.

DOWNLOAD NOW

892,678 professionals have used our research since 2012.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.