Cisco Sourcefire SNORT vs Claroty Platform comparison

"The solution is rather easy to use."

"Solid intrusion detection and prevention that scales easily in very large environments."

"The solution is stable."

"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."

"The tool's most valuable feature is threat detection, which is important because we have multiple layers not only in Cisco."

"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."

"Cisco technical support is unbeatable. It offers a premium service every time."

"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."

"The product helps mitigate potential threats, especially if its users have signature rules. The product also provides alerts."

"The tool's best feature was the UI and the simplicity it offers."

"I like how the tool does passive and active discovery and threat detection and shows risks, recommendations, and vulnerabilities. It gives risk scores and gathers everything in one place - IP, device name, etc. We can integrate it with other tools for overall network mapping. It's useful for audits, compliance, and monitoring of all devices in the industry. It provides both monitoring and control. We also have SRA for incident response, which lets us search all alerts if we deploy the Claroty Platform."

"I appreciate the active coding, deep inspection of packages, and data retrieval. The tool covers information about assets and attack vectors, which I find superior to other tools. Based on alerts, I create reports detailing how an attacker can penetrate the plant, both externally and internally."

"The solution's asset management is really great compared to Dragos or Nozomi."

"The solution's most valuable feature is the map, which shows everything that is connected and communicates with each other."

"Claroty provides continuous threat protection and identifies pre-empty stuff and false positives."

"The main advantage of Claroty, when compared to its competitors, is integrated secure remote access."

"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."

"The customization of the rules can be simplified."

"There are problems setting up VPNs for some regions."

"With the next release, I would like to see some PBR, so that you can do the configuration with the features."

"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."

"The solution's approach to managing traffic blocking is confusing and impractical."

"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."

"If the price is brought down then everybody will be happy."

"There are a few protocols that Claroty doesn't currently support."

"Claroty Platform only gives the vulnerabilities based on the make and model of the devices, so it doesn't provide any resolution or any detailed explanation of how one can resolve such issues."

"The product's integration capabilities are an area of concern where improvements are required."

"The graphical user interface is quite poor."

"The product could be improved in terms of user interface design."

"Claroty Platform could improve the pricing to get more acceptability in the market."

"We face issues in the alert investigation area because it does not properly give the alert communication patterns."

"I've reported four bugs and three feature requests so far. The main area of focus should be on how attacks are detected. The attack vector information needs to be more detailed. For example, it's not enough to state that an SMB v1 version open can lead to a WannaCry attack. A more detailed explanation should help clients understand the various ways an attack could occur."

"The cost is per port and can be expensive but it does include training and support for three years."

"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."

"Licensing for this solution is paid on a yearly basis."

"We have a three-year license for this solution."

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."

"The tool is quite expensive."

"It's a bit expensive compared to other solutions."

"The licensing for physical devices is cheap, but the software version is expensive. The software version costs around 26-28 dollars. I was surprised and even double-checked. It was shocking."