No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Sourcefire SNORT vs Trend Micro Deep Discovery [EOL] comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 26, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Sourcefire SNORT
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (13th)
Trend Micro Deep Discovery ...
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
29
Ranking in other categories
No ranking in other categories
 

Featured Reviews

reviewer2772102 - PeerSpot reviewer
Cloud Architect at a consultancy with 1-10 employees
Logging and customizable rules have helped improve threat monitoring and detection
The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.
reviewer2266119 - PeerSpot reviewer
Senior IT Security Engineer at a financial services firm with 5,001-10,000 employees
Has improved email security through advanced filtration and timely threat detection
I work with Trend Micro Apex One. I have used the Deep Discovery's Sandbox analysis feature, and we utilize another appliance known as Deep Discovery Analyzer, abbreviated as DDA. This tool makes analysis for URLs and attachments contained in inbound emails, so whenever we receive an email with a URL or attachment, it will be analyzed by Trend Micro Deep Discovery Analyzer. In evaluating Deep Discovery's real-time visibility on network traffic, it is important to note that we applied our Deep Discovery Analyzer for Trend Micro to conduct sandboxing specifically for email channels only, and we do not utilize it for network channels. For network channel sandboxing, we use a solution called FortiAnalyzer, which belongs to another team called network security. I assess Deep Discovery's effectiveness in identifying sophisticated attack patterns by looking at how it handles high traffic loads, and how effectively it can use its instances and images to analyze numerous URLs and attachments simultaneously. Additionally, I evaluate its ability to maintain round-robin or load balancing across different analyses without leaving samples queued for analysis. The performance is critical when the product updates for signatures are up-to-date, as this aids in the detection and classification of URLs and attachments without delay in the analysis process. On a scale of one to ten, I rate Trend Micro Deep Discovery a nine.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"Users have access to intelligent security automation as one of the features, which can easily automate your event impact assessment so your IPS policy tuning can be done as well as your network behavior analysis, and you can do real-time contextual awareness with correlation of events created on your applications, user devices, operating systems, or vulnerabilities, with all of this real-time data captured including your apps and port scans."
"The solution is rather easy to use."
"The solution is stable."
"I would recommend this solution; it's reliable and scalable, with easy installation and integration."
"The most valuable feature is reliability, and this solution is better than Check Point."
"This solution makes life a lot easier as there are fewer man-hours required and we no longer need too many resources to manage it."
"It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
"The HTML file sandboxing is very good."
"Generally speaking, it just gives us a broad understanding of exactly what kind of threats occur. The submission point, analyzing point, and virtualization are within the environment that it supports. It helped us to improve our security levels and protect our internal network from any threats outside."
"Trend Micro Deep Discovery Email Inspector includes its ability to perform mail detection and mail filtration against various email attacks such as phishing and spam, serving as an email gateway for both inbound and outbound traffic."
"Trend Micro is a good solution and our clients are happy with it."
"Deep Discovery is scalable and compatible with other products. It's crucial to have that compatibility because it's an integral part of our security solution. It integrates smoothly. The interface is user-friendly, so administration is simple."
"All in all, the variety of products provided by Trend Micro will give you a huge step up into checking and defending yourself from any threats."
"The platform provides all essential features for discovery and administration."
"Trend Micro Deep Discovery is a very specific product for threat intelligence with smart protection."
 

Cons

"With the next release, I would like to see some PBR, so that you can do the configuration with the features."
"Performance needs improvement."
"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."
"The price of this solution could be improved."
"The utopia is to see everything from one dashboard, but sometimes that's not very possible."
"The customization of the rules can be simplified."
"This is a good solution, but some others may have some advantages."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"The product's scalability feature needs to be improved, as it is an area in the product with certain shortcomings."
"Additionally, better scanning capabilities for third-party applications would ensure comprehensive security without the need for exclusions."
"I would like the ability to analyze all files in our internal network, at the same time on different operating systems. Not just three of them, but as many as possible."
"This solution could be improved with faster technical support and cheaper licensing prices."
"The main issue is its high cost."
"The stability of the solution could be improved. It should be 100% stable, but it's not there right now."
"There are certain aspects of flexibility in the policies that should be added to Deep Discovery."
"Deep Discovery is easy to manage, but there is still room for improvement on the administration and operations side. Competing products have a cleaner interface that makes it easier to manage their products. Trend Micro offers a lot of features in one product suite, but it can be unwieldy for the customer to manage all that with a single interface."
 

Pricing and Cost Advice

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
"We have a three-year license for this solution."
"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"The cost is per port and can be expensive but it does include training and support for three years."
"Licensing for this solution is paid on a yearly basis."
"Compared to its competitors, Trend Micro Deep Discovery is a little expensive."
"Overall, the price is good."
"The tool’s licensing costs depend on the customers."
"Trend Micro Deep Discovery is quite expensive compared to other endpoint security products."
"The price of the solution is lower compared to the competition."
"Its price is fine, but Trend Micro can improve the pricing in general. It is a hardware solution. It is based on the number of nodes, and according to the number of nodes, clients decide which box they should acquire. They have to renew their license every year. It is subscription-based."
"Overall, Trend Micro Deep Discovery has proven to be a reliable solution that enhances our security posture while minimizing operational disruptions."
"The licensing cost is a bit pricey. We pay a yearly subscription."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
904,054 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
9%
Comms Service Provider
8%
University
7%
Financial Services Firm
12%
Manufacturing Company
8%
Construction Company
8%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise8
Large Enterprise7
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise6
Large Enterprise10
 

Questions from the Community

What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
What needs improvement with Cisco Sourcefire SNORT?
I have not had much experience with the community-driven rule set while utilizing Cisco Sourcefire SNORT. I don't have experience with recognizing zero-day vulnerabilities, but based on my knowledg...
What is your primary use case for Cisco Sourcefire SNORT?
Endpoint protection is the main use case. The main aspect involves specifying different rules, and when network traffic hits these rules, it will try to block the traffic or at least log the traffi...
What needs improvement with Trend Micro Deep Discovery?
Server Protect is not commonly used. When considering the Sandbox feature, it only inspects small files, and not all types of files are supported. The solution is very expensive. The solution is no...
What is your primary use case for Trend Micro Deep Discovery?
I am working with Microsoft solutions, specializing in cyber security. I work with XDR, Apex One, Apex Central, Deep Security, Deep Discovery Inspector, and Deep Discovery Analyzer for monitoring t...
 

Also Known As

Sourcefire SNORT
Trend Micro Deep Discovery Inspector, Trend Micro Deep Discovery Analyzer
 

Overview

 

Sample Customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Allied Telesis, Atma Jaya Catholic University of Indonesia, Babou, Blekinge County Council, Delacour, Hiroshima Prefectural Government, Live Nation Entertainment Inc., Mazda Motor Logistics Europe, McGill University Health Centre, Mikuni Corporation, OKWAVE, Sinar Mas Land, SWICA, UTOC Corporation
Find out what your peers are saying about Fortinet, Darktrace, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS). Updated: June 2026.
904,054 professionals have used our research since 2012.