Snort vs Darktrace

Likelihood to Recommend

If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.

Read full review

Verified User

Consultant in Marketing

Government Administration Company, 501-1000 employees

View all 5 answers on this topic

I think if you manage a large number of mailboxes, you need a reliable solution to protect corporate email from any threat. This solution uses AI to analyze emails to check if they're safe or if it's a risk for the organization. It has a good UI (all in English), and the more you're using it, the more you get. There are a lot of metrics and indicators to help the email security admin.

Read full review

Antonio Rodriguez

Information Technology Audit Manager

GDESFacilities Services, 201-500 employees

View all 8 answers on this topic

Pros

IPS detection.
DoS detection.
Packet logging.

Read full review

Verified User

Manager in Information Technology

Information Technology & Services Company, 10,001+ employees

View all 5 answers on this topic

Monitors your network for unusual behaviour; as it learns what is normal for your network, you don't need to worry too much about things that are normal for your organisation, but might be considered odd in other places, triggering as alarms. It can also detect more subtle changes such as a device accessing a server but at an unusual time.
There are a large number of models that are used to create the alerts, which can all be customised, and you can also create your own from scratch, to allow you to tailor it perfectly to your situation.

Read full review

Verified User

Engineer in Information Technology

Aviation & Aerospace Company, 501-1000 employees

View all 8 answers on this topic

Cons

At times can be unstable with Cisco bugs, require frequent upgrading.
FTD images that are being pushed for ASAs are less efficient from an administration standpoint, no CLI.

Read full review

Alan Matson, CCNA:S, MCP

Senior Network Security Engineer

InsightInformation Technology and Services, 5001-10,000 employees

View all 5 answers on this topic

Really had a poor time of identifying devices and what the device's purpose was - a simple nmap scan did a better job. The problem is they expect you to fine-tune the results - which is exactly what you would expect - but day one it found over 2,000 servers (and I only have 112).
Really had a hard time separating network traffic into locations - I use distinct subnets for my buildings, but there was no good way to create a logical map of my traffic internally. Did not garner a sense of trust that it was seeing everything.
Sat through a few "analyst" reports - which showed me possible threats in my environment. I am already using a few open source tools, and they actually found more than the analyst reports. Also, there was no way to get the reports on your own - you had to work through their analysts to get the information.

Read full review

Matthew Frederickson

Director of Information Technology

Council Rock School DistrictEducation Management, 1001-5000 employees

View all 8 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Starting Price

—

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Starting Price

—

Support Rating

No score

No answers yet

No answers on this topic

Darktrace 9.4

Based on 4 answers

Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.

Read full review

Verified User

Professional in Information Technology

Primary/Secondary Education Company, 1001-5000 employees

View all 4 answers on this topic

Alternatives Considered

For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a Barracuda Web Filter, but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like.Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.

Read full review

David Myers

Network Administrator

West Wichita Family Physicians, P.A.Hospital & Health Care, 201-500 employees

View all 5 answers on this topic

The Darktrace user interface was improved. Darktrace provides more metrics and more info to decide if an email is malicious or not in doubt case. Darktrace provides a lot of info about the email being analyzed, if there was a previous communication between both parts before for example, it's so easy to deploy.

Read full review

Antonio Rodriguez

Information Technology Audit Manager

GDESFacilities Services, 201-500 employees

View all 8 answers on this topic

Return on Investment

Being open source, ROI on free is hard to beat for something that works.
I believe it greatly enhances the security of my network.

Read full review

Curt Dickman

Owner

Grandpa's GarageAutomotive, 1-10 employees

View all 5 answers on this topic

Darktrace is covering some lack of security issues.
Darktrace helps the company to follow some compliance obligations.
Darktrace can't solve all issues. It needs to work with other Security tools (e.g Splunk).

Read full review

Fabio Silva

Senior Network Engineer

FexcoFinancial Services, 1001-5000 employees

View all 8 answers on this topic

Snort

Darktrace

Attribute Ratings

Likelihood to Recommend

Snort

Darktrace

Support Rating

Snort

Darktrace

Pros

Cons

Pricing Details

General

Free Trial

Free/Freemium Version

Premium Consulting/Integration Services

Entry-level set up fee?

Starting Price

General

Free Trial

Free/Freemium Version

Premium Consulting/Integration Services

Entry-level set up fee?

Starting Price

Support Rating

Alternatives Considered

Return on Investment

Add comparison