TrustRadius

Snort vs. Elastic Security

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Snort
Score 9.0 out of 10
N/A
Sourcefire developed Snort, an open source intrusion prevention system capable of real-time traffic analysis and packet logging. Snort was acquired (and is now supported) by Cisco in 2013.N/A
Elastic Security
Score 9.9 out of 10
N/A
Elastic Security equips analysts to prevent, detect, and respond to threats. The free and open solution delivers SIEM, endpoint security, threat hunting, and cloud monitoring. The solution encompasses Elastic SIEM, which brings Elasticsearch to SIEM and threat hunting. The Elastic Agent (or Elastic Endpoint Security based on the former Endgame security product acquired by Elastic in late 2019) brings signatureless malware prevention to endpoints, as well as security data collection for…N/A
Pricing
SnortElastic Security
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
SnortElastic Security
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
SnortElastic Security
Best Alternatives
SnortElastic Security
Small Businesses
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 7.5 out of 10
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 7.5 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Sumo Logic
Sumo Logic
Score 8.8 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Sumo Logic
Sumo Logic
Score 8.8 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
SnortElastic Security
Likelihood to Recommend
8.1
(5 ratings)
9.0
(1 ratings)
Support Rating
-
(0 ratings)
7.0
(1 ratings)
User Testimonials
SnortElastic Security
Likelihood to Recommend
Cisco
If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Verified User
Anonymous
Read full review
Elastic
I believe Endgame is well suited to organizations that have their own Cybersecurity department. Its not well suited for organizations that don't have a Cybersecurity department.
Verified User
Anonymous
Read full review
Pros
Cisco
  • IPS detection.
  • DoS detection.
  • Packet logging.
Verified User
Anonymous
Read full review
Elastic
  • Identify 0-day malware.
  • Provides a few forensic details on endpoints.
  • Very easy to administer.
Verified User
Anonymous
Read full review
Cons
Cisco
  • At times can be unstable with Cisco bugs, require frequent upgrading.
  • FTD images that are being pushed for ASAs are less efficient from an administration standpoint, no CLI.
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer
Alan Matson, CCNA:S, MCP
Senior Network Security Engineer
Read full review
Elastic
  • I would love that it provided more memory analysis details.
  • Being able to edit sensor profiles after creating them.
  • I would love it if it provided more automation features.
Verified User
Anonymous
Read full review
Support Rating
Cisco
No answers on this topic
Elastic
Even though their support is good, I think there are some areas where they need to provide more thorough solutions to issues, some of their solutions are pretty basic and have already been tried.
Verified User
Anonymous
Read full review
Alternatives Considered
Cisco
For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a Barracuda Web Filter, but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like. Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.
DM
David Myers
Network Administrator
Read full review
Elastic
Endgame is based on the MITRE framework which has proven to be a successful framework to identify various attack patterns that attackers use. Also, compared to the others it's easier to administer and manage.
Verified User
Anonymous
Read full review
Return on Investment
Cisco
  • Being open source, ROI on free is hard to beat for something that works.
  • I believe it greatly enhances the security of my network.
CD
Read full review
Elastic
  • Being able to identify threats we couldn't identify before.
  • Easier management of endpoints.
  • Being able to immediately isolate endpoints remotely that have high severity threats.
Verified User
Anonymous
Read full review
ScreenShots