Snort vs. pfSense

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Snort
Score 8.4 out of 10
N/A
Sourcefire developed Snort, an open source intrusion prevention system capable of real-time traffic analysis and packet logging. Snort was acquired (and is now supported) by Cisco in 2013.N/A
pfSense
Score 9.2 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
$179
per appliance
Pricing
SnortpfSense
Editions & Modules
No answers on this topic
SG-1100
$179
per appliance
SG-2100
$229
per appliance
SG-3100
$399
per appliance
SG-5100
$699
per appliance
XG-7100-DT
$899
per appliance
XG-7100-1U
$999
per appliance
XG-1537
$1,949
per appliance
XG-1541
$2,649
per appliance
Offerings
Pricing Offerings
SnortpfSense
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Features
SnortpfSense
Firewall
Comparison of Firewall features of Product A and Product B
Snort
-
Ratings
pfSense
7.6
11 Ratings
11% below category average
Identification Technologies00 Ratings5.010 Ratings
Visualization Tools00 Ratings7.08 Ratings
Content Inspection00 Ratings4.111 Ratings
Policy-based Controls00 Ratings10.011 Ratings
Active Directory and LDAP00 Ratings7.09 Ratings
Firewall Management Console00 Ratings9.510 Ratings
Reporting and Logging00 Ratings8.011 Ratings
VPN00 Ratings10.011 Ratings
High Availability00 Ratings10.011 Ratings
Stateful Inspection00 Ratings7.011 Ratings
Proxy Server00 Ratings6.011 Ratings
Best Alternatives
SnortpfSense
Small Businesses
AlienVault USM
AlienVault USM
Score 8.0 out of 10
Sophos UTM
Sophos UTM
Score 8.9 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Next-Generation Firewalls - PA Series
Next-Generation Firewalls - PA Series
Score 9.3 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Next-Generation Firewalls - PA Series
Next-Generation Firewalls - PA Series
Score 9.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
SnortpfSense
Likelihood to Recommend
8.1
(5 ratings)
9.7
(24 ratings)
Usability
-
(0 ratings)
10.0
(1 ratings)
User Testimonials
SnortpfSense
Likelihood to Recommend
Cisco
If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Read full review
Netgate (Rubicon Communications, LLC)
Because pfSense is built around open source software, it is very convenient to be able to deploy in the event of hardware failure. We once had a client with a proprietary router that failed. While the router was under warranty, the expected time for the new router to arrive was about 2 weeks. We decided to implement pfSense for the client as a stop gap and ultimately ended up deploying the full enterprise appliance. Being able to get up and running using commodity hardware was a huge win for the client. We've also had a great amount of success deploying pfSense hardware at apartment complexes. The DNS resolver works great and we've had no issues handling multiple VLANs with various DHCP scopes on it. Finally, we've had clients that require having a failover cluster. Utilizing the built in CARP capabilities, we've been able to provide a very robust failover system that requires little maintenance and no downtime in the event of equipment failure.
Read full review
Pros
Cisco
  • IPS detection.
  • DoS detection.
  • Packet logging.
Read full review
Netgate (Rubicon Communications, LLC)
  • Easy to use. Good user interface design! Easy to understand and easy to set up.
  • Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
Read full review
Cons
Cisco
  • At times can be unstable with Cisco bugs, require frequent upgrading.
  • FTD images that are being pushed for ASAs are less efficient from an administration standpoint, no CLI.
Read full review
Netgate (Rubicon Communications, LLC)
  • I did kind of mention a Con in the Pro section with OpenVPN.
  • When I create a config for an employee other employees are able to login to that config.
  • I could be doing something wrong when I am making it - I am not afraid to admit that as I am pretty new to all of this, but it seems like it builds a key and I would think the key would be unique in some way to each employee, but I could be wrong.
  • I actually do not have a lot of Con's for this software - I did not get to set this up on our work network so I am not sure of any downfalls when installing.
  • I installed this on my personal machine in a Hyper-V environment to get a feel for it before I started working on it at work and it seemed pretty smooth. I didn't run into any issues.
Read full review
Usability
Cisco
No answers on this topic
Netgate (Rubicon Communications, LLC)
The interface is simple, has sane defaults, and is consistent throughout.
Read full review
Alternatives Considered
Cisco
For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a Barracuda Web Filter, but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like. Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.
Read full review
Netgate (Rubicon Communications, LLC)
While you can get the performance out of other products, pfSense offers the unique ability to put other services on the same device. Products such as Untagle's NG Firewall and SonicWall's TZ series offer cost effective options for firewall and VPN services, having incoming load balancing and connection proxies on the same device as the firewall offers extremely easy configuration and day to day management of network services
Read full review
Return on Investment
Cisco
  • Being open source, ROI on free is hard to beat for something that works.
  • I believe it greatly enhances the security of my network.
Read full review
Netgate (Rubicon Communications, LLC)
  • Using pfSense has allowed us to build a professional network in our small office without needing a lot of proprietary hardware, saving thousands of dollars in IT infrastructure investment.
  • The cost for using pfSense is free, so it's a great option for those who don't have a large IT budget
  • pfSense utilizes all of the industry standard services to provide all of it's functionality, so support for service-level issues is readily available
  • Because of how much work has been put into pfSense to make it rock solid and reliable, we're able to support our network with minimal IT staffing, saving us thousands of dollars/year in personnel alone.
Read full review
ScreenShots