TrustRadius
Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Snort
Score 9.0 out of 10
N/A
Sourcefire developed Snort, an open source intrusion prevention system capable of real-time traffic analysis and packet logging. Snort was acquired (and is now supported) by Cisco in 2013.N/A
Security Onion
Score 10.0 out of 10
N/A
Security Onion is a free and open source Linux distribution for threat hunting, enterprise security monitoring, and log management, developed by the company of the same name in Evans. Their products include both the Security Onion software and specialized hardware appliances that are built and tested to run Security Onion. The company also offers paid support and training services.N/A
Splunk Observability Cloud
Score 8.2 out of 10
N/A
Splunk Observability Cloud aims to enable operational agility and better customer experience through real-time AI-driven streaming analytics allowing accurate alerts in seconds. It is designed to shorten MTTD and MTTR by providing real-time visibility into cloud infrastructure and services.
$180
per year per host
Pricing
SnortSecurity OnionSplunk Observability Cloud
Editions & Modules
No answers on this topic
No answers on this topic
Infrastructure
$15
per month (billed annually) per host
App & Infra
$60
per month (billed annually) per host
End-to-End
$75
per month (billed annually) per host
Offerings
Pricing Offerings
SnortSecurity OnionSplunk Observability Cloud
Free Trial
NoNoYes
Free/Freemium Version
NoNoNo
Premium Consulting/Integration Services
NoNoNo
Entry-level Setup FeeNo setup feeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
SnortSecurity OnionSplunk Observability Cloud
Best Alternatives
SnortSecurity OnionSplunk Observability Cloud
Small Businesses
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 7.6 out of 10
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 7.6 out of 10
InfluxDB
InfluxDB
Score 8.8 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Sumo Logic
Sumo Logic
Score 8.8 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
NetBrain Technologies
NetBrain Technologies
Score 9.2 out of 10
All AlternativesView all alternativesView all alternativesView all alternatives
User Ratings
SnortSecurity OnionSplunk Observability Cloud
Likelihood to Recommend
8.1
(5 ratings)
8.0
(1 ratings)
7.7
(57 ratings)
Likelihood to Renew
-
(0 ratings)
-
(0 ratings)
7.0
(2 ratings)
Usability
-
(0 ratings)
-
(0 ratings)
7.6
(16 ratings)
Support Rating
-
(0 ratings)
-
(0 ratings)
10.0
(1 ratings)
Implementation Rating
-
(0 ratings)
-
(0 ratings)
10.0
(1 ratings)
User Testimonials
SnortSecurity OnionSplunk Observability Cloud
Likelihood to Recommend
Cisco
If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Verified User
Anonymous
Read full review
Security Onion Solutions, LLC
Security Onion works well for setting up within a Linux environment. This brings a new platform to run and maintain though. The application its self has helped to keep track of logs and vulnerabilities in the environment. Alert triage and case creation is simple to start and follow through to the end.
Verified User
Anonymous
Read full review
Cisco
Its great if you need real-time visibility across complex or regulated environments. Also strong for hybrid or multi-cloud setups where uptime, observability and fast IR are required. It’s probably overkill for smaller teams or environments that don’t have constant changes or compliance reporting needs. It's expensive and has a steep learning curve. Also, in my opinion, do not get yourself into a consumption based model. Costs can certainly get out of control quickly.
Verified User
Anonymous
Read full review
Pros
Cisco
  • IPS detection.
  • DoS detection.
  • Packet logging.
Verified User
Anonymous
Read full review
Security Onion Solutions, LLC
  • GUI
  • Support
  • Easy of use
Verified User
Anonymous
Read full review
Cisco
  • The first one is its Kubernetes container monitoring.
  • I really like this features because as we know how much K8s is vast and to manually monitor each part of the Kubernetes it takes so much time but Splunk Observability Cloud makes it easier. And even once we integrate K8s with Splunk Observability Cloud it gives us some prebuilt dashboards which gives holistic view of our Cluster and its nodes, pods, etc.
  • The dashbaord feature of Splunk Observability Cloud, it gives us full flexibility to customize our dashboard with a wide range of predefined chart types.
  • Now it also supports OTEL, which is a plus point for observability. As now everyone is moving towards Otel and in current market there are only few tools who supports OTEL based integrations, Splunk Observability Cloud is one out of them.
Verified User
Anonymous
Read full review
Cons
Cisco
  • At times can be unstable with Cisco bugs, require frequent upgrading.
  • FTD images that are being pushed for ASAs are less efficient from an administration standpoint, no CLI.
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer
Alan Matson, CCNA:S, MCP
Senior Network Security Engineer
Read full review
Security Onion Solutions, LLC
  • Requires Linux
  • Training
Verified User
Anonymous
Read full review
Cisco
  • You can use table-like functionality to generate dashboards, but these queries are heavy on the system.
  • It could be easier to give insight into what type of line parsing is used for specific documents in a company-managed environment and/or show ways to gain the insights needed.
  • I would like to see ways to anonymize specific data for shared reports without pre-formatting this in a dashboard on which reports could be based.
Verified User
Anonymous
Read full review
Likelihood to Renew
Cisco
No answers on this topic
Security Onion Solutions, LLC
No answers on this topic
Cisco
Good: Stable system with low error rate Easy to use for simple use cases Bad: UI is not very clear for complex usage Mobile view (when logged in from phone) is bad No library for .net
Verified User
Anonymous
Read full review
Usability
Cisco
No answers on this topic
Security Onion Solutions, LLC
No answers on this topic
Cisco
When there is an issue, it’s a win if one can easily identify the root cause. To do the same, it should allow the user to dig deep with multiple data points and compare the data and identify the anomaly. In this use case, it’s good to drive from Splunk 011y.
Verified User
Anonymous
Read full review
Support Rating
Cisco
No answers on this topic
Security Onion Solutions, LLC
No answers on this topic
Cisco
Splunk support is very quick and efficient. Pre-sale specialists are very skilled and available.
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Implementation Rating
Cisco
No answers on this topic
Security Onion Solutions, LLC
No answers on this topic
Cisco
Follow a training before starting.
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Alternatives Considered
Cisco
For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a Barracuda Web Filter, but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like. Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.
DM
David Myers
Network Administrator
Read full review
Security Onion Solutions, LLC
Other vendors may have a more robust solution but for our needs, Security Onion was the one to move forward with. We have tested some of the others but the cost of those platforms makes the ROI not as desirable. There is a learning curve with Security Onion but it is worth it for the value provided.
Verified User
Anonymous
Read full review
Cisco
Splunk Infrastructure Monitoring provides far superior options for anybody using a complex hybrid multi-cloud environment and allows both your SOC and NOC to work together on the same data while driving their own insights. We found other products are still in the old world view of servers and agents residing together within a single data centre, but modern apps are no longer like this.
David Williams | TrustRadius Reviewer
David Williams
CIO (Chief Information Officer)
Read full review
Return on Investment
Cisco
  • Being open source, ROI on free is hard to beat for something that works.
  • I believe it greatly enhances the security of my network.
CD
Read full review
Security Onion Solutions, LLC
  • Makes Alert Triage easier to handle
  • Analysis of threats simple
Verified User
Anonymous
Read full review
Cisco
  • Significantly reduced the MTTR (Mean Time To Recovery), which in turn has improved the end-user experience tremendously.
  • Meets compliance requirements of security policies, audit, regulation, and forensics.
  • Helps us to track/manage the resource usage on our cloud instances which has a direct implication on the recurring cost.
Verified User
Anonymous
Read full review
ScreenShots

Splunk Observability Cloud Screenshots

Screenshot of Real-time monitoring for public, private and hybrid cloud