Likelihood to Recommend If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Read full review Tripwire Enterprise is great for hosting/data center environments and it greatly helps where console screenshots and reporting fill a lot of our client internal audit needs for security and change control.
Read full review Pros IPS detection. DoS detection. Packet logging. Read full review It allows us to track development changes for engineer accountability. Tripwire Enterprise also allows us to monitor changes/updates being done to our systems in our hosting centers. We use the software to track user access and critical system changes. Read full review Cons At times can be unstable with Cisco bugs, require frequent upgrading. FTD images that are being pushed for ASAs are less efficient from an administration standpoint, no CLI. Read full review In previous versions the management console was a little hard to navigate in some respects. I'm sure this has changed over time but we hope the reporting system has gotten more granular. I really don't have to many cons for this product, I recommend it for every company I work for! Read full review Alternatives Considered For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a
Barracuda Web Filter , but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like. Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.
Read full review Honestly, I haven't used other products to do what Tripwire does, it's always my first recommendation.
Read full review Return on Investment Being open source, ROI on free is hard to beat for something that works. I believe it greatly enhances the security of my network. Read full review Tripwire has been a positive business impact for us because of its trusted name. Our customers require software like Tripwire because they know their data and security concerns are in good hands when it's deployed. The ROI for Tripwire is also a positive for our business because of the time and man power saved in due diligence and reporting for our clients' internal auditing. Read full review ScreenShots