No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Sourcefire SNORT vs Lumu comparison

Cisco and Lumu Technologies are both solutions in the Intrusion Detection and Prevention Software (IDPS) category. Cisco is ranked #14 with an average rating of 8.0, while Lumu Technologies is ranked #10 with an average rating of 9.0. Cisco holds a 3.1% mindshare in ID, compared to Lumu Technologies’s 2.0% mindshare. Additionally, 95% of Cisco users are willing to recommend the solution, compared to 100% of Lumu Technologies users who would recommend it.
Cisco Sourcefire SNORT
Read 20 Cisco Sourcefire SNORT reviews
  • 1,386 Views
  • 1,192 Comparison Views
95% willing to recommend
Lumu
Read 8 Lumu reviews
  • 1,966 Views
  • 904 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 19, 2024

Cisco Sourcefire SNORT and Lumu are competing in the network security space. Lumu has the upper hand due to its advanced capability in revealing network blind spots with continuous assessments, suggesting superior overall value.

Features: SNORT provides robust intrusion detection with extensive protocol analysis, content search, and rich threat detection capabilities. Lumu offers real-time threat intelligence, network metadata correlation, and automated threat analysis.

Room for Improvement: SNORT can improve by simplifying deployment, enhancing customer support, and reducing management complexity. Lumu could advance by expanding integration capabilities, lowering alert frequencies, and refining its analytics interface.

Ease of Deployment and Customer Service: SNORT involves a complex deployment requiring skilled personnel and relies mainly on community support. Lumu streamlines deployment with guided setup and intuitive operation, providing commendable customer service for continuous support.

Pricing and ROI: SNORT's open-source model reduces initial costs but may involve hidden expenses. Lumu, with a straightforward subscription fee, offers clear ROI with detailed analytics and threat mitigation. Despite SNORT's lower entry cost, Lumu's predictable pricing and extensive utility justify its premium.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cisco Sourcefire SNORT vs. Lumu Report (Updated: March 2026).
Buyer's Guide
Cisco Sourcefire SNORT vs. Lumu
March 2026
Download the complete report
Helped 885,667 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Sourcefire SNORT
Ranking in Intrusion Detection and Prevention Software (IDPS)
14th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
No ranking in other categories
Lumu
Ranking in Intrusion Detection and Prevention Software (IDPS)
10th
Average Rating
9.2
Reviews Sentiment
7.5
Number of Reviews
8
Ranking in other categories
Network Detection and Response (NDR) (6th), Extended Detection and Response (XDR) (16th)
 

Mindshare comparison

As of April 2026, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Sourcefire SNORT is 3.1%, up from 2.2% compared to the previous year. The mindshare of Lumu is 2.0%, down from 2.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
ProductMindshare (%)
Lumu2.0%
Cisco Sourcefire SNORT3.1%
Other94.9%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

reviewer2772102 - PeerSpot reviewer
reviewer2772102
Cloud Architect at a consultancy with 1-10 employees
Logging and customizable rules have helped improve threat monitoring and detection
The logging is mainly what I consider one of the best features with Cisco Sourcefire SNORT. Being able to log and store it in a file allows you to push it to a centralized repository. The logging and reporting help improve incident response. You should always be logging threats, any sort of misconfiguration, and anything that could be an issue. It's important to at least log and monitor it. The basic rules provide a good baseline in assessing Cisco Sourcefire SNORT's ability in providing real-time analytics for threat detection, but as a professional, you should look to constantly modify that baseline. They provide extensive customizability so you can define your own rules. The customizability allows it to be adaptable in protecting against diverse network threats to the constant change.
Read full review
JJ
Jeremiah Johnson
Director, Information Technology at a educational organization with 201-500 employees
Constant monitoring and analysis boosts network security
There is always room for improvement. I am not giving it a perfect score because I am sure there is something that could be enhanced.Having some sort of certification or training, along with more periodic webinars might be helpful. Having a larger support network would be beneficial. Nobody I know has heard of Lumu, so they are in the same space as Darktrace or CrowdStrike, but people give blank stares. As the community grows for Lumu then that will improve, but that is not really a criticism of Lumu, they simply have not been around that long.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool's most valuable feature is threat detection, which is important because we have multiple layers not only in Cisco."
"Users have access to intelligent security automation as one of the features, which can easily automate your event impact assessment so your IPS policy tuning can be done as well as your network behavior analysis, and you can do real-time contextual awareness with correlation of events created on your applications, user devices, operating systems, or vulnerabilities, with all of this real-time data captured including your apps and port scans."
"This solution makes life a lot easier as there are fewer man-hours required and we no longer need too many resources to manage it."
"I like most of Cisco's features, like malware detection and URL filtering."
"With Cisco Sourcefire SNORT, we've been able to prevent and detect intrusion in our network and actually decrease our SLA (Service Level Agreement)."
"The whole solution is very good, and stable."
"Cisco technical support is unbeatable. It offers a premium service every time."
"It has a huge rate of protection, a low level of positives, is easy to deploy and implement, has an incredible price rate compared to similar solutions, and has a good support channel and technical assistance."
More Cisco Sourcefire SNORT pros
"You can access external links, playbooks, MITRE Matrix, and a lot of information."
"Lumu has allowed us to operate cybersecurity in a better way, with a manageable number of incidents that contain all the context including the Mitre matrix and much more, while providing visibility across on-premise, cloud, remote environments, and IoT such as IP cameras, with automatic mitigation that lets our team focus only on incidents that require our full attention."
"Most of it is automated, so I do not have to watch it to get alerts."
"Lumu protects against threats immediately and handles them in time."
"With this solution, you don’t need to invest in expensive cybersecurity software because you can operate within the product easily."
"The automated response to incidents works effectively out of the box, and the number of interfaces and platforms it can work with is impressive."
"I like Lumu's simple user interface. When we deployed it, we got full access, allowing us to identify IP addresses on the network and connect machine names to users. It helped us identify and block threats via the firewall. I also appreciate the chat support and ticket closure process. We're currently reviewing network detection solutions, and my recommendations include Lumu, Sentinel, and a few others. Regarding functionality and user-friendliness, I would recommend Lumu over the others."
"The context provided by the tool is very complete, it includes the miter matrix, playbooks, links, hashes, and much more."
More Lumu pros
 

Cons

"Performance needs improvement."
"The implementation could be a bit easier."
"There are problems setting up VPNs for some regions."
"The price of this solution could be improved."
"If the price is brought down then everybody will be happy."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"Sometimes the solution will offer up false positives."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
More Cisco Sourcefire SNORT cons
"The reports need improvement."
"I am happy with the current features. However, one important one is to improve the reports."
"The integration with different vendors and endpoints could be improved."
"Lumu's ability to discover threats is an area of concern where improvements are needed."
"Nothing so far needs to be improved."
"It would be good if we could access the physical logs."
"The reports need improvement."
"I am happy with the current features. However, one important one is to improve the reports."
More Lumu cons
 

Pricing and Cost Advice

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."
"We have a three-year license for this solution."
"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."
"Licensing for this solution is paid on a yearly basis."
"The cost is per port and can be expensive but it does include training and support for three years."
"The tool is available at a good price. The tool offers a good and competitive price for customers."
"Compared to Lumu, other solutions are more expensive. SentinelOne was a bit cheaper, and another provider's price structure is unclear, but Lumu fit our budget nicely. SentinelOne's cost depends on the number of devices, and it might be similar to Lumu's, depending on deployment."
"It is the cheapest solution we found."
report
See which vendors are best for you
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
See recommendations
885,667 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
University
10%
Construction Company
9%
Comms Service Provider
9%
Financial Services Firm
8%
Financial Services Firm
10%
Comms Service Provider
8%
Insurance Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise8
Large Enterprise7
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise1
Large Enterprise4
 

Questions from the Community

What do you like most about Cisco Sourcefire SNORT?
The product is inexpensive compared to leading brands such as Palo Alto or Fortinet.
See all answers
What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?
If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...
See all answers
What needs improvement with Cisco Sourcefire SNORT?
I have not had much experience with the community-driven rule set while utilizing Cisco Sourcefire SNORT. I don't have experience with recognizing zero-day vulnerabilities, but based on my knowledg...
See all answers
What do you like most about Lumu?
Lumu protects against threats immediately and handles them in time.
See all answers
What needs improvement with Lumu?
There is always room for improvement. I am not giving it a perfect score because I am sure there is something that could be enhanced.Having some sort of certification or training, along with more p...
See all answers
What is your primary use case for Lumu?
We use it as our managed SOC instead of contracting with an MSP. It coordinates endpoint and gives us a single pane of glass for our security events.It fulfills the role of a SIEM, serving as our d...
See all answers
 

Comparisons

Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT Logo
Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT
Compared 12% of the time
Fortinet FortiGate vs Cisco Sourcefire SNORT Logo
Fortinet FortiGate vs Cisco Sourcefire SNORT
Compared 9% of the time
TrendAI Tipping Point vs Cisco Sourcefire SNORT Logo
TrendAI Tipping Point vs Cisco Sourcefire SNORT
Compared 9% of the time
ExtremeCloud IQ vs Cisco Sourcefire SNORT Logo
ExtremeCloud IQ vs Cisco Sourcefire SNORT
Compared 8% of the time
Palo Alto Networks Advanced Threat Prevention vs Cisco Sourcefire SNORT Logo
Palo Alto Networks Advanced Threat Prevention vs Cisco Sourcefire SNORT
Compared 8% of the time
More Cisco Sourcefire SNORT Competitors
Darktrace vs Lumu Logo
Darktrace vs Lumu
Compared 18% of the time
Stellar Cyber Open XDR vs Lumu Logo
Stellar Cyber Open XDR vs Lumu
Compared 9% of the time
Wazuh vs Lumu Logo
Wazuh vs Lumu
Compared 8% of the time
TrendAI Vision One vs Lumu Logo
TrendAI Vision One vs Lumu
Compared 6% of the time
Microsoft Defender XDR vs Lumu Logo
Microsoft Defender XDR vs Lumu
Compared 6% of the time
More Lumu Competitors
 

Product Reports

Buyer's Guide
Cisco Sourcefire SNORT
March 2026
Cisco Sourcefire SNORT reportDownload Cisco Sourcefire SNORT product report
Buyer's Guide
Lumu
March 2026
Lumu reportDownload Lumu product report
 

Also Known As

Sourcefire SNORT
No data available
 

Overview

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

Cisco

Lumu Technologies is a cyber-security company that illuminates threats, attacks, and adversaries affecting enterprises worldwide. Using actionable intelligence, Lumu provides a radical way to secure networks by enhancing and augmenting existing defense capabilities established over the past 25 years.

Lumu Technologies
 

Sample Customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
Information Not Available
Buyer's Guide
Cisco Sourcefire SNORT vs. Lumu
March 2026
Free Report: Cisco Sourcefire SNORT vs. Lumu
Find out what your peers are saying about Cisco Sourcefire SNORT vs. Lumu and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,667 professionals have used our research since 2012.
See our Cisco Sourcefire SNORT vs. Lumu report.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.