Cisco Sourcefire SNORT vs Palo Alto Networks Advanced Threat Prevention comparison

Cisco Sourcefire SNORT vs. Palo Alto Networks Advanced Threat Prevention

Download the complete report

Helped 860,592 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Sourcefire SNORT

Ranking in Intrusion Detection and Prevention Software (IDPS)

14th

Average Rating

7.6

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Palo Alto Networks Advanced...

Ranking in Intrusion Detection and Prevention Software (IDPS)

7th

Average Rating

8.6

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of July 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Cisco Sourcefire SNORT is 3.6%, down from 3.8% compared to the previous year. The mindshare of Palo Alto Networks Advanced Threat Prevention is 7.6%, down from 8.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

Jack Poon

Treasury Specialist at Dah Sing Bank

Offers ease of setup and good documentation

When it comes to the product's deployment phase, we have a lot of vendor support. We have a lot of skills here in Hong Kong. Our company doesn't find any problem deploying Cisco solutions. The solution is deployed on an on-premises version. Speaking about the time required to deploy the solution, I would say that we have quite a lot of previous experience with deploying Cisco products. We have our company's standard design document, which we need to follow. We have a standard testing procedure for all those features. We just take out some appropriate parts and then compile them into one document for an individual project. It is actually quite easy for us to do the documentation, so it just takes one or two hours, and we can do the implementation because all the materials and testing procedures are already in our company standard documents, so it is not that difficult for us.

Read full review

NenadMijatovic

Director of Sales at S4E Serbia

Offers threat detection and prevention empowered by advanced machine learning capabilities

The most valuable feature is its use of machine learning to detect potentially unknown threats. Using various techniques, the system can conclude if there is a malware threat in network traffic. It offers inline security, stopping malware quickly without relying on cloud support. Advanced Threat Prevention integrates other tools from Palo Alto like virus definitions and application behavior checking.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The URL filtering is very good and you can create a group for customized URLs."

"It is quite an intelligent product."

"The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates."

"Solid intrusion detection and prevention that scales easily in very large environments."

"The whole solution is very good, and stable."

"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."

"The solution is stable."

"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."

More Cisco Sourcefire SNORT pros

"The most valuable features are that it's user-friendly, has interesting features, URL filtering, and threat prevention."

"The initial setup was straightforward. It's quite easy. Deployment took one to two weeks."

"One of the most valuable features is the anti-malware protection."

"You can scale the product."

"It effectively prevents malware, ransomware, and other attacks."

"Everything has been okay with the solution. We are using all of the features."

"The application control and vulnerability protection are the most valuable features."

"For those who want a next-gen firewall that's easy to configure and easy to operate, I think you should go for Palo Alto."

More Palo Alto Networks Advanced Threat Prevention pros

Cons

"There are problems setting up VPNs for some regions."

"If the price is brought down then everybody will be happy."

"The cloud can be improved."

"I would like to have analytics included in the suite."

"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."

"Integration with other components — even Cisco's own products — can be enhanced to improve administrative experience."

"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."

"To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have."

More Cisco Sourcefire SNORT cons

"The price of licenses should be lowered to make it less costly to scale our solution."

"It's not so easy to set up a test environment, because it's not so easy to get the test license. The vendor only gives you 90 days for a test license; it's a tough license to get."

"Right now we are focusing on email. If Palo Alto can increase the features related to email filtering and the new malware, it would help us protect our systems."

"The documentation needs to be improved. I need better information about how to configure it and what the best practices are."

"Mission learning techniques should continue to expand and detect unknown threats on the fly."

"The pricing has improved with the newer generation of their Firewalls, but the price could always be lower. In comparison with other solutions, I believe they're quite competitive."

"The behavioral detection capabilities could be expanded to address all threats at the perimeter, reducing the reliance on endpoint detection and response systems."

"Generally, to deploy it will take some downtime, about a day."

More Palo Alto Networks Advanced Threat Prevention cons

Pricing and Cost Advice

"The cost is per port and can be expensive but it does include training and support for three years."

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."

"Licensing for this solution is paid on a yearly basis."

"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."

"We have a three-year license for this solution."

"The pricing has improved with the newer generation of their Firewalls, but the price could always be lower."

"There is an initial, expensive investment but the return is good."

"The pricing and the licensing are pretty competitive at this stage. As a reseller, I would like to see the price come down a little bit so I can compete better against other firewalls because we do that all the time."

"If you want to have all of the good features then you have to pay extra for licensing."

"Palo Alto Networks Advanced Threat Prevention is quite competitive, offering extensive threat detection and prevention capabilities, though it is priced higher than some alternatives."

"The price of the solution is higher than others on the market. A price reduction would be beneficial if it does not impact their database quality."

"From one to ten, with one being the most expensive, I would rate the pricing of Palo Alto Networks Threat Prevention a one out of ten. It is my understanding that Palo Alto Networks Threat Prevention is the most expensive one."

"The pricing could be lower."

More Palo Alto Networks Advanced Threat Prevention pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

860,592 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

12%

University

Manufacturing Company

Computer Software Company

15%

Manufacturing Company

10%

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco Sourcefire SNORT?

The product is inexpensive compared to leading brands such as Palo Alto or Fortinet.

What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?

If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other tools in the market that are more expensive than Cisco. There are no additional c...

What needs improvement with Cisco Sourcefire SNORT?

Cisco offers the Cisco DNA Center, which is a source that provides crucial information for us to monitor performance, and see whether there is any trouble. We are using Cisco DNA center, but again,...

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?

Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.

What do you like most about Palo Alto Networks Threat Prevention?

It is a stable product.

What is your experience regarding pricing and costs for Palo Alto Networks Threat Prevention?

Palo Alto Networks Advanced Threat Prevention requires an add-on license and is considered expensive compared to competitors like Cisco AMP and FortiGate ( /products/fortinet-fortigate-reviews ) fi...

Fortinet FortiGate IPS vs Cisco Sourcefire SNORT

Comparisons

Compared 19% of the time

Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT

Compared 16% of the time

Vectra AI vs Cisco Sourcefire SNORT

Compared 9% of the time

Trend Micro TippingPoint Threat Protection System vs Cisco Sourcefire SNORT

Compared 8% of the time

ExtremeCloud IQ vs Cisco Sourcefire SNORT

Compared 8% of the time

More Cisco Sourcefire SNORT Competitors

Fortinet FortiGate IPS vs Palo Alto Networks Advanced Threat Prevention

Compared 15% of the time

Forcepoint Next Generation Firewall vs Palo Alto Networks Advanced Threat Prevention

Compared 13% of the time

Darktrace vs Palo Alto Networks Advanced Threat Prevention

Compared 10% of the time

Check Point IPS vs Palo Alto Networks Advanced Threat Prevention

Compared 10% of the time

Trend Micro TippingPoint Threat Protection System vs Palo Alto Networks Advanced Threat Prevention

Compared 7% of the time

More Palo Alto Networks Advanced Threat Prevention Competitors

Product Reports

Cisco Sourcefire SNORT

Download Cisco Sourcefire SNORT product report

Palo Alto Networks Advanced Threat Prevention

Download Palo Alto Networks Advanced Threat Prevention product report

Palo Alto Networks Advanced Threat Prevention report

Also Known As

Sourcefire SNORT

No data available

Overview

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

Cisco

Palo Alto Networks Advanced Threat Prevention is a cloud-based security service that combines cutting-edge technologies, including machine learning, artificial intelligence, and expert human monitoring, to effectively thwart advanced threats like malware, zero-day attacks, and command-and-control threats. It offers inline protection, scrutinizing all network traffic irrespective of port, protocol, or encryption. An integral component of Palo Alto Networks' security platform, it enjoys widespread adoption across diverse organizations. With its robust security capabilities, it's an ideal choice for entities of all sizes, particularly those in high-risk sectors such as finance, healthcare, and government agencies, seeking to safeguard their networks from a broad spectrum of advanced threats.

Palo Alto Networks

Sample Customers

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia

University of Arkansas, JBG SMITH, SkiStar AB, TRI-AD, Temple University, Telkom Indonesia

Cisco Sourcefire SNORT vs. Palo Alto Networks Advanced Threat Prevention