Sourcefire developed Snort, an open source intrusion prevention system capable of real-time traffic analysis and packet logging. Snort was acquired (and is now supported) by Cisco in 2013.
N/A
pfSense
Score 9.9 out of 10
N/A
pfSense is a firewall and load management product available through the open source pfSense Community Edition, as well as a the licensed edition, pfSense Plus (formerly known as pfSense Enterprise). The solution provides combined firewall, VPN, and router functionality, and can be deployed through the cloud (AWS or Azure), or on-premises with a Netgate appliance. It as scalable capacities, with functionality for SMBs. As a firewall, pfSense offers Stateful packet inspection, concurrent…
$179
per appliance
Pricing
Snort
pfSense
Editions & Modules
No answers on this topic
SG-1100
$179
per appliance
SG-2100
$229
per appliance
SG-3100
$399
per appliance
SG-5100
$699
per appliance
XG-7100-DT
$899
per appliance
XG-7100-1U
$999
per appliance
XG-1537
$1,949
per appliance
XG-1541
$2,649
per appliance
Offerings
Pricing Offerings
Snort
pfSense
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Snort
pfSense
Features
Snort
pfSense
Firewall
Comparison of Firewall features of Product A and Product B
Snort
-
Ratings
pfSense
7.6
Ratings
13% below category average
Identification Technologies
00 Ratings
5.00 Ratings
Visualization Tools
00 Ratings
7.00 Ratings
Content Inspection
00 Ratings
4.00 Ratings
Policy-based Controls
00 Ratings
10.00 Ratings
Active Directory and LDAP
00 Ratings
7.00 Ratings
Firewall Management Console
00 Ratings
9.50 Ratings
Reporting and Logging
00 Ratings
8.00 Ratings
VPN
00 Ratings
10.00 Ratings
High Availability
00 Ratings
10.00 Ratings
Stateful Inspection
00 Ratings
7.00 Ratings
Proxy Server
00 Ratings
6.10 Ratings
Best Alternatives
Snort
pfSense
Small Businesses
LevelBlue USM Anywhere
Score 3.9 out of 10
Sophos UTM
Score 8.1 out of 10
Medium-sized Companies
CrowdStrike Falcon
Score 9.1 out of 10
Quantum Firewalls and Security Gateways
Score 9.6 out of 10
Enterprises
CrowdStrike Falcon
Score 9.1 out of 10
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
pfSense is incredibly budget friendly and capable for organizations of all sizes. My specific scenario, working for a non-profit organization, requires budget consciences decisions without compromising security and function. pfSense has helped tremendously in accomplishing this. It specifically tackles advanced routing, static routing, remote access, intrusion prevention, in a single platform, mostly available for free.
The threat intelligence from Cisco TALOS is unparalleled. This is grafted into the Sourcefire application which greatly improves security visibility. With this there are a lot of groups that you can use for white listing or blacklisting, knowing its being updated in the background without additional work from you.
Flexible. Instead of putting a traditional firewall inline you can put a source fire appliance (or firewall with sourcefire on-board) to not only block/allow traffic, but if you insights into it, and do some forms of threat scoring.
In depth information. Sometimes a bit overwhelming, but you are able to do more than just see alerts, you can view the full information and packets that lead to the conclusion, though the conclusion is prepared in advance for you.
Easy to use. Good user interface design! Easy to understand and easy to set up.
Lower hardware requirement. 3 years ago, we used an old PC to run it. Now, we have changed to a router device with Celeron CPU and 8GB RAM. It runs smoothly with a 1000G commercial broadband.
There is no API for making changes. This can be a hindrance in environments where auto-deploying something needs firewall rules or HAProxy configs updated. Since all settings are stored in an XML file and then configs are generated from that, even manually updating config files cannot be done.
Beware that some network cards can have issues. pfSense is based on FreeBSD, so it's best to look on their compatibility list before deploying.
pfSense can be a very elementary firewall but can also be as comples as you want, according your needs. I'd always reccomend a HA solution when used in a company and, for bigger companies, commercial license is recommended. It's also very adptable to everyone's needs.
Snort was chosen mainly for the ease and cost. With Snort we was able to set up in a matter of minutes without any professional services needed. If you are used to packet tracing the old fashion way, this is the product for you.
PFSense is not a fully featured and supported enterprise-grade solution; however, it does offer a lot of similar functionality at a fraction of the cost for more minor requirements.
pfSense has only had positive impacts on our company. We are not a huge company so not having to buy licenses to get all these features have been excellent.
I was not around when our current sysadmin decided to use pfSense, but I am assuming from day one it was probably a 100% return on investment since it does everything we need it to and it was open source software.