Intrusion detection and prevention software: Which solution is best?

IT Central Station users review the highest reviewed solutions in the intrusion detection and prevention software market.


As cybercriminals continue their mission to compromise enterprise networks, many businesses are looking for the best ways to keep their organisations secure. One way that they are improving their overall security posture is by investing in intrusion detection and prevention software. However, every organisation is different and a solution that may work for one business may not be as effective when used at another.

Over 388,000 professionals have used IT Central Station research to inform their purchasing decisions. Their latest report looks at the highest rated intrusion detection and prevention software vendors, profiling each and examining what they can offer enterprise.

Here’s a breakdown of the key players currently active in the market:

Kerio Control

Average Rating: 8.1

Top Comparison: pfSense

Overview: Brings together next-generation firewall capabilities -- including a network firewall and router, intrusion detection and prevention (IPS), gateway anti-virus, VPN, and web content and application filtering.


Average Rating: 7.7

Top Comparison: Cisco Stealthwatch

Overview: The first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualised, and cloud, through to IoT and industrial control systems.

Vectra AI

Average Rating: 8.8

Top Comparison: Darktrace

Overview: Accelerates threat detection and investigation using artificial intelligence to collect, store and enrich network metadata with the right context to detect, hunt and investigate known and unknown threats in real time.


Splunk User Behavior Analytics

Average Rating: 8.1

Top Comparison: Exabeam

Overview: Enables multi-entity behaviour profiling and peer group analytics for users, devices, service accounts and applications.


Cisco IOS Security

Average Rating: 8.2

Top Comparison: Darktrace

Overview: Delivers a sophisticated set of security capabilities for a comprehensive, layered security approach throughout network infrastructure.



Average Rating: 8.1

Top Comparison: Trend Micro TippingPoint NGIPS

Overview: Provides network visibility, threat intelligence, automation and industry leading threat effectiveness.

Cisco Sourcefire SNORT

Average Rating: 7.5

Top Comparison: Fortinet FortiWeb

Overview: Combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks.

Threat Stack Cloud Security Platform

Average Rating: 8.1

Top Comparison: Prisma Cloud by Palo Alto Networks

Overview: Purpose-built to support organisations running in the cloud and the unique requirements of a cloud-based or hybrid infrastructure.

Palo Alto Networks Threat Prevention

Average Rating: 8.4

Top Comparison: Darktrace

Overview: Leverages the visibility of its next-generation firewall to inspect all traffic, automatically preventing known threats, regardless of port, protocol or SSL encryption.

Trend Micro Deep Discovery Analyzer

Average Rating: 8.3

Top Comparison: Trend Micro Deep Discovery Inspector

Overview:  A turnkey appliance that uses virtual images of endpoint configurations to analyse and detect targeted attacks.