Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.
N/A
Datadog
Score 8.7 out of 10
N/A
Datadog is a monitoring service for IT, Dev and Ops teams who write and run applications at scale, and want to turn the massive amounts of data produced by their apps, tools and services into actionable insight.
$1.27
per month (billed annually) per host
Kaspersky Anti Targeted Attack Platform
Score 3.8 out of 10
N/A
The Kaspersky Anti Targeted Attack Platform uses machine learning approaches to detect targeted attacks across network telemetry through a combination of automated network traffic analysis, correlative behavioral analysis, and other approaches to detect multi-layer threats across an enterprise network.
N/A
Pricing
Cisco Secure Network Analytics
Datadog
Kaspersky Anti Targeted Attack Platform
Editions & Modules
No answers on this topic
Log Management
$1.27
per month (billed annually) per host
Infrastructure
$15.00
per month (billed annually) per host
Standard
$18
per month per host
Enterprise
$27
per month per host
DevSecOps Pro
$27
per month per host
APM
$31.00
per month (billed annually) per host
DevSecOps Enterprise
$41
per month per host
No answers on this topic
Offerings
Pricing Offerings
Cisco Secure Network Analytics
Datadog
Kaspersky Anti Targeted Attack Platform
Free Trial
No
Yes
No
Free/Freemium Version
No
Yes
No
Premium Consulting/Integration Services
No
No
No
Entry-level Setup Fee
No setup fee
Optional
No setup fee
Additional Details
—
Discount available for annual pricing. Multi-Year/Volume discounts available (500+ hosts/mo).
Cisco Secure Network Analytics is in a class of its own and some of these products come close but are not in the same class. The other products I tested take a lot more of them to get the same results you would from the Enterprise class of Cisco products. I have been very happy …
I wasn't involved in the decision-making when it happened. It was a couple of years ago, but I can't think of the vendor's name. They used to be here at Cisco Live. But it was another NetFlow vendor, but they were strictly NetFlow and all they did was just a net flow and the …
After integrating and developing a lot of security features in MF NNM, we were not able to meet the requirements from the customer. After the alternative research, we got to know about this Cisco Secure Network Analytics tool and after implementing the same, we finally were …
While other platforms such as Nagios and Solarwinds NTA provide visibility of the traffic, it either (*) does not provide API/programmatic way to pull the data to other platforms or (*) does not interface with secondary security systems to report on malicious traffic activity. …
In order for Armis to truly provide value, it will require spans and taps at every location. This is not feasible in most places since not all sides have the infrastructure to support this and now you are required to support an additional appliance at every site. Stealthwatch …
Wireshark
is a good option in a lower budget, but Wireshark also has lesser security as
compared to Cisco which compelled us to look for something else in [the] same price but with more better features.
In addition [to] Cisco SteathWatch, we highly evaluated Cisco AnyConnect and Cisco Advanced Malware Protection for Endpoints (Cisco APM4E). Often [these] solutions complement each other and improve network security level. Each of them separate[ly] [are] handy products for …
Cisco has advantages in terms of the following: 1. Encrypted Traffic Analytics provides visibility and control to traffic without the need to decrypt it.
2. Threat detection that collects proxy records and associates them with flow records, delivering the user application, and …
NTOP is the only thing out there, in my opinion, that provides similar type of visibility. But StealthWatch is the product all vendors should strive to emulate. It is easy to install; it is easy to configure; it works as advertised (and then some). I do recommend the …
Datadog is significantly more user-friendly than CloudWatch.In terms of capabilities, they're similar. I would not call either of the best-in-class for any single feature, but Datadog feels more polished and ready to use overall.Multi-cloud monitoring is a clear differentiator …
I use Datadog because it concentrates all these features into a single tool, facilitating the learning curve that my platform and development engineering team needs in order to be able to set up the monitors/alerts/SLIs/SLOs as well as to diagnose a production issue. Its easier …
Datadog seems to be the most feature-rich of all the alternatives we've considered, however due to problems outlined earlier, some of the others have benefits. OpenTel can give us a way to make our platforms compatible with a variety of vendors, and can be done without …
Datadog is a more complex but complete solution than any of the other Log Aggregation, monitoring, or general observabilty tools that we have trialed. I found it easier to setup following useful and up-to-date documentation provided directly by Datadog instead of scattered …
Kibana Datadog … because within our usecase we have all the events in kibana but sampled traces in Datadog … but if we had all the traces it would have been much more useful
I think Datadog and sentry serve different needs. I like sentry to keep track of errors on our systems. And then I'll jump into Datadog to investigate those issues.
We have utilized a SIEM in the past, but it was a very manual process to set it up. Content packs make it very easy to set up and get alerting instantly. Datadog takes out a lot of headaches for our security team, since they no longer have to create custom alerts for every …
First think first - it's easy to use, and very easy to implement in any infrastructure. It provides a custom dashboard and monitors. I’ve used or evaluated Grafana, Prometheus, Amazon CloudWatch, and Dynatrace, and each tool has strong capabilities. Prometheus + Grafana provide …
All other tools dont have all the features which Datadog provides. Easy to use from UI where other may have complicated UI or no UI at all to create monitors. Consider like AWS grafana, we have limitation to create monitors from UI. There is no recurring downtime for monitors. …
UI of the Datadog is easy to understand and integration steps are easy to understand. It also provides the troubleshooting steps which are easy to understand. Supports multi cloud integrations which is very important for all the customers to know about the cloud service's …
we primarily use Kubernetes, and Prometheus is great for collecting time series metrics, especially in Kubernetes. and Grafana is used for dashboards. As these are open source, we host them and manage them internally. We choose Datadog because of its logs, traces, and …
I selected Datadog because of its features and the wide range of integration support. As I already told it supports more that 600+ integrations which helps and organization to keep everything in a single place and also its AI feature which is reducing the time for root cause …
1. Grafana is good, but a lot of integration is required for it to work. .that not the case of Datadog 2. Faster to set up Datadog instead of Grafana 3. Alerting in Datadog feels much easier thanin Grafana.
Datadog is best for cloud-native and fast-setup. It is more mature for infrastructure and real-time observability. The UI is more user-friendly and provides wide coverage of app insights.
I have tried and used a number of other tools similar to Datadog such as New Relic, Splunk, Prometheus, AWS cloudwatch and Dynatrace. New Relic and Splunk provide excellent monitoring and analytics, but Datadog’s consolidated dashboards and ease of setup combined with a wealth …
Our logs are very important, and Datadog manages them exceptionally well. We frequently use Datadog services for our investigations. Use case: Monitor your apps, infrastructure, APIs, and user experience.
ease of use and implementation, other than new relic (which I think is terrible in every possible way), the other two support opentelemetry better, have more manageable costs and comparable basic services, but they do not have the breadt of services dd does.
We moved to Datadog from Microsoft's Application Insights. Application Insights did a fine job in allowing us to view our application data, but it lacked the holistic view of all our infrastructure and other platforms that could not use Application Insights. Being able to …
In terms of usability, I’ve found Datadog significantly more approachable and powerful compared to Elasticsearch, especially for day-to-day operational monitoring. Datadog offers a much more cohesive, user-friendly interface out of the box, with built-in support for metrics, …
Cisco Secure Network Analytics is a compulsion to any organization looking to secure their network in silence with a complete record and analysis of the threats. All the critical information of the client is also preserved for instance and assistance for future needs. Cyber-attacks can’t even think to roam about your network in any case.
Datadog works really well with complex microservices architecture like any E-commerce platform which will be having multiple services but they all are interdependent to others so in this scenario Datadog will be best to monitor these as it will show the transactions also between those microservices. If you are using multiple services in your architecture whether it will be cloud services or on prem services Datadog will be the best choice to monitor all those service with in Datadog so that you can see everything in a single place. But if you are having small architecture and few services in that then in that scenario you can use Datadog but it will be little costly as compared to other but obviously the features are very well.
I would say it is less appropriate for an organization which is looking to implement a tool within a short period of time. However, we found support on the web forum as well as from support team and were given solutions always. It was somewhat a relief for the users. We were not in a position to provide further IT security resources. And Anti Targeted Attack Platform did not require such. The tool was able to identify and eliminate a critical threat right after the implementation.
It's really good at mapping out like what applications are, like who's talking to what. To see if someone thinks that a particular application is only being used a certain way and we can validate what's talking to that system with the tool.
Alert windows cause lag in notifications (e.g. if the alert window is X errors in 1 hour, we won't get alerted until the end of the 1 hour range)
I would appreciate more supportive examples for how to filter and view metrics in the explorer
I would like a more clear interface for metrics that are missing in a time frame, rather than only showing tags/etc. for metrics that were collected within the currently viewed time frame
Cisco Secure Network Analytics is a fantastic tool, but does require some setup and upkeep which may turn off smaller IT Security teams. However, once all the flows are set up and the product is functioning with the proper rules, the insight into your network is fantastic. For us, the product has a significant ROI and will be a product we keep up on.
Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.
There is some room for improvement, but the Datadog team sends out updates frequently, and the UI is user-friendly for engineers, with no significant loading issues or region-specific problems. That was one of the key reasons we preferred Datadog; our company has employees worldwide, and it wasn't difficult to transition to the tool.
We haven't had too many issues with the uptime and availability of CSNA, but the application does have a lot of dependancies and we have seen issues after an upgrade that caused an outage for several hours.
Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.
The support team usually gets it right. We did have a rather complicate issue setting up monitoring on a domain controller. However, they are usually responsive and helpful over chat. The downside would be I don’t think they have any phone support. If that is important to you this might not be a good fit.
Implementation of the product can be tedious, especially fine tuning its rules to customize it to your environment. However, after that is done, CSNA is a very useful and flexible product that would enhance the security posture of any corporate network.
While other platforms such as Nagios and Solarwinds NTA provide visibility of the traffic, it either (*) does not provide API/programmatic way to pull the data to other platforms or (*) does not interface with secondary security systems to report on malicious traffic activity. Ultimately, these platforms accomplish the visibility, but do little else in the overall IT/security ecosystem of product, making them "dead end" data flow products where data goes in but does not share elsewhere.
Datadog is a more complex but complete solution than any of the other Log Aggregation, monitoring, or general observabilty tools that we have trialed. I found it easier to setup following useful and up-to-date documentation provided directly by Datadog instead of scattered around many blogs or articles. I would love to have my own Grafana + Prometheus expert to setup all the peices we need but you're paying for expertise there instead of an experience with Datadog.
Once tuned and baselines established, it is far easier to identify issues on a network
Management is able to look at the dashboard and fairly quickly get an update on the status of how the network is performing and what threats may be out there
Reports can be scheduled to send on a regular basis to all involved with management of the infrastructure and the security team