Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.
N/A
Dynatrace
Score 8.4 out of 10
N/A
Dynatrace is an APM scaled for enterprises with cloud, on-premise, and hybrid application and SaaS monitoring. Dynatrace uses AI-supported algorithms to provide continual APM self-learning and predictive alerts for proactive issue resolution.
$0
per synthetic request
NetBrain Technologies
Score 9.2 out of 10
N/A
NetBrain, founded in 2004, provides a no-code automation platform for hybrid network observability, allowing organizations to enhance their operational efficiency through automated workflows. The platform applies automation across three key workflows: troubleshooting, change management, and assessment.
Few products operate off the Netflow or RAP/SPAN traffic versus the endpoint. Of those products, many operate from the aggregate traffic of uplinks/downlinks, whereas Secure Network Analytics focuses on viewing all traffic to give per-endpoint comprehensive data analytics. SNA is a great product for network visibility and detection, and to preserve that focus, other options such as remediation or quarantined are deferred to other products in the security ecosystem. SNA uses Machine Learning models to determine traffic behavioral compliance, which is a double-edged sword. On one hand, it mitigates zero day attacks changing traffic patterns, but conversely, it requires training to know acceptable traffic patterns. Unfortunately, many adopters of SNA do not spend the time giving it the user input and so the ML models never gets the correct weights and parameters to work from.
Dynatrace is well suited to a number of tasks. It is important to determine who the end users are and gather good information to tailor their experience accordingly. For instance, business/marketing should not have access to some of the more technical data, and business metrics can be a distraction for IT operations personnel.
Great for our large global environment. Works well with our legacy and newer equipment. Ease of install was exciting compared to other products we POC'd. Less of a learning curve when training Teams on how to monitor and troubleshoot while in production. Service desk were able to capture the logs and load into our ticketing system with ease.
We loved Dynatrace's ability to show the data flow - from the front end points through the back end points straight to the database and various API's. It was advanced in its data visualization. This is useful for debugging - showing when/where the errors are. It can even enable non-technical individuals in the corporation to help debug
Dynatrace has some great highly customizable integration options as well as monitoring. You can configure your layout & integration options to create custom monitoring alerts for your applications performance. Further you can increase the extensibility of using a REST API on your architecture.
Some advanced dev-ops systems are utilizing Kubernetes/docker aswell as Node.JS - Dynatrace was able to log and help understand all of our dev-ops needs. It gave us native alerts based off of deviations from the baseline that we set during initial configuration. These metrics are priceless.
Some of the jobs can be difficult to setup until you know how they were designed
Unless coupled with other Cisco products, you may not get all of the information you would like to have
If you have a network that already has many issues it may take a lot of time to see the value in the product; it would take time to weed everything which this product will detect for you to use it to find that needle in the haystack
Dynatrace does not monitor easily on a C-based application.
The way DPGR is addressed by Dynatrace is not very complete, and not clear. One thing is to mask the IP and request attributes but is not enough, the replay session feature is great but raises serious questions about user tracking.
Cisco Secure Network Analytics is a fantastic tool, but does require some setup and upkeep which may turn off smaller IT Security teams. However, once all the flows are set up and the product is functioning with the proper rules, the insight into your network is fantastic. For us, the product has a significant ROI and will be a product we keep up on.
We have already renewed our purchase with the company. They make it easy for us to get a temporary license for our contingency site that is only used for testing twice a year. We are expanding our license with for this tool. We find it very useful and will renew it again.
Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.
Dynatrace is great to use once you understand how to use it correctly and get used to the layout of it. While I do not actively use it every day, whenever I do use it, I do have to get refamiliarized with it. However, once you have your dashboards setup correctly with the data that you want to see when you first login to Dynatrace, it's amazing.
I would rate Cisco Secure Network Analytics’ availability as 8 out of 10. The platform is highly stable and reliable, with users reporting minimal downtime and consistent performance once the system is properly deployed and configured.
Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.
Given that Dynatrace has become an informal industry standard, the plethora of information available on forums is massive. Most problems or roadblocks you come across are most likely (almost certainly, in fact) already solved and solutions available on these forums. The tech support at Dynatrace is also quite good, with prompt and knowledgeable people at their end.
Implementation of the product can be tedious, especially fine tuning its rules to customize it to your environment. However, after that is done, CSNA is a very useful and flexible product that would enhance the security posture of any corporate network.
I wasn't involved in the decision-making when it happened. It was a couple of years ago, but I can't think of the vendor's name. They used to be here at Cisco Live. But it was another NetFlow vendor, but they were strictly NetFlow and all they did was just a net flow and the Secure Network Analytics has like some of the security anomaly detection stuff built into it. And that was kind of a deciding factor of wanting more of the security focus of the net flow. The net flow was a bonus, but the security stuff was what we were looking for.
Synthetic Monitoring automatically does what other products do only through the use of other tools or through the development of user applications that still have a high cost of maintenance. The other products are not immediately usable and require many customizations. Through the use of configuration automatisms, you can be immediately operational and, in our case, we detected several imperfections in the applications.
It is a little pricey - in my organization, with budget cuts, I eventually had to replace it with an open source product (NTOP). While it works well for visibility, it simply isn't the same. If you can afford it, don't bother looking anywhere else - just get it.
Being able to detect, pivot out, and remmediate from one console was awesome.
