Cisco Secure Network Analytics vs. IBM Security QRadar SIEM

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cisco Secure Network Analytics
Score 8.3 out of 10
N/A
Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.N/A
IBM Security QRadar SIEM
Score 8.7 out of 10
N/A
IBM Security QRadar is security information and event management (SIEM) Software.N/A
Pricing
Cisco Secure Network AnalyticsIBM Security QRadar SIEM
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cisco Secure Network AnalyticsIBM Security QRadar SIEM
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Cisco Secure Network AnalyticsIBM Security QRadar SIEM
Top Pros
Top Cons
Features
Cisco Secure Network AnalyticsIBM Security QRadar SIEM
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Cisco Secure Network Analytics
-
Ratings
IBM Security QRadar SIEM
8.6
54 Ratings
10% above category average
Centralized event and log data collection00 Ratings9.927 Ratings
Correlation00 Ratings8.854 Ratings
Event and log normalization/management00 Ratings9.527 Ratings
Deployment flexibility00 Ratings7.927 Ratings
Integration with Identity and Access Management Tools00 Ratings8.250 Ratings
Custom dashboards and workspaces00 Ratings7.454 Ratings
Host and network-based intrusion detection00 Ratings9.625 Ratings
Data integration/API management00 Ratings9.07 Ratings
Behavioral analytics and baselining00 Ratings8.133 Ratings
Rules-based and algorithmic detection thresholds00 Ratings9.134 Ratings
Response orchestration and automation00 Ratings7.75 Ratings
Reporting and compliance management00 Ratings7.632 Ratings
Incident indexing/searching00 Ratings8.97 Ratings
Best Alternatives
Cisco Secure Network AnalyticsIBM Security QRadar SIEM
Small Businesses

No answers on this topic

AlienVault USM
AlienVault USM
Score 8.0 out of 10
Medium-sized Companies
InsightIDR
InsightIDR
Score 8.5 out of 10
Splunk Enterprise
Splunk Enterprise
Score 8.3 out of 10
Enterprises
InsightIDR
InsightIDR
Score 8.5 out of 10
Splunk Enterprise
Splunk Enterprise
Score 8.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cisco Secure Network AnalyticsIBM Security QRadar SIEM
Likelihood to Recommend
8.0
(11 ratings)
8.6
(75 ratings)
Likelihood to Renew
8.0
(1 ratings)
9.1
(3 ratings)
Usability
7.3
(1 ratings)
9.1
(1 ratings)
Availability
7.0
(1 ratings)
-
(0 ratings)
Support Rating
7.9
(2 ratings)
8.4
(49 ratings)
Implementation Rating
8.0
(1 ratings)
-
(0 ratings)
Ease of integration
8.0
(1 ratings)
8.1
(45 ratings)
User Testimonials
Cisco Secure Network AnalyticsIBM Security QRadar SIEM
Likelihood to Recommend
Cisco
Few products operate off the Netflow or RAP/SPAN traffic versus the endpoint. Of those products, many operate from the aggregate traffic of uplinks/downlinks, whereas Secure Network Analytics focuses on viewing all traffic to give per-endpoint comprehensive data analytics. SNA is a great product for network visibility and detection, and to preserve that focus, other options such as remediation or quarantined are deferred to other products in the security ecosystem. SNA uses Machine Learning models to determine traffic behavioral compliance, which is a double-edged sword. On one hand, it mitigates zero day attacks changing traffic patterns, but conversely, it requires training to know acceptable traffic patterns. Unfortunately, many adopters of SNA do not spend the time giving it the user input and so the ML models never gets the correct weights and parameters to work from.
Read full review
IBM
monitoring network traffic is much easier while having siem in your organization and the scenario where siem is less apricated is installing adding logs source making rules according to your desire or the last thing ibm support team not proving the good feedback on instant basis in case of any critical scenarios
Read full review
Pros
Cisco
  • A silent tool.
  • A great way to get visibility of all the conversations of the network.
  • Easy to find out the internal and the external threats.
  • Easy to track performance.
  • Network monitoring is very easy to understand and control.
  • Attacks can be easily detected along with encrypted traffic.
  • Historic records of the attack and reports make it even better.
Read full review
IBM
  • Enables identification and prioritization of vulnerabilities in IT infrastructure for corrective action.
  • Facilitates security incident investigation and forensic analysis.
  • Provides a real-time view of security events, enabling immediate incident response.
  • Can integrate with external threat intelligence sources to enrich data and improve threat detection.
  • Enables the generation of detailed and customized reports.
Read full review
Cons
Cisco
  • There are things that you can search for a particular type of traffic, but you cannot create an alert to alert on that type of traffic. An example of that is a particular encryption type. So like RC4 encryption is prohibited within DHS. I can search for traffic using it, but I can't create a rule alerting on that traffic type.
Read full review
IBM
  • Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.
  • While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.
  • IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.
Read full review
Likelihood to Renew
Cisco
Cisco Secure Network Analytics is a fantastic tool, but does require some setup and upkeep which may turn off smaller IT Security teams. However, once all the flows are set up and the product is functioning with the proper rules, the insight into your network is fantastic. For us, the product has a significant ROI and will be a product we keep up on.
Read full review
IBM
With the arrival of IBM Security QRadar SIEM at our company, we have a better vision of all the security needs that may arise, it is a very safe software to use that prevents threats from damaging our IT environment, it is impossible to change it for another software.
Read full review
Usability
Cisco
Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.
Read full review
IBM
A very special system to use without problems, the process is very genuine and does not require complicated procedures.
Read full review
Reliability and Availability
Cisco
We haven't had too many issues with the uptime and availability of CSNA, but the application does have a lot of dependancies and we have seen issues after an upgrade that caused an outage for several hours.
Read full review
IBM
No answers on this topic
Support Rating
Cisco
Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.
Read full review
IBM
Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm
Read full review
Implementation Rating
Cisco
Implementation of the product can be tedious, especially fine tuning its rules to customize it to your environment. However, after that is done, CSNA is a very useful and flexible product that would enhance the security posture of any corporate network.
Read full review
IBM
No answers on this topic
Alternatives Considered
Cisco
After integrating and developing a lot of security features in MF NNM, we were not able to meet the requirements from the customer. After the alternative research, we got to know about this Cisco Secure Network Analytics tool and after implementing the same, we finally were able to win CSAT. MF NNM had a support-related issue as well. It took more than a month to solve for couple of issues frequently. Whenever there is a problem or need their support, reaching out to them has always been a challenge.
Read full review
IBM
IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.
Read full review
Return on Investment
Cisco
  • It is a little pricey - in my organization, with budget cuts, I eventually had to replace it with an open source product (NTOP). While it works well for visibility, it simply isn't the same. If you can afford it, don't bother looking anywhere else - just get it.
  • Being able to detect, pivot out, and remmediate from one console was awesome.
Read full review
IBM
  • Offense investigation was really helped in tackling the incidents. It was accurate and brief
  • The automation with IBM resilient (SOAR) was a milestone in elimination of user mistakes
  • The X-Force threat intelligence supported us in getting the work done without any 3rd party enterprise OSINT database
Read full review
ScreenShots