Few products operate off the Netflow or RAP/SPAN traffic versus the endpoint. Of those products, many operate from the aggregate traffic of uplinks/downlinks, whereas Secure Network Analytics focuses on viewing all traffic to give per-endpoint comprehensive data analytics. SNA is a great product for network visibility and detection, and to preserve that focus, other options such as remediation or quarantined are deferred to other products in the security ecosystem. SNA uses Machine Learning models to determine traffic behavioral compliance, which is a double-edged sword. On one hand, it mitigates zero day attacks changing traffic patterns, but conversely, it requires training to know acceptable traffic patterns. Unfortunately, many adopters of SNA do not spend the time giving it the user input and so the ML models never gets the correct weights and parameters to work from.
Manage Engine OpManager is better suited to serve server and network admins at organization to monitor their servers and network devices. It helps us with compliance with the reports available like utilization reports and capacity planning reports. It helps you to keep track of what all process are consuming the resources. It helps you in monitoring what is happening in your switches, routers and firewall
It measures the CPU utilization of hosts, the network bandwidth utilization of links, and other aspects of the operation
It often sends messages—sometimes called watchdog messages—over the network to each host to verify if it is responsive to requests.
Set Up Notifications And Reports.
OpManager offers a set of advantages that allow it to adapt to the needs of the company, guaranteeing effective monitoring of the application networks used in our organization.
There are things that you can search for a particular type of traffic, but you cannot create an alert to alert on that type of traffic. An example of that is a particular encryption type. So like RC4 encryption is prohibited within DHS. I can search for traffic using it, but I can't create a rule alerting on that traffic type.
Adding devices to existing groups and applying a group-wide parameter.
Email alerts can be a bit challenging depending on how email is managed within a company, sometimes adding ManageEngine OpManager to the allowed relay list for Exchange is necessary to receive any alerts
Cisco Secure Network Analytics is a fantastic tool, but does require some setup and upkeep which may turn off smaller IT Security teams. However, once all the flows are set up and the product is functioning with the proper rules, the insight into your network is fantastic. For us, the product has a significant ROI and will be a product we keep up on.
Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.
The rating I provided is based on the product quality, experience (I have been using OpManager for almost the last 4 years), and relevance of the information/response I generated through Manage Engine OpManager. I have also received good support from OpManager.
We haven't had too many issues with the uptime and availability of CSNA, but the application does have a lot of dependancies and we have seen issues after an upgrade that caused an outage for several hours.
Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.
At first, we were not able to add our Avaya switches to the configuration backup module, our partner tried to help, but they did not find the solution, we had one remote session with tech support of ME and they solve the problem.
Implementation of the product can be tedious, especially fine tuning its rules to customize it to your environment. However, after that is done, CSNA is a very useful and flexible product that would enhance the security posture of any corporate network.
After integrating and developing a lot of security features in MF NNM, we were not able to meet the requirements from the customer. After the alternative research, we got to know about this Cisco Secure Network Analytics tool and after implementing the same, we finally were able to win CSAT. MF NNM had a support-related issue as well. It took more than a month to solve for couple of issues frequently. Whenever there is a problem or need their support, reaching out to them has always been a challenge.
During our competitive analysis, we found ManageEngine OpManager was not expensive compared to other vendors. At the same time, there was no compromise on the features such as customized reporting or configuring alerts per our clientele's unique requirements. These are our client words "Other vendors ask us to pay more $$$ for enabling additional email alerts".
It is a little pricey - in my organization, with budget cuts, I eventually had to replace it with an open source product (NTOP). While it works well for visibility, it simply isn't the same. If you can afford it, don't bother looking anywhere else - just get it.
Being able to detect, pivot out, and remmediate from one console was awesome.
