Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.
N/A
NinjaOne
Score 9.0 out of 10
N/A
NinjaOne automates the hardest parts of IT, delivering visibility, security, and control over endpoints. The NinjaOne endpoint management platform increases productivity for IT teams and managed service providers, and comes with unlimited onboarding, training, and support.
N/A
Pricing
Cisco Secure Network Analytics
NinjaOne
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cisco Secure Network Analytics
NinjaOne
Free Trial
No
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
NinjaOne is a subscription service with a charge rate per month. For more detailed pricing information, contact NinjaOne directly to request a demo or to start 14-days free trial.
Few products operate off the Netflow or RAP/SPAN traffic versus the endpoint. Of those products, many operate from the aggregate traffic of uplinks/downlinks, whereas Secure Network Analytics focuses on viewing all traffic to give per-endpoint comprehensive data analytics. SNA is a great product for network visibility and detection, and to preserve that focus, other options such as remediation or quarantined are deferred to other products in the security ecosystem. SNA uses Machine Learning models to determine traffic behavioral compliance, which is a double-edged sword. On one hand, it mitigates zero day attacks changing traffic patterns, but conversely, it requires training to know acceptable traffic patterns. Unfortunately, many adopters of SNA do not spend the time giving it the user input and so the ML models never gets the correct weights and parameters to work from.
I like the constant development most. We now have MDM for all of the tablets and phones, which is great for a lot of the point of sale devices where they aren't necessarily logged into the device with a M365 account for Intune management. We like the NinjaOne remote tool over Splashtop or other remote software we've seen. It just works and has nice integration for printing, and file access without remoting onto the PC. The same goes for being able to run command line or PowerShell without removing the user from his or her session. It is unobtrusive to the end users.
Remote connections: the NinjaRemote client is spectacular and very easy to use and navigate. It quickly connects to customer systems so my engineers are able to work. As a bonus, they also offer a really good mobile app to connect to client systems.
Antivirus: Bitdefender Endpoint Protection is built directly into the NinjaOne portal. This makes deploying and maintaining AV very easy.
OS Patching: NinjaOne makes it very easy to handle patching across multiple clients and locations. It is very easy to use and doesn't take long to set up.
Support: NinjaOne support is always very prompt and helpful.
Documentation: the NinjaOne Dojo is a one-stop shop for all of your FAQs, guides, and forum needs. You can find almost anything here to help you deploy and maintain NinjaOne.
Automation Library: NinjaOne comes preloaded with a large number of ready-to-go automations. They also provide you with a scripting module to create your own.
There are things that you can search for a particular type of traffic, but you cannot create an alert to alert on that type of traffic. An example of that is a particular encryption type. So like RC4 encryption is prohibited within DHS. I can search for traffic using it, but I can't create a rule alerting on that traffic type.
Cisco Secure Network Analytics is a fantastic tool, but does require some setup and upkeep which may turn off smaller IT Security teams. However, once all the flows are set up and the product is functioning with the proper rules, the insight into your network is fantastic. For us, the product has a significant ROI and will be a product we keep up on.
I have not had any real issues with NinjaOne and as long as it keeps doing what it is meant to do, I do not plan on looking elsewhere. I need software to be stable and NinjaOne is stable.
Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.
Ninja's interface is clean and simple. Overall usability from an interface perspective is good. Some items, policies and scripting for instance, are a bit cumbersome and it's really not clear how to implement with a best practice mind-site. Ninja RMM got the job done for us but as we pushed our needs more into automation and efficiency we felt it wasn't keeping up with our speed of growth. There is definitely usability in the product, and it will get the job done, but there are other RMM's out there that fit better in our business.
We haven't had too many issues with the uptime and availability of CSNA, but the application does have a lot of dependancies and we have seen issues after an upgrade that caused an outage for several hours.
Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.
Support has been very responsive and my account rep Brian K. has communicated with me continuously making sure we had everything we need. Not like other MDMs where they sign you up and that's the last you hear from them. NinjaOne makes sure you use the product to its best application and you are successful and continue as the product features grow.
Implementation of the product can be tedious, especially fine tuning its rules to customize it to your environment. However, after that is done, CSNA is a very useful and flexible product that would enhance the security posture of any corporate network.
After integrating and developing a lot of security features in MF NNM, we were not able to meet the requirements from the customer. After the alternative research, we got to know about this Cisco Secure Network Analytics tool and after implementing the same, we finally were able to win CSAT. MF NNM had a support-related issue as well. It took more than a month to solve for couple of issues frequently. Whenever there is a problem or need their support, reaching out to them has always been a challenge.
For ease of use NinjaOne seems to be easiest to get up and running and just how they present everything seems easier than the other solutions we looked at and then bottom line was it had the features we wanted and the price was very reasonable compared to the other vendors.
It is a little pricey - in my organization, with budget cuts, I eventually had to replace it with an open source product (NTOP). While it works well for visibility, it simply isn't the same. If you can afford it, don't bother looking anywhere else - just get it.
Being able to detect, pivot out, and remmediate from one console was awesome.
