Cisco Secure Network Analytics (Stealthwatch) vs Sumo Logic

Likelihood to Recommend

Cisco StealthWatch is well suited when you need to deal with big amounts of traffic. For example, big enterprises, data centers, [and] banks. [In] other words, it does a good job in cases when you have a lot of users with different access levels from different departments and maybe in different regions. So you need to have a clear vision of what [is] happening in your network right now.

Read full review

Oleksandr Tsapenko

Business Development Manager/Product manager

Wise IT UkraineInformation Technology & Services, 11-50 employees

View all 6 answers on this topic

SumoLogic is a fantastic log aggregator and analysis tool, a fine alternative to Splunk. Searching is powerful and mostly intuitive and results come fast. If you have application logs in clusters or Kubernetes pods that lose their logs every time they're restarted, Sumo is the solution for you

Read full review

Verified User

Director in Information Technology

Automotive Company, 5001-10,000 employees

View all 11 answers on this topic

Pros

Breaks down network data into categories like Recon, exploit, etc,
Good data around usage (categorized as Data Hoarding)
Alarms broken out by TTP

Read full review

Verified User

Engineer in Information Technology

Information Technology and Services Company, 1001-5000 employees

View all 6 answers on this topic

Sumo Logic allowed for our InfoSec team to ingest logs from our CDN directly, in real-time, instead of massive compressed archives that were sent every two-hours (the only alternative at the time). Sumo Logic had an app for these logs, that allowed us to easily get an immediate payoff from the data, with canned dashboard and saved searches.
Sumo Logic has a fairly extensive REST API when it comes to log sources, source configurations, dashboard data, searches, etc. Their wiki for the API is usually kept up to date.
Sumo Logic, during the period of time I had used their product, had added the ability to configure agents via configuration files. This allowed customers to configure their endpoints, and modify the endpoints, with configuration management tools like Chef / Puppet / Salt. Beforehand, the only option was to always make changes either via the web portal or REST API.
The solutions engineers were extremely helpful, and easily reachable when issues would occur.
Users at our company found it easy to get started, working on new dashboards, scheduled searches, and alerting. The alerting worked well with our third-party paging tool.

Read full review

Derek Ardolf

DevOps Engineer

GravieRetail, 1001-5000 employees

View all 11 answers on this topic

Cons

As with new technologies, learning curves are a given. On this one, there is a slight curve before you fully grasp it.
User interface can be improved to better user experience.

Read full review

Ericson Aragoza

Unified Communications Engineer

VisionsConnectedTelecommunications, 501-1000 employees

View all 6 answers on this topic

I like the help center, but I think if it had more GUI tools, it could help new users.
Pulling out data is sometimes hard to read, (Maybe if I knew how to export data better, this would not be an issue for me).
I would like better know-how on how to create reports that will help our business.

Read full review

M Phillip Yogore

Senior IT Support Analyst

ThoughtWorksInformation Technology and Services, 5001-10,000 employees

View all 11 answers on this topic

Usability

Cisco Secure Network Analytics (Stealthwatch) 7.3

Based on 1 answer

Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.

Read full review

Oleksandr Tsapenko

Business Development Manager/Product manager

Wise IT UkraineInformation Technology & Services, 11-50 employees

View all 1 answers on this topic

No score

No answers yet

No answers on this topic

Support Rating

Cisco Secure Network Analytics (Stealthwatch) 7.9

Based on 3 answers

Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.

Read full review

John Patrick Duro

Security Analyst II

AsurionInsurance, 1001-5000 employees

View all 3 answers on this topic

Sumo Logic 9.0

Based on 5 answers

I would give this rating because I attended a free Sumo Logic training at a WeWork in Chicago. I found the training very useful, and I learned a lot of features that I was not aware of before I went to the training. I like the idea that SumoLogic provides free training seminars. I am certified in level1, and I plan on certifying to level2.

Read full review

M Phillip Yogore

Senior IT Support Analyst

ThoughtWorksInformation Technology and Services, 5001-10,000 employees

View all 5 answers on this topic

Implementation Rating

No score

No answers yet

No answers on this topic

Sumo Logic 9.0

Based on 2 answers

I was satisfied with the implementation, as at the time, it was the best way to implement the product with the available feature sets in Sumo Logic. User creation and management became more of an issue during continued use, instead of it being an issue related to deploying the product in our environment.

Read full review

Derek Ardolf

DevOps Engineer

GravieRetail, 1001-5000 employees

View all 2 answers on this topic

Alternatives Considered

NTOP is the only thing out there, in my opinion, that provides similar type of visibility. But StealthWatch is the product all vendors should strive to emulate. It is easy to install; it is easy to configure; it works as advertised (and then some). I do recommend the three-day work shop they occasionally run - or some onsite training. The product is feature rich and the training will help you get the most out of it.

Read full review

Matthew Frederickson

Instructor

Bucks County Community CollegeEducation Management, 1001-5000 employees

View all 6 answers on this topic

Sumo Logic works very well out of the gate. For a small business it has given us what we need. I worked at a larger company previously, and we produced so many logs we had to create a custom logging service to handle them all. Cost and availability are big issues when deciding between the different services, whether self maintained and hosted, or provided by another company.

Read full review

David Tanner

Senior Software Engineer

LifeOmicComputer Software, 51-200 employees

View all 11 answers on this topic

Return on Investment

StealthWatch helps other departments make decisions quickly based on NetFlow data.
StealthWatch can bring a lot of reporting to the table that can be used to advance project necessities and prove data necessities to management.

Read full review

Verified User

Technician in Information Technology

Hospital & Health Care Company, 1001-5000 employees

View all 6 answers on this topic

I can't think of any negative side effects other than it being SO slow sometimes, but compared to Splunk everything is slow
It's SO much cheaper than Splunk that the time it takes to query information is well worth it
In the times that we've had Sumo go down or stop logging information, we've found that we'd be absolutely lost without Sumo

Read full review

Verified User

Analyst in Quality Assurance

Computer Software Company, 501-1000 employees

View all 11 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Cisco Secure Network Analytics (Stealthwatch) Editions & Modules

—

Additional Pricing Details

—

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Sumo Logic Editions & Modules

Edition

Essentials	$3.00¹
Enterprise	$4.00¹
Enterprise Security	$4.25¹
Enterprise Suite	$4.75¹

Per GB Logs

Additional Pricing Details

—