Skip to main content
Cisco Cyber Vision

Cisco Cyber Vision


What is Cisco Cyber Vision?

Cisco Cyber Vision is an industrial control security application (i.e. IoT security) that has been specifically developed for OT and IT teams to work together to ensure production continuity, resilience and safety. With it, users can now deploy Industrial Internet…

Read more
Recent Reviews

Cyber Vision Review

9 out of 10
February 09, 2024
We use this product to understand how our assets are working, what the communication is, and to set up a kind of asset list in hardware …
Continue reading
Read all reviews


Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Product Details

What is Cisco Cyber Vision?

Cisco® Cyber Vision provides full visibility into an ICS, including dynamic asset inventory, real-time monitoring of control networks and process data, and comprehensive threat intelligence, so users can build secure infrastructures and enforce security policies to control risk. Combining an edge monitoring architecture and integration with Cisco’s leading security portfolio, Cisco Cyber Vision can be deployed at scale so as to ensure the continuity, resilience, and safety of industrial operations.

Cisco Cyber Vision leverages an edge computing architecture that enables security monitoring components to run within Cisco’s industrial network equipment. No need to source dedicated appliances and build a dedicated out-of-band network. The solution boasts unique simplicity and the lower costs of the Cisco Cyber Vision architecture when looking to deploy OT security at scale.

Visibility embedded into the industrial network

Know what to protect. Cisco Cyber Vision is embedded in industrial networks so the user can see everything that connects to it.

Operational insights for OT

Maintain system integrity and production continuity. Cisco Cyber Vision keeps track of process data, asset modifications, and variable changes.

Holistic threat detection

Detect threats before it’s too late. Cisco Cyber Vision identifies known and emerging threats as well as process anomalies and unknown attacks. Fully integrated with the Cisco security portfolio, it extends the IT security operations center (SOC) to the OT domain.

Security assessments

Securing OT infrastructure starts with having a precise view of asset inventory, communication patterns, and network topologies. Cisco Cyber Vision automatically builds an accurate list of all your industrial assets and detailed network maps so users can define what needs to be done.

Network segmentation

Industrial security best practices suggest migrating networks toward architectures compliant with IEC62443 zones and conduits to avoid having an attack spread to the entire industrial infrastructure. Cisco Cyber Vision integrates with Cisco Identity Services Engine (ISE) to create asset groups and leverages Cisco industrial network equipment to dynamically enforce segmentation policies.

Extending cybersecurity to the OT domain

Cisco Cyber Vision combines protocol analysis, intrusion detection, behavioral analysis, and OT threat intelligence to detect asset vulnerabilities, and any attack tactic.

Enabling a converged IT/OT SOC

Cisco Cyber Vision brings detailed information on OT assets and threats to Cisco Firepower® firewalls, the ISE access controller, and the Stealthwatch® traffic analyzer so users can build and enforce security policies without disrupting production.

Driving governance and compliance

Cisco Cyber Vision logs all events from the user's ICS to run efficient audits, build incident reports, and work with both IT and OT teams to drive actions.

Cisco Cyber Vision Videos

Introducing Cisco Cyber Vision
Cisco Security for the Industrial Internet Demo Video
IoT & Cybervision Webinar & Demo

Cisco Cyber Vision Competitors

Cisco Cyber Vision Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation


View all alternatives
Return to navigation

Reviews and Ratings


Attribute Ratings


(1-2 of 2)
Companies can't remove reviews or game the system. Here's why
February 09, 2024

Cyber Vision Review

Score 9 out of 10
Vetted Review
Verified User
We use this product to understand how our assets are working, what the communication is, and to set up a kind of asset list in hardware and software perspective.
  • It learns which software the hardware is using and which communication is wanted and which communication is bad, stuff like this.
  • We use it and this product is made especially for OT environment. So everything you can find inside of a production, PLC, robotics, stuff like this.
  • As freshly announced last Friday, it was pain by being forced to use SSD in Catalyst switches, but with the version it's no longer needed. So for here now I'm happy.
To do a reactive scan of devices to have the possibility to isolate fraudulent devices or attacking devices.
  • Neither nor, I would say no.
Absolutely had and is still doing it. It spots some extra tasks for the OT stuff as we now see some non fulfilled homeworks when doing updates, vulnerability management and housekeeping in end of life components.
Yeah, absolutely. Hopefully we are more secure now and be better prepared in case of syntax.
Because you can use components you already have, you don't have to add extra components in comparison to competitors. So adding devices automatically means adding switches and all the switches you're adding are able to provide the cyber vision solution. So with the same amount of switches you need when you scale, you automatically scale the foundation of cyber vision. So it grows together hand in hand.
You can't compare it one by one. There are even some pros at Nozomi, but the main decision making point was that we don't need extra hardware.
Score 10 out of 10
Vetted Review
Verified User
We use Cisco Cyber Vision to secure an industrial control network at the Idaho National Laboratory. Our use case is connecting government facilities with experiment equipment, automation, data, etc. to the responsible parties. We track and control network communications from programmable logic controllers (PLC)s to human machine interfaces (HMI)s in a production environment.
  • Monitors known network traffic
  • Associates risk of vulnerabilities identified on the network devices
  • Presents a unified dashboard with threat assessment.
  • AI integration for what is most important to tackle first.
  • Better integration with DNAC.
  • AI integration for equipment identification.
Best suited for environments that are controlled network infrastructure such as industrial control systems. Also very useful in corporate environments where there is a high level of machinery on the network. Cyber Vision does a great job of identifying east and west traffic on the individual switches. Highly recommend Cyber Vision.
  • Cyber Vision keeps working when you are not.
  • Cyber Vision provides a detailed threat analysis.
  • Cyber Vision is simple to configure.
Cyber Vision has an easy user interface and intuitive display. Reports are simple to navigate and understand. The integration of Dragos helps with the risks associated with each displayed vulnerability and gives management a window into the network on a level not visible before. Cyber Vision brings the heat with realtime events.
As we continue our deployment of Cyber Vision into our environment, we are continually impressed with the innovation and quality of information supplied. The integration with Dragos has allowed us to use a graded approach to threat assessment and triage. Cyber Vision is pivotal to our daily operation and assessment of the current network health.
We have not had any issues of scaling as of yet.
Return to navigation