Cisco Secure Network Analytics (Stealthwatch)

Cisco Secure Network Analytics (Stealthwatch)

About TrustRadius Scoring
Score 8.5 out of 100
Cisco Secure Network Analytics (Stealthwatch)


Recent Reviews

Watch that flow go!

7 out of 10
July 05, 2022
StealthWatch is currently being used to analyze NetFlow in our organization. This gives us important insight into what kinds of traffic is …
Continue reading

Stealthwatch Value Add

10 out of 10
March 29, 2022
Cisco Secure Network Analytics allows you to see everything on your network, whether it is wired or wireless. This is truly critical in …
Continue reading
Read all reviews

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Cisco Secure Network Analytics (Stealthwatch), and make your voice heard!


View all pricing

What is Cisco Secure Network Analytics (Stealthwatch)?

Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.

Entry-level set up fee?

  • No setup fee


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

5 people want pricing too

Features Scorecard

No scorecards have been submitted for this product yet..

Product Details

What is Cisco Secure Network Analytics (Stealthwatch)?

Cisco Secure Network Analytics (Stealthwatch) aims to help users outsmart emerging threats in a digital business with machine learning and behavioral modeling, and know who is on the network and what they are doing using telemetry from the network infrastructure. Additionally, Cisco states users can detect advanced threats and respond to them quickly, protect critical data with smarter network segmentation, and do it all with an agentless solution that grows with the business.

Cisco Secure Network Analytics (Stealthwatch) Downloadables

Cisco Secure Network Analytics (Stealthwatch) Competitors

Cisco Secure Network Analytics (Stealthwatch) Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.

Darktrace, Splunk Enterprise, and LogRhythm NextGen SIEM Platform are common alternatives for Cisco Secure Network Analytics (Stealthwatch).

Reviewers rate Support Rating highest, with a score of 8.

The most common users of Cisco Secure Network Analytics (Stealthwatch) are from Enterprises (1,001+ employees) and the Information Technology & Services industry.


View all alternatives

Compare with


(1-9 of 9)
Companies can't remove reviews or game the system. Here's why
July 05, 2022

Watch that flow go!

Score 7 out of 10
Vetted Review
Verified User
Review Source
  • StealthWatch is very good at capturing NetFlow.
  • Stealthwatch is very good at presenting NetFlow data in easy to understands graphs and charts.
  • StealthWatch makes reporting on traffic much easier.
  • The StealthWatch interface is clunky and broken into 2 parts, both an HTML console and a JAVA console. This causes issues as one is completely different than the other.
  • Licenses are eaten up very quickly and can be pricey.
  • Upgrading StealthWatch is more tedious and time consuming than it should be.
Score 9 out of 10
Vetted Review
Verified User
Review Source
  • A silent tool.
  • A great way to get visibility of all the conversations of the network.
  • Easy to find out the internal and the external threats.
  • Easy to track performance.
  • Network monitoring is very easy to understand and control.
  • Attacks can be easily detected along with encrypted traffic.
  • Historic records of the attack and reports make it even better.
  • The price of this tool is comparatively higher than other tools in the market.
  • The configuration process should be made easier.
  • The interface is also not user-friendly at all.
Score 8 out of 10
Vetted Review
Verified User
Review Source
  • Using predefined signatures and scripts to capture and alert us to problems.
  • Built-in tools that automatically watch for suspicious behaviors
  • Integration with our already implemented IPAM services
  • Interfaces with Splunk for our IT security to easy review
  • Costs
  • Almost too much information
  • Not the easiest out of the box to configure
  • Needed additional support from Cisco for setup and updates
Score 6 out of 10
Vetted Review
Verified User
Review Source
  • Breaks down network data into categories like Recon, exploit, etc,
  • Good data around usage (categorized as Data Hoarding)
  • Alarms broken out by TTP
  • There is an appliance, so you do need to set that up
  • Not many issues or concerns
Oleksandr Tsapenko | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Review Source
  • Operability with different protocols.
  • Strong visibility.
  • Integration with other Cisco Security products for complete defense.
  • More simplified implementation.
  • Deep integration with third-party security tools.
  • More simplified licensing.
Ericson Aragoza | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
  • Allows us to know what is exactly happening in our network (real-time & historical)
  • Allows us to identify "normal" traffic against others/Netflow
  • Allows us to easily track traffic flow
  • As with new technologies, learning curves are a given. On this one, there is a slight curve before you fully grasp it.
  • User interface can be improved to better user experience.
John Patrick Duro | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
  • Management Consoles - they are simple, easy to understand, centralized, organized, and have complete visibility and control.
  • Encrypted Traffic Analytics (ETA) - golden functionality that provides us more visibility without the need to decrypt traffic.
  • Extended data - longer data retention that is very helpful to our scalability issues.
  • Expensive - it is a given fact especially for Cisco services.
  • Flow Sensor - it is very hard and complex to set up; receiving a lot of noise or false positives.
  • Flow Maps - same with flow sensor in terms of negative concerns.
Matt Frederickson | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
  • Stellar at grabbing Netflow data - and really, really good at differentiating types of traffic.
  • Excellent at knowing which traffic was flowing from what endpoints - and then using some tie-ins to gather data about the endpoints.
  • Used this mostly for historic (what happened when) but also used it a few times for real-time analysis, looking for bandwidth hogs and help for troubleshooting issues.
  • Highly recommend as a forensic tool - doesn't do full packet capture, but for everything else it's awesome.
  • There is a slight learning curve with the UI - this could use some improvement. Once you learn though, it is not an obstacle.
  • Would like them to add a log correlation engine - that could tie into log files - but then it would be a SIEM.