Skip to main content
TrustRadius
Cisco Secure Network Analytics

Cisco Secure Network Analytics
Formerly Cisco Stealthwatch

Overview

What is Cisco Secure Network Analytics?

Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.

Read more
Recent Reviews

Watch that flow go!

7 out of 10
July 05, 2022
Incentivized
StealthWatch is currently being used to analyze NetFlow in our organization. This gives us important insight into what kinds of traffic is …
Continue reading

Stealthwatch Value Add

10 out of 10
March 29, 2022
Incentivized
Cisco Secure Network Analytics allows you to see everything on your network, whether it is wired or wireless. This is truly critical in …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Product Details

What is Cisco Secure Network Analytics?

Cisco Secure Network Analytics (Stealthwatch) aims to help users outsmart emerging threats in a digital business with machine learning and behavioral modeling, and know who is on the network and what they are doing using telemetry from the network infrastructure. Additionally, Cisco states users can detect advanced threats and respond to them quickly, protect critical data with smarter network segmentation, and do it all with an agentless solution that grows with the business.

Cisco Secure Network Analytics Competitors

Cisco Secure Network Analytics Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Cisco Secure Network Analytics Downloadables

Frequently Asked Questions

Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.

Darktrace, Splunk Enterprise, and LogRhythm NextGen SIEM Platform are common alternatives for Cisco Secure Network Analytics.

The most common users of Cisco Secure Network Analytics are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(29)

Attribute Ratings

Reviews

(1-11 of 11)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • It's really good at mapping out like what applications are, like who's talking to what. To see if someone thinks that a particular application is only being used a certain way and we can validate what's talking to that system with the tool.
  • There are things that you can search for a particular type of traffic, but you cannot create an alert to alert on that type of traffic. An example of that is a particular encryption type. So like RC4 encryption is prohibited within DHS. I can search for traffic using it, but I can't create a rule alerting on that traffic type.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Advanced threat details like repeated attacks on the network.
  • In-depth scanning of the entire network and shows multiple vulnerabilities within the network.
  • Integrated Cisco license with the tool saves the cost to the customer.
  • Also, help in the same way for the cloud as it does for the network.
  • Availability of reports in multiple report format for analyzing the outcome of the tool.
  • Tool is little hard to configure so need to be light to save resource consumption.
  • Features are so in-depth that integrated guidance should be available to help the users on how to use.
  • Graphical view can be improved to make it more convenient to understand the data representation.
July 05, 2022

Watch that flow go!

Score 7 out of 10
Vetted Review
Verified User
Incentivized
  • StealthWatch is very good at capturing NetFlow.
  • Stealthwatch is very good at presenting NetFlow data in easy to understands graphs and charts.
  • StealthWatch makes reporting on traffic much easier.
  • The StealthWatch interface is clunky and broken into 2 parts, both an HTML console and a JAVA console. This causes issues as one is completely different than the other.
  • Licenses are eaten up very quickly and can be pricey.
  • Upgrading StealthWatch is more tedious and time consuming than it should be.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • A silent tool.
  • A great way to get visibility of all the conversations of the network.
  • Easy to find out the internal and the external threats.
  • Easy to track performance.
  • Network monitoring is very easy to understand and control.
  • Attacks can be easily detected along with encrypted traffic.
  • Historic records of the attack and reports make it even better.
  • The price of this tool is comparatively higher than other tools in the market.
  • The configuration process should be made easier.
  • The interface is also not user-friendly at all.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Using predefined signatures and scripts to capture and alert us to problems.
  • Built-in tools that automatically watch for suspicious behaviors
  • Integration with our already implemented IPAM services
  • Interfaces with Splunk for our IT security to easy review
  • Costs
  • Almost too much information
  • Not the easiest out of the box to configure
  • Needed additional support from Cisco for setup and updates
Score 6 out of 10
Vetted Review
Verified User
Incentivized
  • Breaks down network data into categories like Recon, exploit, etc,
  • Good data around usage (categorized as Data Hoarding)
  • Alarms broken out by TTP
  • There is an appliance, so you do need to set that up
  • Not many issues or concerns
Oleksandr Tsapenko | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
ResellerIncentivized
  • Operability with different protocols.
  • Strong visibility.
  • Integration with other Cisco Security products for complete defense.
  • More simplified implementation.
  • Deep integration with third-party security tools.
  • More simplified licensing.
John Patrick Duro | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
  • Management Consoles - they are simple, easy to understand, centralized, organized, and have complete visibility and control.
  • Encrypted Traffic Analytics (ETA) - golden functionality that provides us more visibility without the need to decrypt traffic.
  • Extended data - longer data retention that is very helpful to our scalability issues.
  • Expensive - it is a given fact especially for Cisco services.
  • Flow Sensor - it is very hard and complex to set up; receiving a lot of noise or false positives.
  • Flow Maps - same with flow sensor in terms of negative concerns.
Matt Frederickson | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Stellar at grabbing Netflow data - and really, really good at differentiating types of traffic.
  • Excellent at knowing which traffic was flowing from what endpoints - and then using some tie-ins to gather data about the endpoints.
  • Used this mostly for historic (what happened when) but also used it a few times for real-time analysis, looking for bandwidth hogs and help for troubleshooting issues.
  • Highly recommend as a forensic tool - doesn't do full packet capture, but for everything else it's awesome.
  • There is a slight learning curve with the UI - this could use some improvement. Once you learn though, it is not an obstacle.
  • Would like them to add a log correlation engine - that could tie into log files - but then it would be a SIEM.
Return to navigation