TrustRadius
Lancope Stealthwatch is a network behavior analysis product that was acquired by Cisco in 2015.https://dudodiprj2sv7.cloudfront.net/product-logos/bn/9u/6B4Z0T5CQTK3.pngCan You Answer Two Simple Questions - What's on Your Network and Is It Normal?We used this across the organization - 18 buildings spread across 72 square miles. It was used to identify and track Netflow data. It was originally purchased to answer two questions - what is happening on my network, and is it normal. Installation originally required two appliances, but by my third upgrade everything was 100% virtual.,Stellar at grabbing Netflow data - and really, really good at differentiating types of traffic. Excellent at knowing which traffic was flowing from what endpoints - and then using some tie-ins to gather data about the endpoints. Used this mostly for historic (what happened when) but also used it a few times for real-time analysis, looking for bandwidth hogs and help for troubleshooting issues. Highly recommend as a forensic tool - doesn't do full packet capture, but for everything else it's awesome.,There is a slight learning curve with the UI - this could use some improvement. Once you learn though, it is not an obstacle. Would like them to add a log correlation engine - that could tie into log files - but then it would be a SIEM.,10,It is a little pricey - in my organization, with budget cuts, I eventually had to replace it with an open source product (NTOP). While it works well for visibility, it simply isn't the same. If you can afford it, don't bother looking anywhere else - just get it. Being able to detect, pivot out, and remmediate from one console was awesome.,
Unspecified
Lancope StealthWatch
1 Ratings
Score 10.0 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Lancope StealthWatch Reviews

Lancope StealthWatch
1 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 10.0 out of 101
Show Filters 
Hide Filters 
Filter 1 vetted Lancope StealthWatch reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Reviews (1-1 of 1)
  Vendors can't alter or remove reviews. Here's why.
Matt Frederickson profile photo
January 16, 2018

Lancope StealthWatch Review: "Can You Answer Two Simple Questions - What's on Your Network and Is It Normal?"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We used this across the organization - 18 buildings spread across 72 square miles. It was used to identify and track Netflow data. It was originally purchased to answer two questions - what is happening on my network, and is it normal. Installation originally required two appliances, but by my third upgrade everything was 100% virtual.
  • Stellar at grabbing Netflow data - and really, really good at differentiating types of traffic.
  • Excellent at knowing which traffic was flowing from what endpoints - and then using some tie-ins to gather data about the endpoints.
  • Used this mostly for historic (what happened when) but also used it a few times for real-time analysis, looking for bandwidth hogs and help for troubleshooting issues.
  • Highly recommend as a forensic tool - doesn't do full packet capture, but for everything else it's awesome.
  • There is a slight learning curve with the UI - this could use some improvement. Once you learn though, it is not an obstacle.
  • Would like them to add a log correlation engine - that could tie into log files - but then it would be a SIEM.
If you can't answer two questions - I mentioned them before - about your network, then you really are not in a good place from a cyber security or even customer service standpoint. Regardless if your networking is outsourced to a vendor, you need some type of check and balance - and you NEED to know what's going on.

I was able to use this product to detect a botnet on our network - and using the details, and the ability to tie in other software, pivot from the endpoint (in Stealthwatch) to another program which allowed me to completely remediate the botnet before it spread.
Read Matt Frederickson's full review

Lancope StealthWatch Scorecard Summary

About Lancope StealthWatch

Lancope Stealthwatch is a network behavior analysis product that was acquired by Cisco in 2015.

Lancope StealthWatch Technical Details

Operating Systems: Unspecified
Mobile Application:No