TrustRadius
Lancope Stealthwatch is a network behavior analysis product that was acquired by Cisco in 2015.https://dudodiprj2sv7.cloudfront.net/product-logos/bn/9u/6B4Z0T5CQTK3.pngWatch that flow go!StealthWatch is currently being used to analyze NetFlow in our organization. This gives us important insight into what kinds of traffic is going through our network devices and allows us to provide this information to other departments in a much easier and digestible way than before. We have used it to help other departments in their decision making and analytics.,StealthWatch is very good at capturing NetFlow. Stealthwatch is very good at presenting NetFlow data in easy to understands graphs and charts. StealthWatch makes reporting on traffic much easier.,The StealthWatch interface is clunky and broken into 2 parts, both an HTML console and a JAVA console. This causes issues as one is completely different than the other. Licenses are eaten up very quickly and can be pricey. Upgrading StealthWatch is more tedious and time consuming than it should be.,7,StealthWatch helps other departments make decisions quickly based on NetFlow data. StealthWatch can bring a lot of reporting to the table that can be used to advance project necessities and prove data necessities to management.,Can You Answer Two Simple Questions - What's on Your Network and Is It Normal?We used this across the organization - 18 buildings spread across 72 square miles. It was used to identify and track Netflow data. It was originally purchased to answer two questions - what is happening on my network, and is it normal. Installation originally required two appliances, but by my third upgrade everything was 100% virtual.,Stellar at grabbing Netflow data - and really, really good at differentiating types of traffic. Excellent at knowing which traffic was flowing from what endpoints - and then using some tie-ins to gather data about the endpoints. Used this mostly for historic (what happened when) but also used it a few times for real-time analysis, looking for bandwidth hogs and help for troubleshooting issues. Highly recommend as a forensic tool - doesn't do full packet capture, but for everything else it's awesome.,There is a slight learning curve with the UI - this could use some improvement. Once you learn though, it is not an obstacle. Would like them to add a log correlation engine - that could tie into log files - but then it would be a SIEM.,10,It is a little pricey - in my organization, with budget cuts, I eventually had to replace it with an open source product (NTOP). While it works well for visibility, it simply isn't the same. If you can afford it, don't bother looking anywhere else - just get it. Being able to detect, pivot out, and remmediate from one console was awesome.,
Unspecified
Lancope StealthWatch
3 Ratings
Score 8.7 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Lancope StealthWatch Reviews

Lancope StealthWatch
3 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.7 out of 101
Show Filters 
Hide Filters 
Filter 3 vetted Lancope StealthWatch reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-2 of 2)

  Vendors can't alter or remove reviews. Here's why.
No photo available
February 21, 2019

Lancope StealthWatch Review: "Watch that flow go!"

Score 7 out of 10
Vetted Review
Verified User
Review Source
StealthWatch is currently being used to analyze NetFlow in our organization. This gives us important insight into what kinds of traffic is going through our network devices and allows us to provide this information to other departments in a much easier and digestible way than before. We have used it to help other departments in their decision making and analytics.
  • StealthWatch is very good at capturing NetFlow.
  • Stealthwatch is very good at presenting NetFlow data in easy to understands graphs and charts.
  • StealthWatch makes reporting on traffic much easier.
  • The StealthWatch interface is clunky and broken into 2 parts, both an HTML console and a JAVA console. This causes issues as one is completely different than the other.
  • Licenses are eaten up very quickly and can be pricey.
  • Upgrading StealthWatch is more tedious and time consuming than it should be.
I think a larger company that needs NetFlow data and has someone who can dedicate some time into learning the inner workings of StealthWatch could take advantage of all that StealWatch has to offer, but the suite itself may be too much to swallow for smaller staffed companies or companies that don't need this kind of visibility into network traffic.
Read this authenticated review
Matt Frederickson profile photo
January 16, 2018

Lancope StealthWatch Review: "Can You Answer Two Simple Questions - What's on Your Network and Is It Normal?"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We used this across the organization - 18 buildings spread across 72 square miles. It was used to identify and track Netflow data. It was originally purchased to answer two questions - what is happening on my network, and is it normal. Installation originally required two appliances, but by my third upgrade everything was 100% virtual.
  • Stellar at grabbing Netflow data - and really, really good at differentiating types of traffic.
  • Excellent at knowing which traffic was flowing from what endpoints - and then using some tie-ins to gather data about the endpoints.
  • Used this mostly for historic (what happened when) but also used it a few times for real-time analysis, looking for bandwidth hogs and help for troubleshooting issues.
  • Highly recommend as a forensic tool - doesn't do full packet capture, but for everything else it's awesome.
  • There is a slight learning curve with the UI - this could use some improvement. Once you learn though, it is not an obstacle.
  • Would like them to add a log correlation engine - that could tie into log files - but then it would be a SIEM.
If you can't answer two questions - I mentioned them before - about your network, then you really are not in a good place from a cyber security or even customer service standpoint. Regardless if your networking is outsourced to a vendor, you need some type of check and balance - and you NEED to know what's going on.

I was able to use this product to detect a botnet on our network - and using the details, and the ability to tie in other software, pivot from the endpoint (in Stealthwatch) to another program which allowed me to completely remediate the botnet before it spread.
Read Matt Frederickson's full review

Lancope StealthWatch Scorecard Summary

About Lancope StealthWatch

Lancope Stealthwatch is a network behavior analysis product that was acquired by Cisco in 2015.

Lancope StealthWatch Technical Details

Operating Systems: Unspecified
Mobile Application:No