Skip to main content
TrustRadius
Cisco Secure Network Analytics

Cisco Secure Network Analytics
Formerly Cisco Stealthwatch

Overview

What is Cisco Secure Network Analytics?

Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.

Read more
Recent Reviews

Watch that flow go!

7 out of 10
July 05, 2022
Incentivized
StealthWatch is currently being used to analyze NetFlow in our organization. This gives us important insight into what kinds of traffic is …
Continue reading

Stealthwatch Value Add

10 out of 10
March 29, 2022
Incentivized
Cisco Secure Network Analytics allows you to see everything on your network, whether it is wired or wireless. This is truly critical in …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Product Details

What is Cisco Secure Network Analytics?

Cisco Secure Network Analytics (Stealthwatch) aims to help users outsmart emerging threats in a digital business with machine learning and behavioral modeling, and know who is on the network and what they are doing using telemetry from the network infrastructure. Additionally, Cisco states users can detect advanced threats and respond to them quickly, protect critical data with smarter network segmentation, and do it all with an agentless solution that grows with the business.

Cisco Secure Network Analytics Competitors

Cisco Secure Network Analytics Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Cisco Secure Network Analytics Downloadables

Frequently Asked Questions

Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.

Darktrace, Splunk Enterprise, and LogRhythm NextGen SIEM Platform are common alternatives for Cisco Secure Network Analytics.

The most common users of Cisco Secure Network Analytics are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(29)

Attribute Ratings

Reviews

(1-11 of 11)
Companies can't remove reviews or game the system. Here's why
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Well Suited - There was a DDoS attack once in the customer network and this tool picked that threat and informed all the respective stakeholders on time. This has resulted in timely action on that threat resulting in no downtime or security issues for the customer.
Not Appropriate- Except the need for some presentation changes, making it lightweight, I did not see any such cons which could make it non-appropriate.
Score 8 out of 10
Vetted Review
ResellerIncentivized
Few products operate off the Netflow or RAP/SPAN traffic versus the endpoint. Of those products, many operate from the aggregate traffic of uplinks/downlinks, whereas Secure Network Analytics focuses on viewing all traffic to give per-endpoint comprehensive data analytics. SNA is a great product for network visibility and detection, and to preserve that focus, other options such as remediation or quarantined are deferred to other products in the security ecosystem. SNA uses Machine Learning models to determine traffic behavioral compliance, which is a double-edged sword. On one hand, it mitigates zero day attacks changing traffic patterns, but conversely, it requires training to know acceptable traffic patterns. Unfortunately, many adopters of SNA do not spend the time giving it the user input and so the ML models never gets the correct weights and parameters to work from.
July 05, 2022

Watch that flow go!

Score 7 out of 10
Vetted Review
Verified User
Incentivized
I think a larger company that needs NetFlow data and has someone who can dedicate some time into learning the inner workings of StealthWatch could take advantage of all that StealWatch has to offer, but the suite itself may be too much to swallow for smaller staffed companies or companies that don't need this kind of visibility into network traffic.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
I feel Cisco Secure Network Analytics should be used in every organization. The detection of anomalies and malicious actors is phenomenal. Being able to confidently talk to your manager and auditors about what is happening on your network is huge. Although if you cannot get reliable NetFlow from your network infrastructure this may not be the best tool for you.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Cisco Secure Network Analytics is a compulsion to any organization looking to secure their network in silence with a complete record and analysis of the threats. All the critical information of the client is also preserved for instance and assistance for future needs. Cyber-attacks can’t even think to roam about your network in any case.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Overall it's a great product that will help any IT experts see deeper into their network--specifically large networks that have thousands of users and traffic crossing around the globe. There could be need in a smaller network but it's probably not worth the cost. Cisco Secure Network Analytics (Stealthwatch) is another tool that is expensive but has a lot of configurability. Someone needs to be specifically responsible not just for keeping Cisco Secure Network Analytics (Stealthwatch) up to date but for following all the leads and rabbit holes it creates.
Score 6 out of 10
Vetted Review
Verified User
Incentivized
On of our use cases that we needed help with was around vulnerability data, netflow, and infrastructure logs all coming together to get anomaly detection. We are limited by what we can send to our SIEM, so seeing this do a lot of the leg work before we send it is very nice.
Oleksandr Tsapenko | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
ResellerIncentivized
Cisco StealthWatch is well suited when you need to deal with big amounts of traffic. For example, big enterprises, data centers, [and] banks. [In] other words, it does a good job in cases when you have a lot of users with different access levels from different departments and maybe in different regions. So you need to have a clear vision of what [is] happening in your network right now.
John Patrick Duro | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
We used Cisco StealthWatch for threat intelligence, threat mapping, threat hunting, information security analysis, monitoring, and compliance. Our security operations teams mainly used it for incident response, forensic and root cause analysis. Also, it is very useful for insider threats, zero day vulnerabilities and malware, encrypted malicious malware, and behavioral analysis too.
Matt Frederickson | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
If you can't answer two questions - I mentioned them before - about your network, then you really are not in a good place from a cyber security or even customer service standpoint. Regardless if your networking is outsourced to a vendor, you need some type of check and balance - and you NEED to know what's going on.

I was able to use this product to detect a botnet on our network - and using the details, and the ability to tie in other software, pivot from the endpoint (in Stealthwatch) to another program which allowed me to completely remediate the botnet before it spread.
Return to navigation