Good at cutting out the noise. Getting to the important data
April 30, 2021

Good at cutting out the noise. Getting to the important data

Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Overall Satisfaction with Cisco Secure Network Analytics (Stealthwatch)

We got access to Stealthwatch with our Cisco Umbrella. We went with the on-premise version of Stealthwatch and like the product. We're sending in DNS, VPC Flow logs, etc and like how it pulls that and processes it and really cleans up the noise. Currently looking to get it fully-integrated with our SIEM.

Pros

  • Breaks down network data into categories like Recon, exploit, etc,
  • Good data around usage (categorized as Data Hoarding)
  • Alarms broken out by TTP

Cons

  • There is an appliance, so you do need to set that up
  • Not many issues or concerns
  • Aggregation
  • Filtering out the noise
  • Integration into our SIEM
  • This gave us better insight into our existing DNS logs
  • Better visibility into our AWS VPC flow logs
We use this in concert with Stealthwatch to help cut through the noise and get quicker drilldown times.

Do you think Cisco Secure Network Analytics delivers good value for the price?

Yes

Are you happy with Cisco Secure Network Analytics's feature set?

Yes

Did Cisco Secure Network Analytics live up to sales and marketing promises?

Yes

Did implementation of Cisco Secure Network Analytics go as expected?

Yes

Would you buy Cisco Secure Network Analytics again?

Yes

On of our use cases that we needed help with was around vulnerability data, netflow, and infrastructure logs all coming together to get anomaly detection. We are limited by what we can send to our SIEM, so seeing this do a lot of the leg work before we send it is very nice.

Comments

More Reviews of Cisco Secure Network Analytics