We performed a comparison between Cisco Secure Network Analytics and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution allowed us to not only get gain insight but also start collaborating with other tools."
"I value the feature which enables me to detect devices talking to suspect IPs."
"The solution has increased our threat detection rate. Cisco Stealthwatch has not reduced our incident response times. It has not reduced the amount of time it takes us to detect immediate threats. It has reduced false positives."
"It's easy to set up. The deployment takes one or two days. You need to collect the data from a device and then direct it to the portal."
"Overall, the implementation is very good."
"Using this solution has helped us to detect and identify viruses or malicious activity in the network early on."
"It has definitely helped us improve our mean time to resolution on network issues."
"The fact that it can identify down to an IP address of a system that is causing problems, or potentially causing problems, is very valuable."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"The log correlation is good."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"Technical support is knowledgeable."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"The stability of the RSA NetWitness Endpoint is very good."
"The GUI could use some improvement. Being able to find features more easily would be a great improvement if it was simplified."
"It hasn't really improved our direct detection rate but it has definitely reduced our incident response time as we wouldn't have been able to detect threats or immediate risks without this solution."
"We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too."
"One update I would like to see is an agent-based client. Currently StealthWatch is network based."
"Initially, I felt Cisco Secure Network Analytics lacked integration with Splunk."
"If they can make this product more web-based, that would be amazing."
"At my company, we might not be using it enough with other applications that we have that can integrate with it."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"The initial setup requires a high level of skill."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The solution lacks a reporting engine."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 58 reviews while NetWitness XDR is ranked 9th in Network Detection and Response (NDR) with 15 reviews. Cisco Secure Network Analytics is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Vectra AI. See our Cisco Secure Network Analytics vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.