We performed a comparison between Cisco Secure Network Analytics and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Stability is the most valuable feature we have seen in this solution."
"The most valuable feature of this solution is data hoarding because it catches threats on a frequent basis that we had no idea of."
"It's a dependable product that is able to pinpoint where we have vulnerabilities if they occur."
"Being able to identify specific date closed across the network is invaluable."
"The most valuable part is that Stealthwatch is part of a portfolio of security devices from Cisco. Cisco literally can touch every single end point, every single ingress and egress point in the network. Nobody else has that."
"It is a good application, providing for real-time monitoring of the organization of data. It can basically identify points of peak traffic where possible issues are being caused."
"The fact that it can identify down to an IP address of a system that is causing problems, or potentially causing problems, is very valuable."
"From a security standpoint, it is just seeing pockets as well. Visibility is very key for us."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"It is stable. We have been using it for some time, without any issues."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"This solution allows us to locate the malware in real-time."
"Ability to isolate the machine when there are malicious files."
"The log correlation is good."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"We've had problems with element licensing costs so scalability is a concern."
"It hasn't really improved our direct detection rate but it has definitely reduced our incident response time as we wouldn't have been able to detect threats or immediate risks without this solution."
"Cisco Stealthwatch needs more integration with device discovery. We have to do a lot of hard work to figure out what things are. Better service integration is required."
"We've run into some issues with the configuration."
"The usability of this solution needs to be improved."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"Many of these tools require extensive on-premises hardware to run."
"The overall visibility into the actual device itself would be helpful. I don't just want support-specific data, but also to be able to see information such as CPU and other internal components or usage of the devices."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"Threat detection could be better."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The contamination feature could be improved."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 58 reviews while NetWitness XDR is ranked 9th in Network Detection and Response (NDR) with 15 reviews. Cisco Secure Network Analytics is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Vectra AI. See our Cisco Secure Network Analytics vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.