We performed a comparison between Cisco Secure Network Analytics and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Zabbix, Datadog, Auvik and others in Network Monitoring Software."We can manage the entire system across the network and troubleshoot the pain points."
"It has improved our internal knowledge of what's going on with the network, and that's helpful."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"The solution reduces the amount of time it takes to detect and remediate threats."
"The feature most valuable for us is to gain visibility of what is actually floating through, so we can stop it based on whether it's good or bad traffic."
"I value the feature which enables me to detect devices talking to suspect IPs."
"The fact that it can identify down to an IP address of a system that is causing problems, or potentially causing problems, is very valuable."
"The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now."
"The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"The most valuable feature is the hunting ability to work in a CERT."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"Performance and reporting are very good."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The Wi-Fi side needs improvement."
"The usability of this solution needs to be improved."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"Complexity on integration is not so straightforward and you really need an expert to help build it out."
"It's too complicated to install, when starting out."
"The ability to be natively integrated into Port Aggregator would be beneficial because it would reduce just one more component that's needed in order to have that type of view."
"Stealthwatch is still maturing in AI. It uses artificial intelligence for predictions, but AI still needs to mature. It is in a phase where you get 95% correct detection. As its AI engine learns more, it will become more accurate. This is applicable to all the devices that are using AI because they support both supervised and unsupervised machine learning. The accuracy in the case of supervised machine learning is dependent on the data you feed into the box. The accuracy in the case of unsupervised machine learning is dependent on the algorithm. The algorithm matures depending on retrospective learning, and this is how it is able to detect zero-day attacks."
"There's a lot of traffic on our network that we don't see sometimes."
"I would like to see it better organized when I'm looking at it."
"Security needs improvement."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The log system is a bit complex and has room for improvement."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"More customizability is required, which is something that they need to improve on."
"The user interface is a little bit difficult for new users and it needs to be improved."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Cisco Secure Network Analytics is rated 8.2, while NetWitness Platform is rated 7.4. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Trellix Network Detection and Response.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.