Cisco Stealthwatch Review

NetFlow data is the beginning of any security investigation, very easy to use

What is most valuable?

There's nothing like it and a dream to operate, very intuitive. The most valuable feature is NetFlow. The beginning of any security investigation starts with NetFlow data.

How has it helped my organization?

Easily identifiable anomalies that you can't see with signature detections.

What needs improvement?

I am so familiar with the product I would say none. Lancope has always listened to customer input for product enhancements. One update I would like to see is an agent-based client. Currently StealthWatch is network based. A local agent could help manage endpoints.

For how long have I used the solution?

12 years.

What do I think about the stability of the solution?


What do I think about the scalability of the solution?


How are customer service and technical support?

I've known those guys for a long time. They are completely familiar with their product.

Which solution did I use previously and why did I switch?


How was the initial setup?

Very straightforward. They helped in every step of the installation.

What's my experience with pricing, setup cost, and licensing?

Licensing is done by flows per second, not including outside>in traffic.

Which other solutions did I evaluate?

I have tried the Sourcefire solution but StealthWatch wins because of ease of use.

What other advice do I have?

Go for it. Also great for your network segmentation project.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Cisco Stealthwatch reviews from users
...who work at a Healthcare Company
...who compared it with Darktrace
Add a Comment