What is our primary use case?
We use Cisco Stealthwatch for security and network analytics. The solution saves you time, money, and administrative work. If we have the device support, it means that I don't have to send someone in a car to go to be local on the site and look at whatever the issue is.
How has it helped my organization?
Our limitation is that Cisco Stealthwatch doesn't have visibility over everything. When we can use it, it gives us direct information. We use this information not only for analyzing security threats but as well as just for general network performance in the places it has view of.
The solution affected network visibility in our organization fairly well. Without it, I have almost no visibility. It requires me to send people to different sites to manually get captured or to look at the network.
The solution has increased our threat detection rate. Cisco Stealthwatch has not reduced our incident response times. It has not reduced the amount of time it takes us to detect immediate threats. It has reduced false positives.
What is most valuable?
The analytics and threat detection capabilities of Cisco Stealthwatch are pretty good. It gives us good visibility of the information. It is easy to use and to the point.
What needs improvement?
The ability to be natively integrated into Port Aggregator would be beneficial because it would reduce just one more component that's needed in order to have that type of view.
What do I think about the stability of the solution?
I've never known it to go down or have availability issues.
What do I think about the scalability of the solution?
Cisco Stealthwatch is scalable with money. It's expensive.
How are customer service and technical support?
I haven't dealt with Cisco customer service directly.
How was the initial setup?
The initial setup was before I was at the company. It was over six years ago.
What about the implementation team?
We used an integrated reseller for the deployment called Set Solutions. Our experience with them was pretty good.
What other advice do I have?
On a scale from 1 to 10, I would rate this product an 8. Whenever we've used it, it has been effective. It does come with a large price tag.
The biggest lesson I learned from using this solution is that when the initial intent to deploy Stealthwatch was put in, it was the security team. They were working completely independent of the network, voice, and data center restructure teams.
It wasn't a cohesive effort for everyone who might use the tool. Maybe it didn't get implemented in a way that would have maximized the benefit for the organization as a whole.
Think holistically and view the big picture. Start small, but begin with the end in mind of having the final vision of where you want to get to.
Disclosure: I am a real user, and this review is based on my own experience and opinions.