Cisco Stealthwatch Review

Offers better network visibility and has reduced incident response time

What is our primary use case?

The primary use case for Cisco Stealthwatch is for us to sell it. 

How has it helped my organization?

It has improved my organization's network visibility from zero because before we had installed this solution, we weren't doing anything to protect us from threats. I believe this solution has reduced our incident response time. 

What is most valuable?

The features I find most valuable about Cisco Stealthwatch its integration with the pxGrid and all of our other devices that are tied in with pxGrid, so they can communicate with each other and be able to dynamically change, quarantine a suspicious device, or do whatever necessary in case of a malware attack or similar problem.

What needs improvement?

Considering all the data on the network, I believe that the analytics of Cisco Stealthwatch are pretty decent. I would like to see it better organized when I'm looking at it. If I hand it to another NOC engineer, they may not know what they're looking at, so I would prefer it to be more clean and structured, making it easier to use.

For how long have I used the solution?

We are currently also using AMP and a few other Cisco products to assist us with threat protection and it's only been running for a couple of months.

What do I think about the stability of the solution?

This solution is very stable.

What do I think about the scalability of the solution?

I believe there isn't much to scale for it and I think it all depends on how many nodes you're running in the environment. I will say the scalability is fairly decent.

How are customer service and technical support?

I haven't had to use technical support yet. I've only read through the pages of documentation.

How was the initial setup?

The initial setup was a little complex since I haven't set it up before. 

What was our ROI?

It is hard to say yet, but at least we can tell customers that we've detected a threat, and it can be stopped in time.

What's my experience with pricing, setup cost, and licensing?

For our organization, it is cheap, but for other customers, it may be fairly expensive. 
As we are resellers of Cisco Stealthwatch, we hope to save time, money, and administrative costs once we start selling more of these solutions.

Which other solutions did I evaluate?

I am responsible for the security of our organization's devices, so I did look at other options. Since this solution ties into other products, I wanted to use Duo Security and tie that together with StealthWatch.

What other advice do I have?

I will rate this solution a seven and a half or eight out of ten. This is mostly due to our exposure and having customers relying upon us to only look at it, as well as the layout. 

My advice to others would be to go for it, play around with it and see what you like about it. If you don't like it, move on to something else, but at least try it first.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Sign Up with Email