Cisco Secure Network Analytics Reviews

Our primary use case is for it to run our call center 24/7 365 days a year. 

There's a lot of stuff on the new version we haven't had the chance to work with yet. 

We're trying to upgrade to the newest release. We're running a version that's three versions behind. 

So far we've had a good experience with stability. We've run into some issues with the configuration. 

It's not scalable due to our own implementation. Everything that I read though, indicates that it can be scalable. 

Most of the engineers I've worked with have been really good. Very knowledgeable and easy to work with.    

We've used Cisco for around ten years. Prior to that, we were using Nortel. We had a relationship with a Cisco account manager prior to the collaboration products. 

We had engineers that set it up. There were some problems that Cisco support came to fix. 

I would rate it an eight out of ten. 

Check the vendors and the options out there to see how they can meet your needs. 

I value the feature which enables me to detect devices talking to suspect IPs.

We can now see what is going on in our network.

We need to be able to filter out internal IPs as non-threats.

We have been using the product since 2008.

We did not encounter any issues with stability.

We did not encounter any issues with scalability.

The technical support is good.

We did not use any other solution previously.

The initial setup was relatively easy, though different devices need different configurations for the flow exports.

It is worth the cost.

We evaluated Arbor.

Get it in and see what you can see!

SMC and FC, though they are components, not features.

Most valuable features are the network maps and server and network response time. Maps is a unique feature which provides logical grouping of different segments of the network with complete visibility and alerting based on a total or protocol base as per defined threshold. So, one can check how many connections to the server and/or on the protocol, and who is consuming the most bandwidth. This is done, while the server and network response time provide quick identification of root cause of slow response from the server.

Provided complete network visibility and made troubleshooting easy.

I have used Cisco Stealthwatch for four to five years: versions 5.0 to 6.22.

Yes. The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure.

No.

Very good.

No, we did not use a different solution.

Straightforward.

Pricing is much higher compared to other solutions.

Yes, SolarWinds.

It is a good product. I don't see any matching product with level of detailed information.

Our primary use case for Cisco Stealthwatch is to ensure net flow.

Cisco Stealthwatch provides the solutions analytics and threat detection capabilities that I am looking for. It has also improved the network visibility of our organization. 

The most valuable feature of this solution is that it give us insight into what's happening in our network. 

I don't really think we really save time while using this solution.

Cisco Stealthwatch is quite stable.

It all depends on the platform you are using, but I think it is pretty scalable.

The configuration of the solution was quite complex so I won't say that it is straightforward to set everything up.

We used a vendor, Cisco, for implementation. 

I believe ROI will take around a year.

We also look at Red Hat.

I will rate this solution a five or six out of ten because I do believe it is beneficial to our organization. I will recommend others to use endpoint management.

The Cisco IOS is very important because that is what we have to teach our students.

There are already many functionalities, so I don't think there is anything to improve. Its the best one on the market I have seen.

It's scalable, there are many models that we can use for a small network. Cisco offers the scalability that we need. We have about eighty students, and all the students have to do some training on it. We have plans to increase the usage of Cisco.

I think in order to master the network security issues it's complex. The deployment took a week or so.

I think that maybe we need more products for our students to try and to master. It's part of their learning.

I would rate this solution as nine or ten out of ten.

We are a system integrator and I have implemented this solution for one of our customers.

This solution is normally used for anomaly detection and malware detection.

It is deployed on-premises.

The organization now have a better overview how their traffic is flowing.

The most valuable feature is anomaly detection, where it finds things that are not allowed internally.

The usability of this solution needs to be improved.

The initial setup of this solution can be simplified.

The stability of this solution is good.

We have three people who are using this solution.

I would rate technical support for this solution highly.

We used Darktrace before.

The initial setup of this solution is complex.

My advice for anybody who is implementing this solution is to know the whole infrastructure before beginning. Also, before starting, you have to know about the licensing of the equipment.

I would rate this solution an eight out of ten.

There's nothing like it and a dream to operate, very intuitive. The most valuable feature is NetFlow. The beginning of any security investigation starts with NetFlow data.

Easily identifiable anomalies that you can't see with signature detections.

I am so familiar with the product I would say none. Lancope has always listened to customer input for product enhancements. One update I would like to see is an agent-based client. Currently StealthWatch is network based. A local agent could help manage endpoints.

12 years.

No.

No.

I've known those guys for a long time. They are completely familiar with their product.

No.

Very straightforward. They helped in every step of the installation.

Licensing is done by flows per second, not including outside>in traffic.

I have tried the Sourcefire solution but StealthWatch wins because of ease of use.

Go for it. Also great for your network segmentation project.

My customers buy Stealthwatch for traffic analysis. 

Cisco could improve the administration for the customers.

I have been selling Stealthwatch for one to two years. 

I haven't heard from my customers that they had any problems with stability. 

It's easy to set up. The deployment takes one or two days. You need to collect the data from a device and then direct it to the portal. 

I would rate Stealthwatch a nine out of ten. To make it a ten, Cisco should offer more training.