Cisco Stealthwatch Competitors and Alternatives

Get our free report covering Darktrace, Splunk, Cisco, and other competitors of Cisco Stealthwatch. Updated: February 2020.
399,540 professionals have used our research since 2012.

Read reviews of Cisco Stealthwatch competitors and alternatives

Real User
Cyber Security Analyst at a financial services firm with 1,001-5,000 employees
Jan 13 2020

What is most valuable?

We mainly use it for the detection types, checking dark IPS or command-and-control traffic. We bought Recall so we can have more information. Recall is an addition onto… more»

How has it helped my organization?

It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things… more»

What needs improvement?

We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they… more»

What's my experience with pricing, setup cost, and licensing?

The license is based on the concurrent IP addresses that it's investigating. We are around $300,000 a year for three years. We have 9,800 to 10,000 IP addresses. There are… more»

Which solution did I use previously and why did I switch?

We decided that we wanted to have an alert within 30 minutes, which is doable with this solution. It fulfills our needs. However, we didn't have this before, so it has… more»

What other advice do I have?

Start small and simple. Work with the Vectra support team. The solution’s ability to reduce false positives and help us focus on the highest-risk threats is the tricky… more»

Which other solutions did I evaluate?

We investigated Darktrace, Vectra, and Cisco Stealthwatch. Darktrace and Vectra plus Recall were similar in my opinion. Darktrace was a bit more expensive and complex… more»
OseremeOsobase
Reseller
Director at Baverianvine
Aug 25 2019

What is most valuable?

The most valuable part of the product is the whole package. The features included in the Enterprise Immune System are complete and effective. Its detection engine is ridiculously good.

How has it helped my organization?

It helps us to reliably serve our customers with quick deployment of a durable, effective and intelligent product.

What needs improvement?

It is hard to really address what needs to be improved in the respect that it does everything I would expect of a superior solution. It is simple enough to use because the interface is quite simple, the setup is quick and painless — in only… more»

What's my experience with pricing, setup cost, and licensing?

I think that the price is quite fair and very good for this type of product and the features that the product provides.

What other advice do I have?

My advice to people and organizations considering this as a solution is: go buy it. They shouldn't waste their time fussing and looking around at other solutions. It works. I've done administrating for several years, and this is the one… more»
Real User
Network Engineer at a healthcare company with 1,001-5,000 employees
Jan 13 2020

What is most valuable?

* Being able to monitor VPN user traffic has been nice. * Being able to monitor interfaces, in general. * We do a little bit of reporting, but we're just getting into… more»

How has it helped my organization?

It helps us determine what is going on with our Internet and who is hogging it all up. If we get a real high throughput or a throughput that's going over and getting… more»

What needs improvement?

I wish the reporting side was easier to work with, but it does a decent job. I also wish the reporting side was a little more intuitive or they offered more reporting… more»

What's my experience with pricing, setup cost, and licensing?

There are no extra costs. It's about $8,000 a year. The bang for the buck (cost) is definitely a plus. They gave us a 30-day license. We did a 30-day demo. We installed… more»

Which solution did I use previously and why did I switch?

We have Splunk, but Splunk doesn't give us the type of info that this does. Splunk is really clunky and hard to use. We still have Splunk, but we use it more as a security… more»

What other advice do I have?

I would rate it an eight (out of 10).

Which other solutions did I evaluate?

The solution has been around for a while. The monitoring of our firewalls was the driving concept for choosing it. They did well with demonstrating that ability. We… more»
Real User
Security Analyst at IT Convergence
Mar 19 2019

What is most valuable?

The ability to centrally manage all the IPS sensors, track the different security events generated by it, and customize the different policies, depending on their… more»

How has it helped my organization?

We feel safer now. We are currently enhancing all of our network security. The IPS has proven that it can find events and items, which previously went under the radar. We… more»

What needs improvement?

I would like the ability to apply more filters or better customize reports in order to display information in a readable way. That would be nice.

What's my experience with pricing, setup cost, and licensing?

I did not handle the purchasing, but I believe it cost $15,000. There is an additional support fee, but I don't know how much it is.

Which solution did I use previously and why did I switch?

This is our first IPS technology that we deployed in our EDGE network. We are users of other McAfee tools. We wanted everything to be able to talk to each other. We want… more»

What other advice do I have?

This product is helping us grow, as we have a newly created security operations team.

Which other solutions did I evaluate?

We also looked at Cisco and Palo Alto. The centrally managed solution allows for control of the tool and policies in a more straightforward manner. I would imagine other… more»
Samuel-Akindele
Consultant
Consultant at a tech services company with 201-500 employees
Oct 08 2019

What is most valuable?

The solution offers a feature to show which traffic is the highest on the network, and which traffic is the lowest. There's also a feature that scans incoming and outgoing traffic, and one feature that is able to flag a suspicious IP… more»

How has it helped my organization?

There have been updates to the solution recently that have ramped up protection. Before this, we had a lot of hacks on the network, specifically in the cloud environment. After the proper implementation of that product, we've not had one… more»

What needs improvement?

The solution needs to improve Reverse DNS functionalities. Right now, when you check the IP address, it tells all. It assumes that that IP address is locally available on the inside. When the request is going back to me it's supposed to do… more»

Which solution did I use previously and why did I switch?

We've previously used Cisco, Salesforce, and Fortinet. We last used Salesforce, and we mainly switched due to the cost of the solution.

What other advice do I have?

We use both the cloud and on-premises deployment models. I'd rate the solution eight out of ten.
Get our free report covering Darktrace, Splunk, Cisco, and other competitors of Cisco Stealthwatch. Updated: February 2020.
399,540 professionals have used our research since 2012.