Cisco Secure Network Analytics Benefits

JT
Development Manager at a healthcare company with 10,001+ employees

Cisco Secure Network Analytics has increased the visibility of what is happening in our network, and I think that's the most important reason to use it. We can see what is really happening instead of just looking at numbers from routers or switches.

View full review »
DB
Assistant Director of IT at University of Rochester Medical Center

This solution allows us to be more agile when it comes to troubleshooting our NetFlow and our network systems.

Using the Cognitive Analytics feature, we have complete visibility that we didn’t have before. We have a higher level of visibility for our systems and structures.

It has reduced our incident response time. 

View full review »
Richard Payne - PeerSpot reviewer
Senior Cyber Scientist at a government with 10,001+ employees

I think Cisco Secure Network Analytics improved our organization quite a lot. Prior to deploying it, we did not use anything, so, with it, we have gone from nothing to something. This has been a humongous leap in a way. The solution allowed us to not only get gain insight but also start collaborating with other tools. 

Cisco Secure Network Analytics helped our organization save time. I think having things like our automated analysis built into our network means we don't have to do as much threat-hunting. We still need to do a bit of threat hunting, but as long as we got the automated tools, if an alert comes in, then we can focus our activity on it. We would verify it as a false positive or true positive and then do the remediation steps from there. Rather than having to continuously look through just raw data and make the decision ourselves.

View full review »
Buyer's Guide
Network Monitoring Software
March 2024
Find out what your peers are saying about Cisco, SolarWinds, NETSCOUT and others in Network Monitoring Software. Updated: March 2024.
765,386 professionals have used our research since 2012.
Rainier S. - PeerSpot reviewer
Head of Integration Engineering / Enterprise Technology & Innovation at a healthcare company with 10,001+ employees

Our company is global and has various manufacturing plants over the globe along with branches. What we have found from a productivity policing perspective is we have had some of these locations abuse their on-net circuit. They will put it on Netflix and go watch movies when they are not supposed to, and we could not stop it. Unfortunately, we did not know what was going on. In the past, what we used to do was live and work with it. Thus, the company increased the circuit, and we were spending more, not knowing why. 

When Stealthwatch finally came in, we were able to look into that pocket and  flow, saying, "They are going to Facebook. They are going to YouTube. They are going to Netflix." 

Based on other solutions that we had in place (Sourcefire, etc.), we were able to block the center accessing these type of features and apps. This brought down the circuit utilization significantly, then we were able to recoup costs. It saved a lot of money bringing down the circuit. Now, it is not abused anymore.

View full review »
RH
Network Operations Manager at Philips Electronics

The solution's ability to detect threats and provide remediation greatly improved our company.

Increased network visibility so that we can see where the problems are is great. When we had a virus outbreak internally, we were able to pinpoint where it started.

Stealthwatch doubled our threat detection rate, while halving our incident response time and the time it takes us to detect and remediate threats.

It has also reduced false positives by about 5%.

Stealthwatch saves us time, money, and administrative work.

View full review »
TB
Senior Director of Architecture and Engineering at Trace3

The network visibility feature opens up a whole new pane of glass that didn't exist before, so when you talk about being able to look into your network and understand what's there for security events, impostering, and everything that Stealthwatch can bring to the table, there's nothing else that a typical customer's going to have installed today that will give them any of that information.

Stealthwatch has definitely increased our threat detection rate. I would say on average probably close to 100%. Especially in the market that we play in, which is largely commercial, a lot of customers are just getting into this, so they literally had nothing and now they have a lot.

It has also reduced our incident response time and the time it takes us to detect and remediate threats, at times by months. In addition, Stealthwatch has helped us reduce false positives.

Stealthwatch helps us save time, money, and administrative work. If you talk about a simple security event that a customer has to react to if they don't have the visibility you don't find out about it until something even worse happens. For example, somebody worked to get into your financial systems and they were somehow siphoning money out, not only did they get in and you didn't detect that, but now money is disappearing out of your account. So the ability to detect that threat immediately and remediate it is the true value of that reliance.

View full review »
JS
Manager at Indiana University Health

Stealthwatch has greatly improved our network visibility, in terms of bandwidth, malware, and PCI violations.

It has increased our threat detection rate, by around 100%. Stealthwatch has also reduced the time to detect and remediate threats, as well as saves us time. We're using it for bandwidth detection, so that's helped. In addition, we use the solution's encrypted traffic analytics and cognitive analytics.

View full review »
AA
Director Network Services at a consultancy with 1,001-5,000 employees

This solution has helped to save us against threats, and issues. Regarding threats, we have been able to go out and mitigate some of them.

Ironically, if we consider it from the standpoint of “searching for an issue”, while it does save us time, it also provides us with more threats and issues that we would not be able to see without the product. In this regard, it also increases the work. With more threats being detected, it takes longer to examine them.

In terms of detection rate improvement, we have a lot more visibility than we’ve had in the past.

It has reduced the amount of time it takes to detect and remediate threats. It has also reduced false positives.

View full review »
BS
Director of Network and Telecom Services at a healthcare company with 10,001+ employees

It's a dependable product that is able to pinpoint where we have vulnerabilities if they occur.

View full review »
JD
Enterprise Information Security Architect at a agriculture with 5,001-10,000 employees

It has definitely helped us improve our mean time to resolution on network issues.

From a security perspective, I think they've been good as far as giving us knowledge.

I wouldn't say it's really transformed what we do. It's just another tool that gives us the information we need or helps alarms for us. But it only alarms on a handful of things. I think there are six or eight alerts that we've deemed critical.

Beyond that, it's just mostly the performance where I think it helps out. But that's like any NetFlow performance tool. Having insight into what's going across your network is critical for any huge network to function correctly.

View full review »
EF
Network Manager at a financial services firm with 1,001-5,000 employees

Stealthwatch has decreased our troubleshooting steps and also cut down on the amount of time it takes us to resolve an issue.

We're able to map out our environment using Stealthwatch and we can see where our data is going, throughout our network.

Stealthwatch reduced our incident response rate, as well as the amount of time it takes to detect and remediate threats by about 25%.

This solution saves us time, money, and administrative work.

View full review »
SG
Engineer at Charter Communications, Inc.

Being able to see the actual data flows transiting the network versus what we had planned is a great sanity check for our overall design planning. It is also useful to be able to make sure that we track the load that we anticipate.

The core reason we purchased this product was to increase our visibility of where the traffic sources and destinations were, as opposed to just raw data that is on the interface.

Stealthwatch has also reduced 10% of false positives. We're kind of limited to the deployment of Stealthwatch right now.

It saves us administrative work and design. 

View full review »
AR
Technical Consultant at a tech services company with 501-1,000 employees

We are a reseller, and we are able to show demos of this solution pretty quickly. It gets people really excited.

The network visibility has vastly improved for the organizations that I assist with their services. Generally, they do not have lateral visibility into their network. We come in and deploy Cisco ISE, which helps them segment, but they still can’t prove what is going on. Now, with this solution, they have the ability to not only show what a user has tried to do, but they can show where inside of the network it was stopped. From that point, they have verification and can take action.

Our customers are happy with the threat detection rate. I would estimate that it has increased by eighteen to fifty-two percent. This solution definitely improves the incident response time. We always try to help our customers understand this advantage.

It has reduced the amount of time it takes to detect and remediate threats. I’d imagine that it makes it faster for most of our customers. A lot of them spin their wheels trying to get this information out of there, but they don’t actually see the value until they realize that the right search will show the flow immediately. It gets those answers to them quickly.

It helps with the administration. When it comes to creating documentation, you can export those things and paste them onto the back of the report.

I would say that the time to value is approximately a week. It takes this long because the machine learning component has to learn your network first.

View full review »
AM
Senior Consultant at a manufacturing company with 10,001+ employees

We are currently adding test cases for the solution and it is not yet in a live production environment.

View full review »
RU
Network Architect at Henry Ford health system

The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now.

We use cloud threat analytics. We don't use the cloud engine. Intrusion detection and analytics have been good so far. We haven't caught anything crazy yet. We're still eyeing it.

View full review »
SJ
IT Network Engineer at a logistics company with 10,001+ employees

It has improved the processes for mitigating any risk that might be. So when we find traffic that we don't want to allow, then it makes it easy to actually investigate where the traffic was and then we have the history as well.

This solution has improved network visibility a lot. We have a thousand sites around the world. So trying to figure out how the users are using the network is not an easy job. By using Stealthwatch, we are actually able to get the visibility of what they're using and also to get some kind of insights into patterns that they are having. For example, browsing YouTube, Facebook, and so forth.

Stealthwatch increased the threat detection rate, but not our incident response time.

It has also reduced the amount of time it takes us to detect and remediate threats, by about 20%.

View full review »
ER
Forensic Analyst at a pharma/biotech company with 1,001-5,000 employees

This tool provides another method for security analysts to triage security alerts. The artifacts available in the tool provide better information for analyzing network traffic. 

View full review »
JC
Chief Technology Officer at a tech services company with 51-200 employees

The solution has been beneficial because it's cut down the amount of time involved in doing complex scenarios and research. It's the virtual tap capability that enables you to get into the environment and see the traffic.

View full review »
UN
Director of Operations at a manufacturing company with 1,001-5,000 employees

Our network visibility is pretty significant right now, where we use it within our data centers and even on the OT side of the house. It’s given us pretty good visibility.

This solution has increased our threat detection rate by forty to sixty percent.

Using this solution has helped us to improve threat-remediation timeframe.

It has reduced your incident response time. We use the solution's encrypted traffic analytics. It has significantly improved our capabilities. 

View full review »
FK
Architect at Atea A/S

This solution gives our customers better visibility. They have a large infrastructure and they don't know what is going on in the individual locations, so we're using Stealthwatch for that.

It has reduced our incident response time by around forty percent.

It saves time, money and administrative work for our customers.

View full review »
MG
Network Operations Manager at a tech company with 10,001+ employees

This product alleviates the day-to-day headaches for us, in regards to metrics. In terms of network visibility, the way we were looking at it before was kind of archaic. This solution has definitely opened up the metrics, as far as reporting is concerned.

This savings brought about by implementing this solution has allowed us to cut one position.

It has increased our threat detection rate and it has reduced our incident response time by ten to fifteen percent. 

View full review »
KP
Security Analysist at Amwins Group

It has improved our internal knowledge of what's going on with the network, and that's helpful. Overall we like the product, I'm just not sure it's giving us everything that we can really get out of it right now.

View full review »
JC
Lead Network Engineer at a retailer with 1,001-5,000 employees

Stealthwatch improved our organization by providing more information so we can be proactive with security analysis.

It's made our network visibility better. The more information that we can give is all for the best. Just allowing us to get more information and visibility is also helpful.

I would say it has increased our threat detection rate. We use it to count employees and we have some new places we use it, so this may have increased.

It may have reduced the time to detect and remedy threats a little.

It has reduced false positives, by around 15%. That would be the security numbers, I'm not aware of the exact numbers.

I'm sure Stealthwatch saves us time, money, and administrative work.

View full review »
WR
Network Engineer at a government with 1,001-5,000 employees

We recently got a security team. They've been more hands-on. They are not intuitive to networks. 

Cisco Stealthwatch is good at bridging the gap between what they're capable of doing and the knowledge that they need. That generally comes from the networking side.

View full review »
CK
Manager, Network Engineering & Telecommunications at a healthcare company with 1,001-5,000 employees

In terms of how this solution has affected network visibility, we're finding devices that junior network engineers, people who don't want to wait for proper channels, have added to the network. This solution enables us to find them and shut them down. 

It has reduced our incident response time. We can now narrow down where incidents are happening, so it very helpful for our organization.

View full review »
BG
Manager of Digital Communications at Memorial Hermann Healthcare System

Our limitation is that Cisco Stealthwatch doesn't have visibility over everything. When we can use it, it gives us direct information. We use this information not only for analyzing security threats but as well as just for general network performance in the places it has view of.  

The solution affected network visibility in our organization fairly well. Without it, I have almost no visibility. It requires me to send people to different sites to manually get captured or to look at the network.

The solution has increased our threat detection rate. Cisco Stealthwatch has not reduced our incident response times. It has not reduced the amount of time it takes us to detect immediate threats. It has reduced false positives.

View full review »
JM
Sr Network Engineer at a insurance company with 5,001-10,000 employees

Being able to graph and show data to management has improved our organization. We can show the data to the higher-ups. It shows them that it's picking up on these anomalies and doing its job.

It has reduced our incidence response time by around 30%. The solution has improved our efficiency in operations around 30% through basic cost-cutting. It has reduced the amount of admin support time by around 15%.

View full review »
SD
Network Manager at a healthcare company with 1,001-5,000 employees

This solution has improved my organization because when I have users who are having issues with patching slowness it gives me the ability to be able to proactively troubleshoot and determine what the issue is.

View full review »
JQ
Network Manager Administrator at a financial services firm with 501-1,000 employees

Let's say a certain service is functioning properly and then out of nowhere this morning we started getting a lot of user complaints from the customers. We basically run the analytics against some specific goals and check what host and course the traffic is being processed through. We can monitor the traffic in real time from the moment of the issue to past months in order to see the flow of data and when exactly it spiked. We can then drill down to the root cause of the spike.

Network visibility also affected our organization in a positive manner. We wanted to track down traffic for specific goals. We just type it in the search bar and drill down to the top conversations of the period. We can see what ports are being utilized and whether there were clients and hosts that were talking to each other.

This solution has also increased our threat detection rate, by around 25-30%. An example would be that it provided a better posture in our internal network.

Stealthwatch has definitely reduced the incident response time. Whenever there's an issue, before we got Stealthwatch, we would have to go into multiple applications and gather data to pinpoint the issue. But with Stealthwatch, it's really up to us to pinpoint a time frame, specific host, or something like that. The response time is now about 50% faster.

Troubleshooting is now only minutes instead of a couple of hours that it took before we used this solution.

We also reduced a good amount of false positives and saved some time. It used to take a couple of hours to identify what the issue was, but with Stealthwatch we can find it within minutes.

View full review »
DK
Network Engineer at UC San Diego Health System

Cisco Stealthwatch helps us in finding unknown traffic, allowing us to audit the network and make sure things that are happening that we are expecting to happen. 

I am a little versed about the solution's analytic and threat detection capabilities, even though it is pretty good. I know that we use it to validate that there's no east/west traffic. So that's been beneficial to us because we have things in place preventing that, and it's our way of proving it has actually happened. We haven't started using it for cloud protection or any analysis yet.
This solution has definitely also reduced our incident response time because we had no visibility before. We can detect and remediate threats much faster now. 

View full review »
RF
Senior Network Engineer at a comms service provider

This solution has improved our organization because it allowed us to find a lot of stuff we could look deeper into, like strange traffic patterns, and clean it up. It hasn't really improved our threat detection rate but it has definitely reduced our incident response time as we wouldn't have been able to detect threats or immediate risks without this solution. It has also reduced false positives. 

View full review »
JW
Network Administrator at a mining and metals company with 1,001-5,000 employees

Cisco Stealthwatch has improved our organization's analytics and threat protection capabilities by catching threats early on. We are still at the baselining stage, but I can also say that our organization improved dramatically when we found out that a host was constantly talking to an FTP server. It turned out to be an employee that was going to be terminated and he was trying to pull data from the FTP server constantly. He pulled three or four GBs and we caught it with this tool. It saved us a net fortune.

The solution has also increased our threat detection rate dramatically and that gives us time to remediate those threats.

View full review »
AM
Associate Director Network Services at a pharma/biotech company with 10,001+ employees

Stealthwatch increased our threat detection rate a little bit, as well as our incident response time. It also reduced the amount of time it takes us to detect and remediate threats.

The cognitive analytics really helps us analyze the traffic.

View full review »
MP
Senior Security Engineer at a tech services company with 501-1,000 employees

Cisco Stealthwatch has improved our organization because it has brought visibility that we didn't have previously before implementing it. We have information about all of the devices on the network, which include network devices, such as routers, firewalls, et cetera, and endpoint devices, such as users' laptops or servers. The information that we can receive includes what network traffic the user processes. For example, what network traffic gets to our servers and the network traffic that originates from our laptops and user machines.

We have a better understanding of the network which allows us to tweak our security policies from the information we receive.

View full review »
JC
Service Engineer at a tech company with 10,001+ employees

Using this solution has helped us to detect and identify viruses or malicious activity in the network early on. It has definitely given us more insight because it's a lot easier to check Stealthwatch's logs than to log into a router and do a bunch of show commands. I would say that it has at least doubled our protection rate. 

Since we started using this solution, we've been saving time, money and administration work. It is now much easier to log into Stealthwatch and see what I want to see rather than logging into a router and checking everything out. The administration is also much less because everything's right there for me.

View full review »
it_user735195 - PeerSpot reviewer
Senior Information Security Engineer at a transportation company with 10,001+ employees

Provides easily identifiable anomalies that you can't see with signature detections. 

View full review »
SA
Network Section Chief at a government with 1,001-5,000 employees

We're still deploying it across our enterprise. A lot of our data analytics are still in the making.

View full review »
LW
Network Engineer at a tech services company

It has improved my organization's network visibility from zero because before we had installed this solution, we weren't doing anything to protect us from threats. I believe this solution has reduced our incident response time. 

View full review »
it_user631224 - PeerSpot reviewer
Information Security Analyst at a non-profit with 1,001-5,000 employees

We can now see what is going on in our network.

View full review »
it_user734160 - PeerSpot reviewer
Senior Technical Consultant

Provided complete network visibility and made troubleshooting easy.

View full review »
RH
Sr. Network Engineer at a tech services company with 10,001+ employees

Cisco Stealthwatch provides the solutions analytics and threat detection capabilities that I am looking for. It has also improved the network visibility of our organization. 

View full review »
JH
Chief Consultant at a tech services company with 11-50 employees

The organization now have a better overview how their traffic is flowing.

View full review »
it_user735216 - PeerSpot reviewer
Highly motivated Security Engineer incident Response, Vuln Mgmt, Malware Analysis, IDS/IPS, DLP, Network Security +more at a transportation company with 10,001+ employees

Easily identifiable anomalies that you can't see with signature detections.

View full review »
Buyer's Guide
Network Monitoring Software
March 2024
Find out what your peers are saying about Cisco, SolarWinds, NETSCOUT and others in Network Monitoring Software. Updated: March 2024.
765,386 professionals have used our research since 2012.