Cisco Stealthwatch Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Consultant
Consultant at a healthcare company with 1,001-5,000 employees
Mar 26 2018

What is most valuable?

Visibility. The ability to look East and West. To see what is passing through your circuits, where it is coming from, and how big it is. This is pretty key for us. It is… more»

How has it helped my organization?

Our company is global and has various manufacturing plants over the globe along with branches. What we have found from a productivity policing perspective is we have had… more»

What needs improvement?

In the last year or two, we have been working with our Cisco NAS engineers to improve our security posturing. It is more our being proactive rather than reactive. While… more»

What's my experience with pricing, setup cost, and licensing?

Today, the company is part of the big Cisco ELA, and it is a la carte. We can get orders for whatever we want. At the end of the day, we have to pay for it in one big… more»

If you previously used a different solution, which one did you use and why did you switch?

We used Riverbed, and it is probably still around as some people can't let go of their old tools. When we saw what Lancope can do, not just from a visibility perspective… more»

What other advice do I have?

Come up with a template, then choose a center, choose a region, choose a plant, etc. Figure out how you want the deployment to go, then replicate it. Turn it into some… more»

Which other solutions did I evaluate?

The only other option was the one we were using at the time, which may not even be comparable because of visibility, and that was Riverbed. Riverbed was extremely… more»
Travis Bugh
Real User
Senior Director of Architecture and Engineering at Trace3
Jun 25 2019

What is most valuable?

The most valuable part is that Stealthwatch is part of a portfolio of security devices from Cisco, so while some of the competition may have other products that could be better or provide a better administrative experience, they don't have the breadth that Cisco does. Cisco literally can touch every… more»

How has it helped my organization?

The network visibility feature opens up a whole new pane of glass that didn't exist before, so when you talk about being able to look into your network and understand what's there for security events, impostering, and everything that Stealthwatch can bring to the table, there's nothing else that a… more»

What needs improvement?

I don't have a specific feature request, but my big push with Cisco has always been to make it easier for the administrators to use it. If you look at other products that they've been really successful within software space like Meraki, it's because a customer can jump right in and use it on day one… more»

What other advice do I have?

Everybody should have something in this case, because end users are always going to get you in a little bit of trouble. You have people that are executing social engineering attacks, and this will help prevent some of that from entering your network and your environment. The biggest lesson I've… more»
Find out what your peers are saying about Cisco, Darktrace, Vectra AI and others in Intrusion Detection and Prevention Software. Updated: October 2019.
372,124 professionals have used our research since 2012.
Consultant
Technical Consultant at a tech services company with 501-1,000 employees
Jul 09 2019

What is most valuable?

The most valuable features are encrypted threat analysis and the ability to run jobs on entire flows. The reporting feature is helpful for creating documentation because… more»

How has it helped my organization?

We are a reseller, and we are able to show demos of this solution pretty quickly. It gets people really excited. The network visibility has vastly improved for the… more»

What needs improvement?

I would like this product to have better integration with Cisco Firepower. That is the easiest way to pair. Eliminating Java from the SMC would improve this solution. It… more»

What's my experience with pricing, setup cost, and licensing?

This solution is expensive. Our fees are approximately $3,000 USD.

If you previously used a different solution, which one did you use and why did you switch?

We did not use another solution prior to this one. It was like the wild wild west. We set this up in our lab because the internal IT couldn't figure out what everybody was… more»

What other advice do I have?

If I knew somebody who was researching this solution I would ask them: "How can you prove that when you set a policy, a person can't access this system?" This solution… more»

Which other solutions did I evaluate?

We did not evaluate other options before choosing this one.
Real User
Network Administrator at a mining and metals company with 1,001-5,000 employees
Jul 09 2019

What is most valuable?

The most valuable feature of this solution is data hoarding because it catches threats on a frequent basis that we had no idea of. Like if certain hosts were talking to certain hosts. With this tool… more»

How has it helped my organization?

Cisco Stealthwatch has improved our organization's analytics and threat protection capabilities by catching threats early on. We are still at the baselining stage, but I can also say that our… more»

What needs improvement?

One thing I would like to see improved is if it could automatically be tied through ISE, instead of you having to manually get notifications and disable it yourself. I am the only network admin at my… more»

What's my experience with pricing, setup cost, and licensing?

This solution is a little expensive. Open-source is obviously a key to victory in some people's eyes but with open-source, you can't pay anybody. So it could be a little cheaper, but it has great… more»

If you previously used a different solution, which one did you use and why did you switch?

My superior asked what this host was doing within our network, what data he was pulling and why he had it on this PC. We couldn't answer to say that he wasn't pulling data from that server or what… more»

What other advice do I have?

One thing I've learned from this solution is that there's a lot of stuff happening within internal networks that we weren't aware of. I am really satisfied with this solution and I will rate it a ten… more»
Real User
Network Engineer at a government with 1,001-5,000 employees
Jun 24 2019

What is most valuable?

The search options on Cisco Stealthwatch are the most valuable. You can get very granular with it, down to the kilobits or the seconds if you want. The product supports any time frame that you need… more»

How has it helped my organization?

We recently got a security team. They've been more hands-on. They are not intuitive to networks. Cisco Stealthwatch is good at bridging the gap between what they're capable of doing and the knowledge… more»

What needs improvement?

We don't use Cisco Stealthwatch for threat detection. We use it more for information gathering. We use better options for threat detection, i.e. Palo Alto firewalls for our security. I would like the… more»

If you previously used a different solution, which one did you use and why did you switch?

We're a Cisco running shop primarily. We purchased DNA Center and Stealthwatch all as part of that package. We're trying to get the whole suite of software packages. Stealthwatch is part of it.

What other advice do I have?

The solution has not increased our threat detection rate. It has reduced our incident response times by at least 50%. It also reduced the amount of time it takes to detect and remediate threats by… more»

Which other solutions did I evaluate?

Stealthwatch has almost everything we need. There's no reason to evaluate anyone else. We also have a WildPackets and a LiveAction engine. We use that for remote packet captures and not NetFlow data… more»
Robert Ufer
Real User
Network Architect at Henry Ford health system
Jun 26 2019

What is most valuable?

The most valuable feature is the level of visibility and the automation behind it. We don't have to go chasing things down.

How has it helped my organization?

The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now. We use cloud threat analytics. We don't use… more»

What needs improvement?

Cisco Stealthwatch needs more integration with device discovery. We have to do a lot of hard work to figure out what things are. Better service integration is required.

If you previously used a different solution, which one did you use and why did you switch?

We did not have a different solution in this specific use case. We had some solutions that would cover pieces of it but nothing ever did the whole job.

What other advice do I have?

Cisco Stealthwatch has not reduced our response times yet, it probably will though. The solution is perfect in traffic analytics. We've started that roll out. The new sites that we have will be doing… more»

Which other solutions did I evaluate?

We were looking at NetScout and ThousandEyes, plus a couple of other similar solutions. We have a lot of NetScout products. We're trying to get into that space but we're not there yet. We're still too… more»
Real User
Director Network Services at a consultancy with 1,001-5,000 employees
Jul 09 2019

What is most valuable?

The most valuable feature is having visibility into the data segments throughout our network. Using the encrypted traffic analysis has given us more intelligence on the… more»

How has it helped my organization?

This solution has helped to save us against threats, and issues. Regarding threats, we have been able to go out and mitigate some of them. Ironically, if we consider it… more»

What needs improvement?

I would like to see more expansion in artificial intelligence and machine learning features. There does not seem to be much available in terms of training for the product… more»

What's my experience with pricing, setup cost, and licensing?

We pay for support costs on a yearly basis.

If you previously used a different solution, which one did you use and why did you switch?

We did not have a solution like Stealthwatch. We heard about the product and the value it was able to give to companies regarding threats, and we thought it would be the… more»

What other advice do I have?

This is a very good tool, although it is just one piece of our security. We have other security tools that we use to help detect threats. The amount of information that… more»

Which other solutions did I evaluate?

We evaluated Darktrace after the fact. The Cisco Stealthwatch solution tied in well with our other Cisco products, so we decided that this was the way to go, for now.
Real User
Lead Network Engineer at a retailer with 1,001-5,000 employees
Jul 09 2019

What is most valuable?

The ability to send data flow from other places and have them all in one place is very valuable for us.

How has it helped my organization?

Stealthwatch improved our organization by providing more information so we can be proactive with security analysis. It's made our network visibility better. The more information that we can give is all for the best. Just allowing us to get more information and visibility is also helpful. I would say… more»

What needs improvement?

I think the interface is a little lacking. The interface seems like it just needs to be modernized. It's been the same interface now, ever since I've seen it probably four years ago.

What other advice do I have?

The biggest lesson I learned is if it's not getting the flow data, it's not helping you. You have to just get your appointment inside the data. That's not really a tool, that's just if you don't send it, it can't see it. In terms of advice, be sure of what traffic you want to send it, or it's… more»
See 31 More Cisco Stealthwatch Reviews

Articles

User Assessments By Topic About Cisco Stealthwatch

Find out what your peers are saying about Cisco, Darktrace, Vectra AI and others in Intrusion Detection and Prevention Software. Updated: October 2019.
372,124 professionals have used our research since 2012.

Cisco Stealthwatch Questions

What is Cisco Stealthwatch?

Cisco Stealthwatch uses NetFlow to provide visibility across the network, data center, branch offices, and cloud. Its advanced security analytics uncover stealthy attacks on the extended network. Stealthwatch helps you use your existing network as a security sensor and enforcer to dramatically improve your threat defense.

Also known as
Cisco Stealthwatch Enterprise, Lancope StealthWatch
Cisco Stealthwatch customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF

BUYER'S GUIDE
Download our free Intrusion Detection and Prevention Software Report and find out what your peers are saying about Cisco, Darktrace, Vectra AI, and more!
Sign Up with Email