Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The most valuable feature is anomaly detection, where it finds things that are not allowed internally.
Most of the engineers I've worked with have been really good. Very knowledgeable and easy to work with.
Being able to graph and show data to management has improved our organization. We can show the data to the higher-ups. It shows them that it's picking up on these anomalies and doing its job.
It's a dependable product that is able to pinpoint where we have vulnerabilities if they occur.
Using the Cognitive Analytics feature, we have complete visibility that we didn’t have before.
The most valuable feature about this solution is that it gives me insight of my network.
It has improved our internal knowledge of what's going on with the network, and that's helpful.
The most valuable features of this solution are the logging, keeping threats under control, and keeping our data and environment secure.
If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.
The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money.
Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams.
The most valuable feature is the view into the application.
Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.
It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us.
The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks.
Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.
The usability of this solution needs to be improved.
We've run into some issues with the configuration.
They should include Citrix VDIs in the next release.
The GUI could use some improvement. Being able to find features more easily would be a great improvement if it was simplified.
The initial setup is complex, as there is a lot to configure.
It hasn't really improved our direct detection rate but it has definitely reduced our incident response time as we wouldn't have been able to detect threats or immediate risks without this solution.
I would like to see more and cleaner reporting. For example, if I pull up Steven and I want to look and maybe compare him to what you've done in the past week, and compare that to the past six months, the point would be to see what the difference in activity looks like over this time. I don't see that capability in reporting to date. You see that trend but you don't really see a straightforward comparison. That right there is key to what we want to see about the normal activity.
It is time-consuming to set it up and understand how the tool works.
It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment.
As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web).
Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard.
A better depth of view, being able to see deeper into the management process, is what I'd like to see.
Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier.
I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports.
The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right.
It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning.
Pricing and Cost Advice
Our fees are approximately $3,000 USD.
Licensing is on a yearly basis.
We pay for support costs on a yearly basis.
On a yearly basis, licensing is somewhere around $30,000.
The yearly licensing cost is about $50,000.
The pricing for this solution is good.
The licensing costs are outrageous.
Today, we are part of the big Cisco ELA, and it is a la carte. We can get orders for whatever we want. At the end of the day, we have to pay for it in one big expense, but that is fine. We are okay with that.
When I compare this solution to its competitors in the market, I find that it is a little expensive.
FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market.
We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing.
Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold.
There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product.
The pricing is a little high.
Pricing and licensing are reasonable compared to competitors.
out of 45 in Intrusion Detection and Prevention Software
Average Words per Review
out of 25 in Advanced Threat Protection
Average Words per Review
Compared 23% of the time.
Compared 6% of the time.
Compared 4% of the time.
Compared 18% of the time.
Compared 13% of the time.
Compared 11% of the time.
Also Known As
|Cisco Stealthwatch Enterprise, Lancope StealthWatch||FireEye|
Cisco Stealthwatch uses NetFlow to provide visibility across the network, data center, branch offices, and cloud. Its advanced security analytics uncover stealthy attacks on the extended network. Stealthwatch helps you use your existing network as a security sensor and enforcer to dramatically improve your threat defense.
FireEye Network Security is an advanced threat protection and breach detection platform that provides industry leading threat visibility and protection against the world’s most sophisticated and damaging attacks. By leveraging FireEye’s unique technologies and threat intelligence, FireEye Network Security detects what other security solutions miss, providing holistic security from the perimeter to the network core.
Learn more about Cisco Stealthwatch
Learn more about FireEye Network Security
|Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF||FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems|
Financial Services Firm11%
Comms Service Provider20%
Software R&D Company14%
Financial Services Firm36%
Software R&D Company25%
Financial Services Firm20%
Comms Service Provider10%
See also Cisco Stealthwatch Reviews, FireEye Network Security Reviews, and our list of Best Intrusion Detection and Prevention Software Companies.