Most Helpful Review
Provides holistic view of network traffic, packet analysis; it's easy to identify anomalies without signatures
Log aggregation gives us all our logs in one place, we can get the analytics from a single dashboard
Find out what your peers are saying about Cisco Stealthwatch vs. LogRhythm Network Monitor and other solutions. Updated: March 2019.
345,805 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies.
The deployment was a breeze. It is a very innovative and robust platform that allows us to bi-directionally stitch together data elements from Netflow-enabled devices to provide a context for network utilization.
Able to drill down into a center's utilization, then create reports based on it.
Ease of deployment, once you get your ducks in a row.
Visibility. The ability to look East and West. To see what is passing through your circuits, where it is coming from, and how big it is.
From a security standpoint, it is just seeing pockets as well. Visibility is very key for us.
Provides easily identifiable anomalies that you can't see with signature detections.
The beginning of any security investigation starts with net flow data.
The analytics feature is the most valuable feature.
If there was one improvement I’d suggest it would be that it detect traffic through an intranet. The product requires that traffic flow through a managed network device. The product is designed mostly for enterprise environments and not smaller environments or businesses.
Reliance on Java. Get away from that.
If they can make this product more web-based, that would be amazing.
One update that I would like to see is an agent-based client. Currently, Stealthwatch is network-based. A local agent could help manage endpoints.
The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure.
One update I would like to see is an agent-based client. Currently StealthWatch is network based.
I would like to see better integration with multiple products. Integration is not something that is readily available for most of the products.
Pricing and Cost Advice
Today, we are part of the big Cisco ELA, and it is a la carte. We can get orders for whatever we want. At the end of the day, we have to pay for it in one big expense, but that is fine. We are okay with that.
NetFlow is very expensive.
One of the things which bugs me about Lancope is the licensing. We understand how licensing works. Our problem is when we bought and purchased most of these Lancope devices, we did so with our sister company. Somewhere within the purchase and distribution, licensing got mixed up. That is all on Cisco, and it is their responsibility. They allotted some of our sister company's equipment to us, and some of our equipment to them. To date, they have never been able to fix it.
Licensing is done by flows per second, not including outside (in traffic).
Pricing is much higher compared to other solutions.
Licensing is done by flows per second, not including outside>in traffic.
Pricing is okay. There were some competitors that were extremely expensive and there were some which were really inexpensive but LogRhythm stayed in the middle of them.
out of 41 in Intrusion Detection and Prevention Software
Average Words per Review
out of 94 in Network Monitoring Software
Average Words per Review
Compared 24% of the time.
Compared 5% of the time.
Compared 5% of the time.
Compared 20% of the time.
Compared 15% of the time.
Compared 9% of the time.
Also Known As
|Cisco Stealthwatch Enterprise, Lancope StealthWatch||LogRhythm NetMon|
Cisco Stealthwatch uses NetFlow to provide visibility across the network, data center, branch offices, and cloud. Its advanced security analytics uncover stealthy attacks on the extended network. Stealthwatch helps you use your existing network as a security sensor and enforcer to dramatically improve your threat defense.
Identify Emerging Threats on Your Network in Real Time
Transform your physical or virtual system into a network forensics sensor in a matter of minutes for free with LogRhythm's NetMon Freemium. Your investigations will come together effortlessly with extensive corresponding metadata, full packet capture, and customizable advanced correlation.. Detect network-based threats with real-time network monitoring and big data analytics
Get the visibility you need with Network Monitor.
Learn more about Cisco Stealthwatch
Learn more about LogRhythm Network Monitor
|Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF||Sera-Brynn|
Financial Services Firm19%
Comms Service Provider12%
No Data Available
See also Cisco Stealthwatch Reviews, LogRhythm Network Monitor Reviews, and our list of Best Intrusion Detection and Prevention Software Companies.