We performed a comparison between Cisco Secure Network Analytics and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two Network Monitoring Software solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can manage the entire system across the network and troubleshoot the pain points."
"The most valuable features are encrypted threat analysis and the ability to run jobs on entire flows."
"The most valuable feature of this solution is the way the net flow is being merged together in a single pane. That's been extremely useful for us, because can see what's going on with traffic in one single place."
"The most valuable feature about this solution is that it gives me insight of my network."
"It's easy to set up. The deployment takes one or two days. You need to collect the data from a device and then direct it to the portal."
"There are already many functionalities, so I don't think there is anything to improve."
"The most valuable feature of this solution is data hoarding because it catches threats on a frequent basis that we had no idea of."
"The most valuable feature is its alerts and dashboard."
"The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
"Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks."
"It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap."
"The most valuable features are the indexing and powerful search features."
"This intelligent user behavior analytics package is easy to configure and use while remaining feature filled."
"The solution is definitely scalable."
"Splunk is more user-friendly than some competing solutions we tried."
"It is a solution that helps test and measure customer satisfaction."
"The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them."
"The Wi-Fi side needs improvement."
"The initial setup is complex, as there is a lot to configure."
"It is time-consuming to set it up and understand how the tool works."
"Complexity on integration is not so straightforward and you really need an expert to help build it out."
"I would like Cisco to make it easier for the administrators to use it."
"At my company, we might not be using it enough with other applications that we have that can integrate with it."
"One update I would like to see is an agent-based client. Currently StealthWatch is network based."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"We've run into some issues with the configuration."
"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."
"In the future I would like to see simplified statistics and analytical threats."
"I'm not aware of any lacking features."
"We want to have an automated system for bot hunting that enables us to detect anomalies predictively based on historical data. It would be helpful if Splunk included process mining as an alternative option. We have a threat workflow, but it would be useful if we could supplement that with some process mining capabilities over time."
"It could be easier to scale the solution if you are using it on-premise, not in the cloud."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"The price of Splunk UBA is too high."
"The correlation engine should have persistent and definable rules."
More Cisco Secure Network Analytics Pricing and Cost Advice →
More Splunk User Behavior Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews while Splunk User Behavior Analytics is ranked 2nd in User Entity Behavior Analytics (UEBA) with 17 reviews. Cisco Secure Network Analytics is rated 8.2, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Trend Micro Deep Discovery, whereas Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, IBM Security QRadar, Varonis Datalert and Microsoft Purview Insider Risk Management. See our Cisco Secure Network Analytics vs. Splunk User Behavior Analytics report.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.