How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
Our primary use case of Stealthwatch is for flow analysis, to see what's running on the network and to check for anomalous behavior. Stealthwatch runs in the background and analyzes flows, producing summary reports based on the information it receives. You can look for anything that's out of place, for example, background checking on a file transfer where there's a query as to whether it's a legitimate transfer. It's quite a powerful tool that questions what's going on. We are integrators and I'm the chief technology officer. We're gold partners with Cisco.
We are resellers, we provide solutions for our clients. We use Stealthwatch for network segmentation use-cases, data analytics around exfiltration, encrypted threat analytics, map phishing, scans. and as a tripwire on top of all of the other security controls that are available.
We primarily handle the design, implementation, and support for the solution and we also manage collaboration, routing and switching, security products, et cetera.
From a security perspective, we are watching for behind the scenes data exfiltration, or tubulous, or malicious network traffic, that our other tools may not be detecting at a basic network layer. We are also using it for performance issues in trying to figure out if a site is experiencing issues with slowness. Also, we try to determine things like whether we are exceeding the bandwidth of the link or whether there is a bottleneck or something that's not negotiating correctly on the network. Also, we use it for TAP to try and do inline network traffic analysis from a security perspective or from a performance perspective as well.
My customers buy Stealthwatch for traffic analysis.
We are a system integrator and I have implemented this solution for one of our customers. This solution is normally used for anomaly detection and malware detection. It is deployed on-premises.
Our primary use case is for it to run our call center 24/7 365 days a year.
Our primary use case of this solution is for troubleshooting network issues.
Our primary use case for this solution is to monitor east, west, north, and south traffic so that we can see what's going on in the network internally. You don't get that granularity with anything else. We have an ASA that gets north and south traffic. So we're just really interested in this one by itself.
Our primary use of Stealthwatch is for a secure remediation of systems that are causing problems on our internal network.
The security team uses it more than we do. I don't work on it that much. We have a couple uses for Stealthwatch: gathering security data and sending logs. I believe there is a gatherer that we have that has all of our logs sitting there. That's basically all we use them for.
Our primary use case for this solution is to work on it so that we can learn enough about it to sell it to our customers.
Our primary use for this solution is to help protect against threats on our network.
We really just use the product for behavior analytics of our employees. When we have issues or when there is some type of an investigation from a security perspective, we pull up Stealthwatch and start trying to see what that user was doing. If there are any anomalies in their activities we have to take action to correct it. We don't need to monitor every device. The reports show everything that person's doing and what device they're running, et cetera, and we really only need specific things. That was one of our problems in the initial deployment. We tried to overcome that by redeploying. I'm not sure exactly sure that it helped a lot. We're getting more data, but I'm not really sure it gives us a true picture.
We provide this solution to our customers to give them visibility into their network.
We use this solution primarily for the TLS audit in our on-premise environment, and to assist our customers.
Our primary uses for this solution are threat management and traffic management.
Our primary use for this solution is to provide operational metrics. In terms of the analytics and threat detection capabilities, it basically cures our day-to-day for everything that we do. It helps us out tremendously.
We use the solution primarily for IDS/IPS.
We use this solution for NetFlow statistics.
Our primary use is to monitor our network, especially our remote branches.
Our main reason for using Stealthwatch is it gives us visibility.
Our primary use case for Cisco Stealthwatch is to ensure net flow.
We use Cisco Stealthwatch as our primary NetFlow collector. We use it for data analysis and for any issues that arise that require NetFlow data.
We use Cisco Stealthwatch to do NetFlow across our enterprise network. Cisco Stealthwatch helps our cybersecurity guys detect threats across the network.
We use Cisco Stealthwatch for security and network analytics. The solution saves you time, money, and administrative work. If we have the device support, it means that I don't have to send someone in a car to go to be local on the site and look at whatever the issue is.
We mainly use this solution for diagnostic information.
We use Stealthwatch primarily to secure customers' endpoint devices, in order to provide more visibility into their security vectors. We determine where they are getting attacked, if they are getting attacked, how to prevent it, how to fight it, etc. We are really trying to take the fight to the administrator and be a little more proactive, as opposed to being so reactive with security events.
For our organization, Cisco Stealthwatch is more of a confirmation of what is happening on our network, or compliance. And in addition to that, it helps us to troubleshoot issues. We get to see where traffic is flowing and it helps us figure out problems.
We mainly use Cisco Stealthwatch in our organization for bandwidth monitoring and other issues we experience on our networks. When someone reports an issue, this solution helps us to determine what's going on in the network by checking the cell blocks and see if there are any issues.
We use Cisco Stealthwatch for device compliance and device auditing. It's part of our overall strategy. We have been consolidating down. Our security team is over-packed. We're trying to leverage what we have and move the blame away from us on the network side.
The primary use case for Cisco Stealthwatch is for us to sell it.
We use Stealthwatch to identify any risk or vulnerabilities in the environment.
We use Cisco Stealthwatch mostly for network visibility and security. I believe the solution reduces false-positives by flagging it as potential threats.
Stealthwatch is primarily a network monitoring tool.
Our primary use for Stealthwatch is to provide insights into what traffic is flowing through the network for our security operations center. With that, they can go and enforce security.
This is a security solution for us and our customers. We use it for port monitoring aggregation and doing captures.
Our primary use case for Stealthwatch is endpoint security.
Our primary use case for this solution is security.
We use Stealthwatch mainly for security.
What do you like most about Cisco Stealthwatch?
Thanks for sharing your thoughts with the community!