Cisco Secure Network Analytics Reviews

We mainly use Cisco Stealthwatch in our organization for bandwidth monitoring and other issues we experience on our networks. When someone reports an issue, this solution helps us to determine what's going on in the network by checking the cell blocks and see if there are any issues.

Using this solution has helped us to detect and identify viruses or malicious activity in the network early on. It has definitely given us more insight because it's a lot easier to check Stealthwatch's logs than to log into a router and do a bunch of show commands. I would say that it has at least doubled our protection rate. 

Since we started using this solution, we've been saving time, money and administration work. It is now much easier to log into Stealthwatch and see what I want to see rather than logging into a router and checking everything out. The administration is also much less because everything's right there for me.

I haven't experienced any problems or downtime with Cisco Stealthwatch, so the stability is really good.

The scalability of this solution is good. We don't have a very large network that we use it on. I support only around 200 routers or so. But for what we use it for, it is scalable.

I never had to use technical support before.

The initial setup was straightforward. We simply followed the instructions on how to use it, and so far everything is working great. 

We haven't seen ROI.

I will never rate a product ten, so my rating for this solution is eight out of ten. I highly recommend this solution.

For our organization, Cisco Stealthwatch is more of a confirmation of what is happening on our network, or compliance. And in addition to that, it helps us to troubleshoot issues. We get to see where traffic is flowing and it helps us figure out problems.

Cisco Stealthwatch helps us in finding unknown traffic, allowing us to audit the network and make sure things that are happening that we are expecting to happen. 

I am a little versed about the solution's analytic and threat detection capabilities, even though it is pretty good. I know that we use it to validate that there's no east/west traffic. So that's been beneficial to us because we have things in place preventing that, and it's our way of proving it has actually happened. We haven't started using it for cloud protection or any analysis yet.
This solution has definitely also reduced our incident response time because we had no visibility before. We can detect and remediate threats much faster now. 

The most valuable feature of this solution is the way the net flow is being merged together in a single pane. That's been extremely useful for us because we can see what's going on with traffic in one single place.
I also believe the solution has increased our organization's threat protection rate. The actual threat reports are run by our Infosec security person, but we are actually using this solution for that too. We're having reports generated so that our network engineering doesn't have to do the review. That team is responsible for reviewing reports and then we work with them to locate and do the next steps.

We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too.

The solution is very stable and we haven't had any crashes yet.

Based on what we've used it so far, it looks like it's scaling. We're growing and it's growing with us, so it's doing what we need it to do.

I do know we have used the support before and it was good enough to get our problems fixed.

We switched to Cisco Stealthwatch for operational reasons. The solution we used before was very clunky, so it was clear that we needed a better solution. So we started looking around and this solution came to the top quickly.

The initial setup was pretty straightforward and sufficient. It's good.

I believe this solution has saved our organization a lot of time, money, and administrative work. It allows us to see what's going on as far as traffic flows in a single, very short period. That is the biggest value to us on the networking side. The security team uses the implications of that for auditing and clearing out, whether we have good or bad traffic going on. 

Operationally, using it as a tool, it can definitely be rated up there at a nine out of ten. It's very good, easy to use, I can get into it and find out what I want.

We use Stealthwatch mainly for security.

Stealthwatch has greatly improved our network visibility, in terms of bandwidth, malware, and PCI violations.

It has increased our threat detection rate, by around 100%. Stealthwatch has also reduced the time to detect and remediate threats, as well as saves us time. We're using it for bandwidth detection, so that's helped. In addition, we use the solution's encrypted traffic analytics and cognitive analytics.

The single most valuable feature we get out of Stealthwatch is visibility. Also, analytics and threat protection capabilities are good, so far.

I would like to see some improvement when it comes to reporting.

The stability of the solution is fair.

Stealthwatch has a good level of scalability.

I would consider their technical support as "fair."

We were using SolarWinds and we are still using SolarWinds, so we use both.

The initial setup was complex, especially as it came to configurations.

We used an integrator for deployment. We had a pretty good experience with them.

The licensing costs are outrageous, but Stealthwatch has a good time to value.

You've got to know what you're looking for. Tuning is really key. Have a plan before you implement on what you're going to use it for.

I would rate Stealthwatch as seven out of ten. It's easy to use.

We use Cisco Stealthwatch mostly for network visibility and security. I believe the solution reduces false-positives by flagging it as potential threats.

In terms of how this solution has affected network visibility, we're finding devices that junior network engineers, people who don't want to wait for proper channels, have added to the network. This solution enables us to find them and shut them down. 

It has reduced our incident response time. We can now narrow down where incidents are happening, so it very helpful for our organization.

The features I find most valuable is the deep level of knowledge that we get on every device as well as what other devices it's talking to. 

Analytics and threat detection capabilities are a little overwhelming. I would say it's about average. 

The solution reduces the amount of time it takes to detect and remediate threats.

We've been using this solution for around a year now.

So far we haven't had any issues with the stability of the solution. We haven't gone through a major upgrade cycle yet.

Our initial deployment was built out to the right size for our organization.

There hasn't been any need to ask for technical support since our initial deployment, where we used a reseller. 

The initial setup was straightforward but required a lot of data entry, to begin with building out the server types and network types. 

We used a reseller for the deployment, CDW.

We evaluated Plixer, but the fact that Stealthwatch was Cisco integrated, sold it for us.

My advice would be to really look at how many traffic rows you're generating on your network when you decide to do your deployment. Personally, it is too early to know if there is room for improvement, but I will rate this solution an eight out of ten.

The primary use case for Cisco Stealthwatch is for us to sell it. 

It has improved my organization's network visibility from zero because before we had installed this solution, we weren't doing anything to protect us from threats. I believe this solution has reduced our incident response time. 

The features I find most valuable about Cisco Stealthwatch its integration with the pxGrid and all of our other devices that are tied in with pxGrid, so they can communicate with each other and be able to dynamically change, quarantine a suspicious device, or do whatever necessary in case of a malware attack or similar problem.

Considering all the data on the network, I believe that the analytics of Cisco Stealthwatch are pretty decent. I would like to see it better organized when I'm looking at it. If I hand it to another NOC engineer, they may not know what they're looking at, so I would prefer it to be more clean and structured, making it easier to use.

We are currently also using AMP and a few other Cisco products to assist us with threat protection and it's only been running for a couple of months.

This solution is very stable.

I believe there isn't much to scale for it and I think it all depends on how many nodes you're running in the environment. I will say the scalability is fairly decent.

I haven't had to use technical support yet. I've only read through the pages of documentation.

The initial setup was a little complex since I haven't set it up before. 

It is hard to say yet, but at least we can tell customers that we've detected a threat, and it can be stopped in time.

For our organization, it is cheap, but for other customers, it may be fairly expensive. 
As we are resellers of Cisco Stealthwatch, we hope to save time, money, and administrative costs once we start selling more of these solutions.

I am responsible for the security of our organization's devices, so I did look at other options. Since this solution ties into other products, I wanted to use Duo Security and tie that together with StealthWatch.

I will rate this solution a seven and a half or eight out of ten. This is mostly due to our exposure and having customers relying upon us to only look at it, as well as the layout. 

My advice to others would be to go for it, play around with it and see what you like about it. If you don't like it, move on to something else, but at least try it first.

The Cisco IOS is very important because that is what we have to teach our students.

There are already many functionalities, so I don't think there is anything to improve. Its the best one on the market I have seen.

We've been using Cisco equipemnt for four or five years.

It's scalable, there are many models that we can use for a small network. Cisco offers the scalability that we need. We have about eighty students, and all the students have to do some training on it. We have plans to increase the usage of Cisco.

I think in order to master the network security issues it's complex. The deployment took a week or so.

I think that maybe we need more products for our students to try and to master. It's part of their learning.

I would rate this solution as nine or ten out of ten.

Our primary use case for this solution is security.

We are currently adding test cases for the solution and it is not yet in a live production environment.

The most valuable feature is integration.

I would like to see a hybrid solution that can work without being connected directly to the internet for those destinations. A business case would be manufacturing floors that are not, or still not, connected to the internet permanently.

In terms of the user interface, navigating through the drill down windows needs to be improved.

Still implementing and testing.

This solution seems to be stable.

This is a cloud-based solution, so it is very scalable.

We have not used technical support.

We did not use another solution prior to this one.

The initial setup for this solution is complex, at least in the beginning.

It is a really hard step from being a networking engineer and moving to that software component. You have to understand the software because the dependency on the actual programming is very important. That has been a learning curve.

We are still in beta testing.

Because we are still testing, we do not yet know what our licensing fees will be.

We did not evaluate other options.

My advice to anybody implementing this solution is to start with the DevOps, as soon as possible.

I would rate this solution a seven out of ten.

This is a security solution for us and our customers. We use it for port monitoring aggregation and doing captures.

We had some trouble with the installation as we migrated from our previous solution.

Three months.

It has been pretty stable since we deployed it, and everything seems to be working fine.

That scalability seems to be ok, although we did have some concerns. Potentially, we are going to be looking at 100-gigabit links, and the version of the solution that we deployed does not support that. That is a long-term concern, rather than an immediate one.

We had some technical questions when we were doing the initial deployment, and they were very good in helping us with that.

Prior to this solution, we used an ad-hoc, internal system. We knew that it had to be replaced because it was not passing the audit as per our set standards. Ultimately, that drove us to look for a more standardized solution.

The initial setup for this solution was fairly complex. This was, in part, because of where we placed it in our network and the removal of our old system. It involved mapping it from the old to new so that it will be able to maintain the same functionality in our network.

We used an integrator to assist with the implementation.

Cisco is our biggest primary vendor, so it was an easy go-to for this solution.

My advice for anybody who is implementing this solution is to engage with an integrator or somebody who is familiar with it, or deploying it. This will make everything easier in terms of setting it up.

This solution is doing everything that we want, and my only complaint is in regards to the quirks during installation.

I would rate this solution an eight out of ten.