Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs Cisco Secure Workload comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Network Analytics
Ranking in Cisco Security Portfolio
7th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
60
Ranking in other categories
Network Monitoring Software (22nd), Network Traffic Analysis (NTA) (3rd), Network Detection and Response (NDR) (5th)
Cisco Secure Workload
Ranking in Cisco Security Portfolio
9th
Average Rating
8.6
Reviews Sentiment
7.7
Number of Reviews
15
Ranking in other categories
Cloud and Data Center Security (7th), Cloud Workload Protection Platforms (CWPP) (14th), Microsegmentation Software (4th)
 

Mindshare comparison

As of April 2025, in the Cisco Security Portfolio category, the mindshare of Cisco Secure Network Analytics is 10.9%, down from 16.2% compared to the previous year. The mindshare of Cisco Secure Workload is 8.2%, up from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cisco Security Portfolio
 

Featured Reviews

Sudhakar T - PeerSpot reviewer
Strong network security analytics with excellent encrypted traffic analysis features
Improvements are needed on the application layer for complete security analysis. The solution should have the ability to analyze security events not only at the network layer but also at the application and OS layers. There's a need for a more comprehensive licensing model where all necessary licenses are included by default.
Raj Metkar - PeerSpot reviewer
Discover internal application dependencies and create a dependency map
We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration allows Cisco Secure Workload to learn about our networks and network tags, providing valuable insights into vulnerabilities related to the operating system and various applications installed on our servers. Recently, Cisco announced a new product called HyperShield, an AI-based autonomous micro-segmentation solution. While Cisco has not stated that HyperShield will replace Cisco Secure Workload, it represents a natural evolution for the company. HyperShield features dynamic policy discovery and enforcement; however, once policies are enforced, they do not change until a discovery occurs, requiring a re-enforcement process. This new platform operates autonomously, minimizing the need for user or security engineer intervention. I would have expected Cisco to incorporate more automatic discovery and enforcement features within the existing Cisco Secure Workload product. Instead of enhancing the current product, they have introduced a new solution. Cisco plans to honor existing Tetration licenses, allowing users to transition to HyperShield without additional costs, reflecting the investment enterprises have already made. From Cisco’s perspective, this represents a natural progression in their product line. While the product name changes, it seems more of a rebranding effort. The enhancements are greater autonomy, improved discovery, and automatic enforcement, which are now being introduced in HyperShield. Cisco Secure Workload offers automatic policy enforcement but cannot adjust policies dynamically as the application needs to change. Having used the platform for the past five years, the recent announcement has been reassuring. Cisco has confirmed that our investment in the platform will not go to waste. They will honor our existing licenses, providing a natural migration path to the new solution without any disruption

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"From a security standpoint, it is just seeing pockets as well. Visibility is very key for us."
"Stealthwatch has greatly improved our network visibility, in terms of bandwidth, malware, and PCI violations."
"Provides easily identifiable anomalies that you can't see with signature detections."
"The most valuable part is that Stealthwatch is part of a portfolio of security devices from Cisco. Cisco literally can touch every single end point, every single ingress and egress point in the network. Nobody else has that."
"The most valuable features of this solution are the logging, keeping threats under control, and keeping our data and environment secure."
"The beginning of any security investigation starts with net flow data."
"Most of the engineers I've worked with have been really good. Very knowledgeable and easy to work with."
"The solution has increased our threat detection rate. Cisco Stealthwatch has not reduced our incident response times. It has not reduced the amount of time it takes us to detect immediate threats. It has reduced false positives."
"The most valuable feature of the solution is that we don't have to do packet captures on the network."
"Generally speaking, Cisco support is considered one of the best in the networking products and stack."
"The most valuable feature is micro-segmentation, which is the most important with respect to visibility."
"By using Tetration insight, we are able to get the latency on our level accounts and we can determine whatever the issue is with the application latency itself."
"It's stable."
"Instead of proving that all the access control lists are in place and all the EPGs are correct, we can just point the auditor to a dashboard and point out that there aren't any escaped conversations. It saves an enormous, enormous amount of time."
"The solution offers 100% telemetry coverage. The telemetry you collect is not sampled, it's not intermittent. It's complete. You see everything in it, including full visibility of all activities on your endpoints and in your network."
"A complete and powerful micro-segmentation solution."
 

Cons

"Stealthwatch needs improvement when it comes to speed."
"I would like to see better filters."
"I would like to see a hybrid solution that can work without being connected directly to the internet for those destinations."
"The configuration of the solution was quite complex."
"The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure."
"The customizability of the UI should improve."
"Cisco could improve the administration for the customers."
"Cisco Stealthwatch needs more integration with device discovery. We have to do a lot of hard work to figure out what things are. Better service integration is required."
"The emailed notifications are either hard to find or they are not available. Search capabilities can be improved."
"They should scale down the hardware a bit. The initial hardware investment is two million dollars so it's a price point problem. The issue with the price comes from the fact that you have to have it with enormous storage and enormous computes."
"The product must be integrated with the cloud."
"Secure Workload is a little complicated to use, and the dashboard isn't intuitive, so it takes a while to learn how to use it."
"There was a controversy when Cisco reduced the amount of data they kept, and the solution became quite cost-intensive, which made its adoption challenging….Although they have modified it now, I preferred the previous version, and I wish all the functionality were back under the same product."
"It has an uninviting interface."
"It is highly scalable, but there is a limitation that it is only available on Cisco devices."
"The multi-tenancy, redundancy, backup and restore functionalities, as well as the monitoring aspects of the solution, need improvement. The solution offers virtually no enterprise-grade possibility for monitoring."
 

Pricing and Cost Advice

"​Licensing is done by flows per second, not including outside (in traffic)."
"Pricing is much higher compared to other solutions."
"It is worth the cost."
"Our fees are approximately $3,000 USD."
"Licensing is on a yearly basis."
"One of the things which bugs me about Lancope is the licensing. We understand how licensing works. Our problem is when we bought and purchased most of these Lancope devices, we did so with our sister company. Somewhere within the purchase and distribution, licensing got mixed up. That is all on Cisco, and it is their responsibility. They allotted some of our sister company's equipment to us, and some of our equipment to them. To date, they have never been able to fix it."
"The licensing costs are outrageous."
"The pricing for this solution is good."
"Pricing depends on the scope of the application and the features. Larger installations save more."
"Regarding price, Cisco Secure Workload can be expensive if you don't have a budget. If you're not doing micro-segmentation, every extra security measure or enforcement you're putting on top of your existing environment will be an extra cost. It's not a cheap solution at all. But from my point of view, if you need to do micro-segmentation, this is one of the best tools I've seen for it. I can't compare that to Microsoft's solution because I haven't looked into it. I've looked into VMware and Cisco. Those are the only two that I know of. I didn't know that Microsoft could do micro-segmentation at all. Maybe they can, but I haven't heard anything about it."
"The price is outrageous. If you have money to throw at the product, then do it."
"The price is based on how many computers you're going to install it on."
"The cost for the hardware is around 300k."
"The pricing is a bit higher than we anticipated."
"It is not cheap and pricing may limit scalability."
report
Use our free recommendation engine to learn which Cisco Security Portfolio solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
28%
Financial Services Firm
11%
Government
9%
Manufacturing Company
7%
Computer Software Company
26%
Financial Services Firm
10%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
What is your experience regarding pricing and costs for Cisco Stealthwatch?
The organization experienced challenges with licensing as Cisco has multiple licensing factors, and there are concerns about the price. Cisco solutions are considered to be very expensive.
What needs improvement with Cisco Stealthwatch?
Improvements are needed on the application layer for complete security analysis. The solution should have the ability to analyze security events not only at the network layer but also at the applic...
What do you like most about Cisco Secure Workload?
The product provides multiple-device integration.
What is your experience regarding pricing and costs for Cisco Secure Workload?
CloudStrike offers antivirus capabilities and firewall features for servers and VDI but lacks automatic policy discovery. This raises questions about the resources required to discover and write po...
What needs improvement with Cisco Secure Workload?
We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration allows Cisco Secure Workload to learn about our networks and network tags, provid...
 

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
Cisco Tetration
 

Overview

 

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
ADP, University of North Carolina Charlotte (UNCC)
Find out what your peers are saying about Cisco Secure Network Analytics vs. Cisco Secure Workload and other solutions. Updated: March 2025.
849,190 professionals have used our research since 2012.