Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs Darktrace comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Aug 6, 2024
 

Categories and Ranking

Cisco Secure Network Analytics
Ranking in Network Traffic Analysis (NTA)
3rd
Ranking in Network Detection and Response (NDR)
5th
Average Rating
8.2
Number of Reviews
59
Ranking in other categories
Network Monitoring Software (24th), Cisco Security Portfolio (4th)
Darktrace
Ranking in Network Traffic Analysis (NTA)
1st
Ranking in Network Detection and Response (NDR)
1st
Average Rating
8.2
Reviews Sentiment
7.6
Number of Reviews
73
Ranking in other categories
Email Security (12th), Intrusion Detection and Prevention Software (IDPS) (1st), Extended Detection and Response (XDR) (3rd), AI-Powered Chatbots (3rd), Cloud Security Posture Management (CSPM) (15th), Cloud-Native Application Protection Platforms (CNAPP) (12th), Attack Surface Management (ASM) (3rd), AI-Powered Cybersecurity Platforms (1st)
 

Mindshare comparison

As of November 2024, in the Network Traffic Analysis (NTA) category, the mindshare of Cisco Secure Network Analytics is 19.2%, down from 23.0% compared to the previous year. The mindshare of Darktrace is 32.2%, down from 33.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Traffic Analysis (NTA)
 

Q&A Highlights

CW
Feb 11, 2020
 

Featured Reviews

Rainier S. - PeerSpot reviewer
Mar 22, 2018
You are able to drill down into a center's utilization, then create reports based on it
In the last year or two, we have been working with our Cisco NAS engineers to improve our security posturing. It is more our being proactive rather than reactive. While Stealthwatch and Lancope have this ability to look inside and give you visibility (a great feature), follow-up is the rule. We would like filters that you can put into place to tap onto certain types of behaviors, alerts out, and/or hopefully a block. This is sort of what we are looking for. I might be speaking too early, because we are not down this path yet. We know the feature set is there, we just do not know yet how to achieve it. That is proactive rather than more reactive. For Lancope Stealthwatch, we would like to see it more on the ASA Firewall platform. While this might already be available, this is more a failing of Cisco to inform us if it is there. For example: * Are we on the right or wrong version of the code? * What does the code look like? * Are we are really looking at firewalls? Or is it more about the foundation and route switches that we are seeing? It is about visibility.
Luis KiambatA - PeerSpot reviewer
Nov 9, 2022
Great autonomous support, offers an easy setup, and has responsive support
We primarily use the solution for IT. Customers use it for banks or construction sites, depending on our customers. We haven't had an OT implementation yet. However, we have interest from two companies The autonomous response is great. It blocks basically everything that is outside the normal,…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cisco Stealthwatch has reduced the amount of time to detect an immediate threat."
"It has definitely helped us improve our mean time to resolution on network issues."
"Stability is the most valuable feature we have seen in this solution."
"Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box."
"Visibility. The ability to look East and West. To see what is passing through your circuits, where it is coming from, and how big it is."
"There are already many functionalities, so I don't think there is anything to improve."
"It provides good visibility to the customers. People are still evaluating it, but it provides visibility and helps them to take action to remediate and mitigate the issues that are highlighted on the dashboard. It has good integration with the Cisco switching platform."
"The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now."
"It has helped the organization to detect any malware affecting the machines...The network monitoring and the email monitoring features are very valuable for us."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"We liked their approach to identifying intrusions or network anomalies using AI."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"Darktrace is very flexible."
"Artificial intelligence and machine learning functionalities are valuable."
"Darktrace's most valuable features are its dashboards and its ability to summarize huge amounts of information about threats and suspicious traffic."
"The solution is outstanding from a monitoring perspective."
 

Cons

"It is time-consuming to set it up and understand how the tool works."
"We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too."
"The configuration of the solution was quite complex."
"Some of our customers find this solution to be a little bit tough because they don't understand how to configure and use it."
"I would like to see more and cleaner reporting. For example, if I pull up Steven and I want to look and maybe compare him to what you've done in the past week, and compare that to the past six months, the point would be to see what the difference in activity looks like over this time. I don't see that capability in reporting to date. You see that trend but you don't really see a straightforward comparison. That right there is key to what we want to see about the normal activity."
"The overall visibility into the actual device itself would be helpful. I don't just want support-specific data, but also to be able to see information such as CPU and other internal components or usage of the devices."
"The initial setup is complex, as there is a lot to configure."
"If they can make this product more web-based, that would be amazing."
"The interface and dashboards could be improved for ease-of-use."
"Darktrace could improve its features, such as monitoring and detecting ransomware."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"Upper management wasn't sold on the value proposition."
"In the next version, I'd like to see penetration testing."
"I would like to see some additional enhancements."
"They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity."
"The main portal needs improvement as it is difficult to use."
 

Pricing and Cost Advice

"It has a subscription model. There is yearly support, and there is also three-year support. It depends on what the customers want."
"The pricing for this solution is good."
"On a yearly basis, licensing is somewhere around $30,000."
"NetFlow is very expensive."
"We pay for support costs on a yearly basis."
"One of the things which bugs me about Lancope is the licensing. We understand how licensing works. Our problem is when we bought and purchased most of these Lancope devices, we did so with our sister company. Somewhere within the purchase and distribution, licensing got mixed up. That is all on Cisco, and it is their responsibility. They allotted some of our sister company's equipment to us, and some of our equipment to them. To date, they have never been able to fix it."
"Our fees are approximately $3,000 USD."
"The solution is expensive. It costs several hundred thousand dollars per year (depending on how many flows you are collecting)."
"The tool's pricing is costly."
"If you consider the features and the cost of market leaders, we are satisfied with the pricing."
"The pricing is subscription-based and it is high."
"The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily."
"The solution is about $6,000 per quarter."
"They are too expensive compared with other vendors."
"Darktrace is pricey, but the price is reasonable for what the solution does, and it's comparable to other products."
"The price of Darktrace is high and could be reduced. We pay approximately $30,000 to $54,000 annually."
report
Use our free recommendation engine to learn which Network Traffic Analysis (NTA) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Answers from the Community

CW
Feb 11, 2020
Feb 11, 2020
I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by...
2 out of 9 answers
DJ
Aug 26, 2019
Raffael Marty, Vice President, Forcepoint Research and Intelligence, said: "There is no artificial intelligence in the field of information security, and it is unlikely to be developed in 2019." Most of unsupervised machine learning-based network anomaly detection solution does not provide why the anomaly has been aroused and whether the anomaly is malicious or not. Most of such solution's pricing model is based on number of endpoints but I prefer to have flat fee subscription-based.
IT
Aug 26, 2019
I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by a second-generation AV but I need to have a solid 2nd gen. AV besides the total high cost of Darktrace which by the way is worth it for IT pros but not for business owners. We need to have something like virus total but for risks and threats beyond viruses where all vendors work on this and all endpoint customers with different vendors connect to it to be secured.
 

Top Industries

By visitors reading reviews
Computer Software Company
31%
Financial Services Firm
11%
Government
8%
Manufacturing Company
6%
Computer Software Company
15%
Financial Services Firm
8%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
What is your experience regarding pricing and costs for Cisco Stealthwatch?
The tool is not cheaply priced. In cybersecurity, you want an extra layer of security in your organization. Some sectors want NDR solutions, so you cannot deploy such tools everywhere, as they are ...
What needs improvement with Cisco Stealthwatch?
The expensive nature of the tool is an area of concern where improvements are required.
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about Darktrace?
A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time.
 

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
No data available
 

Learn More

Video not available
 

Overview

 

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Find out what your peers are saying about Cisco Secure Network Analytics vs. Darktrace and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.