Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs Fidelis Elevate comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 6, 2024
 

Categories and Ranking

Cisco Secure Network Analytics
Ranking in Network Detection and Response (NDR)
5th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
59
Ranking in other categories
Network Monitoring Software (24th), Network Traffic Analysis (NTA) (3rd), Cisco Security Portfolio (3rd)
Fidelis Elevate
Ranking in Network Detection and Response (NDR)
14th
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
7
Ranking in other categories
Endpoint Detection and Response (EDR) (38th), Threat Deception Platforms (6th), SSL/TLS Decryption (2nd), Managed Detection and Response (MDR) (24th), Extended Detection and Response (XDR) (23rd)
 

Featured Reviews

Rainier S. - PeerSpot reviewer
You are able to drill down into a center's utilization, then create reports based on it
In the last year or two, we have been working with our Cisco NAS engineers to improve our security posturing. It is more our being proactive rather than reactive. While Stealthwatch and Lancope have this ability to look inside and give you visibility (a great feature), follow-up is the rule. We would like filters that you can put into place to tap onto certain types of behaviors, alerts out, and/or hopefully a block. This is sort of what we are looking for. I might be speaking too early, because we are not down this path yet. We know the feature set is there, we just do not know yet how to achieve it. That is proactive rather than more reactive. For Lancope Stealthwatch, we would like to see it more on the ASA Firewall platform. While this might already be available, this is more a failing of Cisco to inform us if it is there. For example: * Are we on the right or wrong version of the code? * What does the code look like? * Are we are really looking at firewalls? Or is it more about the foundation and route switches that we are seeing? It is about visibility.
Mostafa Ameen - PeerSpot reviewer
Advanced threat detection capabilities with comprehensive incident response features providing robust cybersecurity for organizations
The initial aspect concerns two engines. The first one mentioned is available for searching behaviors directly. The second engine involves the Google Ade tool, which operates on the machine. The challenge arises when attempting to rectify protection rules, causing confusion. It would be beneficial to enhance Rigixs Query. I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Using this solution has helped us to detect and identify viruses or malicious activity in the network early on."
"If you are using Darktrace or NAC solutions you can integrate Stealthwatch."
"Provides easily identifiable anomalies that you can't see with signature detections."
"The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration."
"The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
"Overall, the implementation is very good."
"The most valuable features of this solution are the logging, keeping threats under control, and keeping our data and environment secure."
"The most valuable feature of this solution is data hoarding because it catches threats on a frequent basis that we had no idea of."
"Reporting is great, it is easy to do a quick search through 45 days of data for something of interest."
"It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM."
"It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies."
"There are many valuable features. The NDR gives very good network visibility, and the endpoint module has a great feature called "Live Connect" for remote connections. They also have "Tasks" that can be run on endpoints to gather specific information or retrieve logs."
"It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly"
"The solution's technical support is perfect, so I rate the technical support a ten out of ten"
"The initial setup is very straightforward. The deployment of the server doesn't take so long; about a day or two max."
"After rack and stack, devices were up and running base configurations within two hours. As with any IPS, tuning is required to stop false positives. This is no different, but the ease of use of the interface allowed my team to start making adjustments within a few hours."
 

Cons

"Its granularity for RBAC roles-based access control needs improvement."
"Cisco Stealthwatch needs more integration with device discovery. We have to do a lot of hard work to figure out what things are. Better service integration is required."
"We would like the solution to make more advances in the way that Extreme Networks has been doing."
"The initial setup was complex."
"One thing I would like to see improved is if it could automatically be tied through ISE, instead of you having to manually get notifications and disable it yourself."
"One update that I would like to see is an agent-based client. Currently, Stealthwatch is network-based. A local agent could help manage endpoints."
"The ability to be natively integrated into Port Aggregator would be beneficial because it would reduce just one more component that's needed in order to have that type of view."
"Stealthwatch is still maturing in AI. It uses artificial intelligence for predictions, but AI still needs to mature. It is in a phase where you get 95% correct detection. As its AI engine learns more, it will become more accurate. This is applicable to all the devices that are using AI because they support both supervised and unsupervised machine learning. The accuracy in the case of supervised machine learning is dependent on the data you feed into the box. The accuracy in the case of unsupervised machine learning is dependent on the algorithm. The algorithm matures depending on retrospective learning, and this is how it is able to detect zero-day attacks."
"I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls."
"Configuration, in terms of building the collector and communicating with endpoints, is complex."
"There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial."
"The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface."
"Fidelis Endpoint is an expensive product making it one of its shortcomings that needs improvement."
"We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new."
"The reports in the endpoint area of Elevate can be improved."
 

Pricing and Cost Advice

"The solution is expensive. It costs several hundred thousand dollars per year (depending on how many flows you are collecting)."
"​Licensing is done by flows per second, not including outside (in traffic)."
"The licensing costs are outrageous."
"Licensing is done by flows per second, not including outside>in traffic."
"The yearly licensing cost is about $50,000."
"The tool is not cheaply priced."
"Today, we are part of the big Cisco ELA, and it is a la carte. We can get orders for whatever we want. At the end of the day, we have to pay for it in one big expense, but that is fine. We are okay with that."
"This is an expensive product. We have quit paying for support because we don't want to have to upgrade it and keep paying for it."
"It's quite expensive but we can customize it to reduce the price."
"Fidelis Endpoint is an expensive product. My company makes yearly payments toward the licensing cost of the solution."
"It's somehow expensive. From one to ten, I would rate it a five. They need to improve the prices. It's very high."
"You license by the number of days of logs you need to maintain visibility for. Forty-five days is a good solid number for a company with around a 10k user base."
report
Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.
824,145 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
30%
Financial Services Firm
11%
Government
8%
Manufacturing Company
6%
Financial Services Firm
22%
Computer Software Company
12%
Energy/Utilities Company
10%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
What is your experience regarding pricing and costs for Cisco Stealthwatch?
The tool is not cheaply priced. In cybersecurity, you want an extra layer of security in your organization. Some sectors want NDR solutions, so you cannot deploy such tools everywhere, as they are ...
What needs improvement with Cisco Stealthwatch?
The expensive nature of the tool is an area of concern where improvements are required.
What do you like most about Fidelis Elevate?
It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly
What is your experience regarding pricing and costs for Fidelis Elevate?
It's somehow expensive. From one to ten, I would rate it a five. They need to improve the prices. It's very high. We lose customers for price. It's not always worth it for them. Even for enterprise...
What needs improvement with Fidelis Elevate?
The initial aspect concerns two engines. The first one mentioned is available for searching behaviors directly. The second engine involves the Google Ade tool, which operates on the machine. The ch...
 

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
Fidelis Elevate Platform, Fidelis Enterprise, Fidelis Cloud, Fidelis Managed Detection and Response, Fidelis Deception, Fidelis Decryption, Fidelis Endpoint, Fidelis Network
 

Learn More

Video not available
 

Overview

 

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
First Midwest Bank
Find out what your peers are saying about Cisco Secure Network Analytics vs. Fidelis Elevate and other solutions. Updated: December 2024.
824,145 professionals have used our research since 2012.