Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs LogRhythm NetMon comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 10, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Network Analytics
Ranking in Network Monitoring Software
22nd
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
60
Ranking in other categories
Network Traffic Analysis (NTA) (3rd), Network Detection and Response (NDR) (5th), Cisco Security Portfolio (7th)
LogRhythm NetMon
Ranking in Network Monitoring Software
58th
Average Rating
7.6
Reviews Sentiment
7.7
Number of Reviews
11
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Network Monitoring Software category, the mindshare of Cisco Secure Network Analytics is 1.2%, down from 1.6% compared to the previous year. The mindshare of LogRhythm NetMon is 0.3%, down from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Monitoring Software
 

Featured Reviews

Sudhakar T - PeerSpot reviewer
Strong network security analytics with excellent encrypted traffic analysis features
Improvements are needed on the application layer for complete security analysis. The solution should have the ability to analyze security events not only at the network layer but also at the application and OS layers. There's a need for a more comprehensive licensing model where all necessary licenses are included by default.
AshishDubey - PeerSpot reviewer
A stable and scalable tool useful for network behavior analysis, DPA, and network forensic services
I have not worked much on LogRhythm NetMon to be able to comment on what needs improvement in the product since there is another team in our company that is working on the solution presently. LogRhythm NetMon's pricing model is an area of concern that should be made a little bit cheaper in comparison to the other players in the market currently. With players like IBM QRadar that propose QNI or Darktrace in the market, LogRhythm NetMon needs to consider a reduction in its pricing model.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of the solution is that it helps you gain visibility for your application."
"Stability is the most valuable feature we have seen in this solution."
"The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
"Ease of deployment, once you get your ducks in a row."
"The ability to send data flow from other places and have them all in one place is very valuable for us."
"From a security standpoint, it is just seeing pockets as well. Visibility is very key for us."
"Provides easily identifiable anomalies that you can't see with signature detections."
"Using this solution has helped us to detect and identify viruses or malicious activity in the network early on."
"NetMon's best feature is traffic analysis."
"The initial setup is straightforward because we can deploy an open server."
"The protocols with which you see the traffic for a particular website that a client has in their environment, for example, are valuable. We can monitor whether the traffic is up to the mark or whether they need to add more bandwidth. Also, we can see if we're able to get real-time environment data as well. The customization dashboard is really good. LogRhythm NetMon has its own in-built dashboards which are helpful in guiding customization."
"It has a very strong artificial intelligence engine."
"The most valuable feature is the log, which can be analyzed by our SIEM solution."
"It is a stable solution...It is a scalable solution."
"LogRhythm NetMon's most impressive feature is that it's a bundled package, so you're not just relying on monthly data; you get a six-month view for more comprehensive indicators of compromise. This dual approach is precious. We implement LogRhythm NetMon in our cybersecurity strategy mainly for compliance and correlation of network, user, and decision activities, particularly for network firewalls and access control."
"The analytics feature is the most valuable feature."
 

Cons

"It is time-consuming to set it up and understand how the tool works."
"I would like to see more expansion in artificial intelligence and machine learning features."
"I would like to see some improvement when it comes to reporting."
"We haven't seen ROI."
"Better integration between Cisco Secure Network Analytics and Cisco Secure Workload would be beneficial."
"Its granularity for RBAC roles-based access control needs improvement."
"I would like to see a hybrid solution that can work without being connected directly to the internet for those destinations."
"The usability of this solution needs to be improved."
"Could use a topology diagram which would help get an exact visual."
"The main concern is that LogRhythm has not improved NetMon but instead introduced a separate product, which many customers, including us, would prefer to be integrated into a single platform for easier management."
"The platform's integration features often need to be improved."
"Some of the automated tasks we can perform on QRadar cannot be performed on LogRhythm because the solution has limitations."
"The training for this product is not very good and needs to be improved."
"I would like to see better integration with multiple products. Integration is not something that is readily available for most of the products."
"Sometimes it's hard to find the network devices' self-audit logs."
"There is an issue with tunneling in relation to how the connectivity is established between the end devices and where NetMon is installed. On the console, I often observe that there's a difference of a few seconds or maybe a minute, and this lag time should not be there."
 

Pricing and Cost Advice

"On a yearly basis, licensing is somewhere around $30,000."
"Our fees are approximately $3,000 USD."
"Licensing is on a yearly basis."
"Licensing is done by flows per second, not including outside>in traffic."
"The tool is not cheaply priced."
"It has a subscription model. There is yearly support, and there is also three-year support. It depends on what the customers want."
"​Licensing is done by flows per second, not including outside (in traffic)."
"This is an expensive product. We have quit paying for support because we don't want to have to upgrade it and keep paying for it."
"The product is expensive for smaller companies."
"I don't have visibility into the pricing of LogRhythm NetMon as it's handled through our commercial partnerships."
"LogRhythm's licensing part is something that depends on the license you want since they offer it on a perpetual and subscription basis."
"NetMon's licensing costs about $85k per year, with some extra costs for support."
"The price of this solution is too high, so it should be made more practical and more valuable for the customer."
"Pricing is okay. There were some competitors that were extremely expensive and there were some which were really inexpensive but LogRhythm stayed in the middle of them."
report
Use our free recommendation engine to learn which Network Monitoring Software solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
29%
Financial Services Firm
12%
Government
9%
Manufacturing Company
7%
Financial Services Firm
25%
Computer Software Company
21%
Government
10%
Insurance Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
What is your experience regarding pricing and costs for Cisco Stealthwatch?
The organization experienced challenges with licensing as Cisco has multiple licensing factors, and there are concerns about the price. Cisco solutions are considered to be very expensive.
What needs improvement with Cisco Stealthwatch?
Improvements are needed on the application layer for complete security analysis. The solution should have the ability to analyze security events not only at the network layer but also at the applic...
What do you like most about LogRhythm NetMon?
It has a very strong artificial intelligence engine.
What is your experience regarding pricing and costs for LogRhythm NetMon?
I don't have visibility into the pricing of LogRhythm NetMon as it's handled through our commercial partnerships.
What needs improvement with LogRhythm NetMon?
The main concern is that LogRhythm has not improved NetMon but instead introduced a separate product, which many customers, including us, would prefer to be integrated into a single platform for ea...
 

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
LogRhythm Network Monitor
 

Overview

 

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
Sera-Brynn
Find out what your peers are saying about Cisco Secure Network Analytics vs. LogRhythm NetMon and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.