Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs NetWitness Platform comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Juniper Mist Premium Analytics
Sponsored
Average Rating
8.0
Number of Reviews
2
Ranking in other categories
Network Monitoring Software (58th)
Cisco Secure Network Analytics
Average Rating
8.2
Number of Reviews
59
Ranking in other categories
Network Monitoring Software (24th), Network Traffic Analysis (NTA) (3rd), Network Detection and Response (NDR) (5th), Cisco Security Portfolio (4th)
NetWitness Platform
Average Rating
7.4
Number of Reviews
36
Ranking in other categories
Log Management (25th), Security Information and Event Management (SIEM) (24th)
 

Mindshare comparison

Network Monitoring Software
Log Management
 

Featured Reviews

ALEXANDRE VIANNA - PeerSpot reviewer
May 3, 2024
Has a single dashboard, but is expensive
We use this solution to manage our mission environment The single dashboard is a valuable feature.  The technical support needs improvement. The initial setup is straightforward. The solution is expensive. I rate the pricing an eight out of ten.  Overall, I rate the solution a seven out of…
Rainier S. - PeerSpot reviewer
Mar 22, 2018
You are able to drill down into a center's utilization, then create reports based on it
In the last year or two, we have been working with our Cisco NAS engineers to improve our security posturing. It is more our being proactive rather than reactive. While Stealthwatch and Lancope have this ability to look inside and give you visibility (a great feature), follow-up is the rule. We would like filters that you can put into place to tap onto certain types of behaviors, alerts out, and/or hopefully a block. This is sort of what we are looking for. I might be speaking too early, because we are not down this path yet. We know the feature set is there, we just do not know yet how to achieve it. That is proactive rather than more reactive. For Lancope Stealthwatch, we would like to see it more on the ASA Firewall platform. While this might already be available, this is more a failing of Cisco to inform us if it is there. For example: * Are we on the right or wrong version of the code? * What does the code look like? * Are we are really looking at firewalls? Or is it more about the foundation and route switches that we are seeing? It is about visibility.
MdZaman - PeerSpot reviewer
Oct 22, 2021
Really scalable for enterprise customers
The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The single dashboard is a valuable feature."
"We can manage the entire system across the network and troubleshoot the pain points."
"The most valuable feature is integration."
"Cisco Secure Network Analytics has increased the visibility of what is happening in our network, and I think that's the most important reason to use it. We can see what is really happening instead of just looking at numbers from routers or switches."
"From a security standpoint, it is just seeing pockets as well. Visibility is very key for us."
"The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now."
"The beginning of any security investigation starts with net flow data."
"It does change the way we troubleshoot and it is relatively easy to use once you learn it. I would recommend it to someone considering it."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"It has definitely helped us improve our mean time to resolution on network issues."
"The most valuable feature is the security that it provides."
"The most valuable features are the threat prediction and network forensics."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The most valuable feature is the hunting ability to work in a CERT."
"NetWitness can be highly beneficial for incident detection and response."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
 

Cons

"The technical support needs improvement."
"The Wi-Fi side needs improvement."
"We determined that Stealthwatch wouldn't provide the machine learning model that we required."
"The expensive nature of the tool is an area of concern where improvements are required."
"I would like to see a hybrid solution that can work without being connected directly to the internet for those destinations."
"It would be better to let people know, up front, that is doesn't give you nice, clear information, as seen in the demos, without Cisco ISE installed."
"I would like to see it better organized when I'm looking at it."
"The initial setup was straightforward but required a lot of data entry, to begin with building out the server types and network types."
"We would like the solution to make more advances in the way that Extreme Networks has been doing."
"The initial setup is complex, as there is a lot to configure."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"The solution should have more integration capabilities with different platforms."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"The initial setup is very complex and should be simplified."
"Its technical support could be better."
"The log system is a bit complex and has room for improvement."
 

Pricing and Cost Advice

"The solution is expensive."
"On a yearly basis, licensing is somewhere around $30,000."
"The yearly licensing cost is about $50,000."
"It has a subscription model. There is yearly support, and there is also three-year support. It depends on what the customers want."
"Our fees are approximately $3,000 USD."
"The pricing for this solution is good."
"The solution is expensive. It costs several hundred thousand dollars per year (depending on how many flows you are collecting)."
"Licensing is on a yearly basis."
"This is an expensive product. We have quit paying for support because we don't want to have to upgrade it and keep paying for it."
"We are on an annual license for the use of the solution."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"This is a pricey solution; it's not cheap."
"It provides tools to assist in selecting the appropriate license and usage scenarios."
"The product is expensive."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"Our license is for one year."
"The licenses are good but the cost is very expensive."
report
Use our free recommendation engine to learn which Network Monitoring Software solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
9%
Government
8%
Computer Software Company
31%
Financial Services Firm
11%
Government
8%
Manufacturing Company
6%
Financial Services Firm
17%
Computer Software Company
17%
Government
7%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Juniper Mist Premium Analytics?
We can manage the entire system across the network and troubleshoot the pain points.
What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
What is your experience regarding pricing and costs for Cisco Stealthwatch?
The tool is not cheaply priced. In cybersecurity, you want an extra layer of security in your organization. Some sect...
What needs improvement with Cisco Stealthwatch?
The expensive nature of the tool is an area of concern where improvements are required.
What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
What is your experience regarding pricing and costs for NetWitness Platform?
The product price was reasonable for my region and the market.
What needs improvement with NetWitness Platform?
From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log ...
 

Also Known As

No data available
Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
RSA Security Analytics
 

Learn More

Video not available
Video not available
 

Overview

 

Sample Customers

Information Not Available
Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
Los Angeles World Airports, Reply
Find out what your peers are saying about Zabbix, Datadog, Auvik and others in Network Monitoring Software. Updated: November 2024.
814,649 professionals have used our research since 2012.