Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs Vectra AI comparison

Cisco and Vectra AI are both solutions in the Network Detection and Response (NDR) category. Cisco is ranked #5 with an average rating of 8.0, while Vectra AI is ranked #2 with an average rating of 8.2. Cisco holds a 9.1% mindshare in NDaR, compared to Vectra AI’s 20.1% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 97% of Vectra AI users who would recommend it.
Cisco Secure Network Analytics
Read 59 Cisco Secure Network Analytics reviews
  • 3,059 Views
  • 2,454 Comparison Views
87% willing to recommend
Vectra AI
Read 43 Vectra AI reviews
  • 8,716 Views
  • 4,382 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 6, 2024

Vectra AI and Cisco Secure Network Analytics are competing products in the network security and threat detection category. Vectra AI appears to have an advantage due to its focused AI-driven insights and detection capabilities, while Cisco excels in detailed network monitoring and analysis.

Features: Vectra AI leverages AI and machine learning for advanced threat detection, reduces alert fatigue, and offers integration with SIEM tools, providing visibility into lateral network movements. It efficiently prioritizes threats and correlates detections with compromised host devices. Cisco Secure Network Analytics provides network visibility and integrates with Cisco's suite, offering encrypted threat analysis and flow-based analytics for insights into network traffic and anomalies.

Room for Improvement: Vectra AI could enhance host-level visibility and integration with external data sources, as its network-based focus restricts full integration of host behaviors. Users have requested better documentation and smoother security tool integrations. Cisco Secure Network Analytics needs a more user-friendly interface and simpler integration processes. Its pricing model and network flow-based licensing can be complex, and more comprehensive AI features are desired for improved threat response.

Ease of Deployment and Customer Service: Vectra AI provides flexible deployment options, including on-premises, public cloud, and hybrid setups, with customer service praised for responsiveness and expertise. Cisco Secure Network Analytics mainly operates on-premises with reliable support but users report occasional challenges with deployment complexity. Vectra's support is noted for quick response times, while Cisco's is initially cumbersome but dependable.

Pricing and ROI: Vectra AI's pricing is considered high due to its comprehensive AI capabilities, with tiered licensing based on IP addresses and features like Cognito Recall. It offers strong ROI through reduced attack response time and detection efficiency. Cisco Secure Network Analytics is also expensive, with pricing linked to network flow and feature usage. Its integration with larger Cisco solutions can add value but might be costly for smaller setups. Users find Vectra AI offers better ROI through its AI-driven insights and reduced manual workload.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cisco Secure Network Analytics vs. Vectra AI Report (Updated: December 2024).
Buyer's Guide
Cisco Secure Network Analytics vs. Vectra AI
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

Cisco Secure Network Analytics
Ranking in Network Detection and Response (NDR)
5th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
59
Ranking in other categories
Network Monitoring Software (24th), Network Traffic Analysis (NTA) (3rd), Cisco Security Portfolio (3rd)
Vectra AI
Ranking in Network Detection and Response (NDR)
2nd
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
43
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

As of December 2024, in the Network Detection and Response (NDR) category, the mindshare of Cisco Secure Network Analytics is 9.1%, down from 12.1% compared to the previous year. The mindshare of Vectra AI is 20.1%, up from 20.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Detection and Response (NDR)
 

Q&A Highlights

CW
Feb 11, 2020
I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by a second-generation AV but I need to have a solid 2nd gen. AV besides the total high cost of Darktrace which by the way is worth it for IT pros but not for business owners. We need to have something like virus total but for risks and threats beyond viruses where all vendors work on this and all endpoint customers with different vendors connect to it to be secured.
See all answers
 

Featured Reviews

Rainier S. - PeerSpot reviewer
You are able to drill down into a center's utilization, then create reports based on it
In the last year or two, we have been working with our Cisco NAS engineers to improve our security posturing. It is more our being proactive rather than reactive. While Stealthwatch and Lancope have this ability to look inside and give you visibility (a great feature), follow-up is the rule. We would like filters that you can put into place to tap onto certain types of behaviors, alerts out, and/or hopefully a block. This is sort of what we are looking for. I might be speaking too early, because we are not down this path yet. We know the feature set is there, we just do not know yet how to achieve it. That is proactive rather than more reactive. For Lancope Stealthwatch, we would like to see it more on the ASA Firewall platform. While this might already be available, this is more a failing of Cisco to inform us if it is there. For example: * Are we on the right or wrong version of the code? * What does the code look like? * Are we are really looking at firewalls? Or is it more about the foundation and route switches that we are seeing? It is about visibility.
Read full review
Tony Whelton - PeerSpot reviewer
Integrates well with other security solutions and provides good technical support
The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It has been pretty stable since we deployed it, and everything seems to be working fine."
"Stability is the most valuable feature we have seen in this solution."
"The most valuable feature is anomaly detection, where it finds things that are not allowed internally."
"The most valuable feature is NetFlow. The beginning of any security investigation starts with NetFlow data."
"The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
"Overall, the implementation is very good."
"The solution has increased our threat detection rate. Cisco Stealthwatch has not reduced our incident response times. It has not reduced the amount of time it takes us to detect immediate threats. It has reduced false positives."
"The most valuable feature of the solution is that it helps you gain visibility for your application."
More Cisco Secure Network Analytics pros
"It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part."
"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."
"We particularly like the user experience around the dashboard, which we find to be much more straightforward than the dashboard of some of the competitive products... Vectra is a really easy system to understand and use to prioritize where we need to focus our security resources."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us."
"Vectra AI is the best. It is a major product in our cybersecurity."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"Vectra AI generates relevant information."
More Vectra AI pros
 

Cons

"We haven't seen ROI."
"I would like to see a hybrid solution that can work without being connected directly to the internet for those destinations."
"The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure."
"Stealthwatch needs improvement when it comes to speed."
"We determined that Stealthwatch wouldn't provide the machine learning model that we required."
"Some of our customers find this solution to be a little bit tough because they don't understand how to configure and use it."
"One thing I would like to see improved is if it could automatically be tied through ISE, instead of you having to manually get notifications and disable it yourself."
"Cisco could improve the administration for the customers."
More Cisco Secure Network Analytics cons
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."
"Some of their integrations with other sources of data, like external threat feeds, took a bit more work than I had hoped to get integrated."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"I think Vectra AI's automation, reporting, and integration could be improved."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"The solution's marketing is not good."
More Vectra AI cons
 

Pricing and Cost Advice

"The licensing costs are outrageous."
"There are additional licenses needed for the number of so-called network flows. It's hard to plan the number of flows you need in the network, this is a problem. The price of the Cisco Stealthwatch is relatively inexpensive"
"The pricing for this solution is good."
"NetFlow is very expensive."
"​Licensing is done by flows per second, not including outside (in traffic)."
"It has a subscription model. There is yearly support, and there is also three-year support. It depends on what the customers want."
"This is an expensive product. We have quit paying for support because we don't want to have to upgrade it and keep paying for it."
"Today, we are part of the big Cisco ELA, and it is a la carte. We can get orders for whatever we want. At the end of the day, we have to pay for it in one big expense, but that is fine. We are okay with that."
More Cisco Secure Network Analytics pricing and cost advice
"Cost is a big factor, as always. However, I think we have a very good price–performance ratio."
"It's relatively on the pricier side, but when compared to other solutions. It's not the most budget-friendly option, but it can be considered somewhat more cost-effective in comparison to other alternatives."
"The pricing is very good. It's less expensive than many of the tools out there."
"From a licensing perspective, the Vectra detect platform is pretty doable. Also, the hardware prices are nothing that we're not used to. The stream part is a little overpriced compared to the detect part. The reason is that you need to stream data to detect events anyway, so the data is in there. The only thing that's not available is the UI to be able to look at the stream data, which is also on the appliances but is just not activated. That's mainly the thing that we want to improve on."
"The pricing is high."
"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
"Vectra AI's pricing is cheaper than that of Darktrace."
"The licensing is on an annual basis."
More Vectra AI pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Answers from the Community

CW
Feb 11, 2020
Feb 11, 2020
I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by...
2 out of 9 answers
reviewer973458 - PeerSpot reviewer
Aug 26, 2019
Raffael Marty, Vice President, Forcepoint Research and Intelligence, said: "There is no artificial intelligence in the field of information security, and it is unlikely to be developed in 2019." Most of unsupervised machine learning-based network anomaly detection solution does not provide why the anomaly has been aroused and whether the anomaly is malicious or not. Most of such solution's pricing model is based on number of endpoints but I prefer to have flat fee subscription-based.
Read full answer
IT
Aug 26, 2019
I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by a second-generation AV but I need to have a solid 2nd gen. AV besides the total high cost of Darktrace which by the way is worth it for IT pros but not for business owners. We need to have something like virus total but for risks and threats beyond viruses where all vendors work on this and all endpoint customers with different vendors connect to it to be secured.
Read full answer
See all 9 answers
 

Top Industries

By visitors reading reviews
Computer Software Company
30%
Financial Services Firm
11%
Government
8%
Manufacturing Company
6%
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
See all answers
What is your experience regarding pricing and costs for Cisco Stealthwatch?
The tool is not cheaply priced. In cybersecurity, you want an extra layer of security in your organization. Some sectors want NDR solutions, so you cannot deploy such tools everywhere, as they are ...
See all answers
What needs improvement with Cisco Stealthwatch?
The expensive nature of the tool is an area of concern where improvements are required.
See all answers
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
See all answers
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
See all answers
What is your experience regarding pricing and costs for Vectra AI?
Vectra is cheaper in terms of pricing and features compared to Darktrace.
See all answers
 

Comparisons

Darktrace vs Cisco Secure Network Analytics Logo
Darktrace vs Cisco Secure Network Analytics
Compared 18% of the time
ThousandEyes vs Cisco Secure Network Analytics Logo
ThousandEyes vs Cisco Secure Network Analytics
Compared 9% of the time
Arista NDR vs Cisco Secure Network Analytics Logo
Arista NDR vs Cisco Secure Network Analytics
Compared 5% of the time
ExtraHop Reveal(x) vs Cisco Secure Network Analytics Logo
ExtraHop Reveal(x) vs Cisco Secure Network Analytics
Compared 5% of the time
Trend Micro Deep Discovery vs Cisco Secure Network Analytics Logo
Trend Micro Deep Discovery vs Cisco Secure Network Analytics
Compared 3% of the time
More Cisco Secure Network Analytics Competitors
Darktrace vs Vectra AI Logo
Darktrace vs Vectra AI
Compared 36% of the time
ExtraHop Reveal(x) vs Vectra AI Logo
ExtraHop Reveal(x) vs Vectra AI
Compared 12% of the time
Arista NDR vs Vectra AI Logo
Arista NDR vs Vectra AI
Compared 5% of the time
Corelight vs Vectra AI Logo
Corelight vs Vectra AI
Compared 5% of the time
Rapid7 InsightIDR vs Vectra AI Logo
Rapid7 InsightIDR vs Vectra AI
Compared 3% of the time
More Vectra AI Competitors
 

Product Reports

Buyer's Guide
Cisco Secure Network Analytics
December 2024
Cisco Secure Network Analytics reportDownload Cisco Secure Network Analytics product report
Buyer's Guide
Vectra AI
November 2024
Vectra AI reportDownload Vectra AI product report
 

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
Vectra Networks, Vectra AI NDR
 

Learn More

Video not available
Cisco
Vectra AI
 

Overview

Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.

Cisco Secure Network Analytics Benefits

A few ways that organizations can benefit by choosing to deploy Cisco Secure Network Analytics include:

  • Security scaling. Secure Network Analytics makes it easy for organizations to scale up their level of network protection to match the growth that their business is experiencing. It can be deployed on whatever type of system is necessary. Users will have their growth needs met at every stage of their business journey because the solution offers users the ability to use it on-premises or in the cloud and it can be consumed as a SaaS-based or license-based solution. Whenever any kind of device is added, Secure Network Analytics can automatically classify that device so that it is seamlessly integrated into its network protection system.
  • Detects threats as they appear. Users gain the ability to scan their network traffic for even the most advanced threats at all times. Secure Network Analytics easily identifies the early warning signs that are typically initiated before attacks are conducted by bad actors. Once these signs are found, users are warned so that they can take steps to prevent those threats from escalating. This also enables users to determine the source of the threat and whether it might have spread further than initially thought.
  • Eliminate blind spots. Organizations that use Secure Network Analytics can view their network traffic across both private networks and public cloud environments. The scanning power of the solution allows users to gain complete visibility with a fewer number of sensors than their competitors require to achieve a similar level of protection.

Cisco Secure Network Analytics Features

Some of the many features that Cisco Secure Network Analytics offers include:

  • Centralized security management. Secure Network Analytics’ Identity Services Engine feature enables users to control their network from a single graphical user interface. Administrators can simplify their jobs by controlling profiler, posture, guest, authentication, and authorization services from a single pane of glass.
  • Machine learning tools. Secure Network Analytics uses machine learning to generate alerts when malicious or suspicious activity is detected. It also analyzes the threat so that users gain insight into the nature of the dangers that confront them. Additionally, it examines the threats to determine whether they are actual threats or false alarms. This significantly reduces the number of false alarms that administrators have to spend time attempting to resolve.
  • Automation. Users can automate routine tasks that users would otherwise have to handle manually. This automation feature frees administrators and employees to handle other more critical tasks.

Reviews from Real Users

Cisco Secure Network Analytics is a solution that stands out even when compared to many other comparable products. Two major advantages that it offers are the way that it enables users to define the threshold at which the solution will issue a warning to administrators and the predefined alerts that it offers straight out of the box.

Gerald J., the information technology operations supervisor at Aboitiz Equity Ventures, Inc., writes, “StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.”

A senior security engineer at a tech services company, says, “Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box.”

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?
  • High accuracy in identifying threat locations
  • Aggregation of alerts into single incidents
  • 24/7 threat detection
  • Visibility into the entire attack lifecycle
  • Risk score aggregation
  • Effective triaging of alerts
  • Integration with other tools
What benefits or ROI should users look for?
  • Enhanced threat detection and prioritization
  • Comprehensive network visibility
  • Reduction in false positives
  • Better incident response capabilities
  • Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

 

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Buyer's Guide
Cisco Secure Network Analytics vs. Vectra AI
December 2024
Free Report: Cisco Secure Network Analytics vs. Vectra AI
Find out what your peers are saying about Cisco Secure Network Analytics vs. Vectra AI and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our Cisco Secure Network Analytics vs. Vectra AI report.
See our list of best Network Detection and Response (NDR) vendors.

We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.