Cisco Secure Network Analytics vs Vectra AI comparison

Cisco Secure Network Analytics

Read 43 Vectra AI reviews

8,868 Views
4,434 Comparison Views

97% willing to recommend

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 6, 2024

Vectra AI and Cisco Secure Network Analytics are competing products in the network security and threat detection category. Vectra AI appears to have an advantage due to its focused AI-driven insights and detection capabilities, while Cisco excels in detailed network monitoring and analysis.

Features: Vectra AI leverages AI and machine learning for advanced threat detection, reduces alert fatigue, and offers integration with SIEM tools, providing visibility into lateral network movements. It efficiently prioritizes threats and correlates detections with compromised host devices. Cisco Secure Network Analytics provides network visibility and integrates with Cisco's suite, offering encrypted threat analysis and flow-based analytics for insights into network traffic and anomalies.

Room for Improvement: Vectra AI could enhance host-level visibility and integration with external data sources, as its network-based focus restricts full integration of host behaviors. Users have requested better documentation and smoother security tool integrations. Cisco Secure Network Analytics needs a more user-friendly interface and simpler integration processes. Its pricing model and network flow-based licensing can be complex, and more comprehensive AI features are desired for improved threat response.

Ease of Deployment and Customer Service: Vectra AI provides flexible deployment options, including on-premises, public cloud, and hybrid setups, with customer service praised for responsiveness and expertise. Cisco Secure Network Analytics mainly operates on-premises with reliable support but users report occasional challenges with deployment complexity. Vectra's support is noted for quick response times, while Cisco's is initially cumbersome but dependable.

Pricing and ROI: Vectra AI's pricing is considered high due to its comprehensive AI capabilities, with tiered licensing based on IP addresses and features like Cognito Recall. It offers strong ROI through reduced attack response time and detection efficiency. Cisco Secure Network Analytics is also expensive, with pricing linked to network flow and feature usage. Its integration with larger Cisco solutions can add value but might be costly for smaller setups. Users find Vectra AI offers better ROI through its AI-driven insights and reduced manual workload.

To learn more, read our detailed Cisco Secure Network Analytics vs. Vectra AI Report (Updated: October 2024).

Cisco Secure Network Analytics vs. Vectra AI

October 2024

Valuable Features

No sentiment score available

Sentiment score

8.0

Vectra AI excels in precise threat detection, reducing alert fatigue, and improving response efficiency with AI-driven analysis and integration.

No quotes available

For more quotes and insights, download the Cisco Secure Network Analytics report

No quotes available

For more quotes and insights, download the Vectra AI report

Categories and Ranking

Cisco Secure Network Analytics

Ranking in Network Detection and Response (NDR)

5th

Average Rating

8.2

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Network Monitoring Software (24th), Network Traffic Analysis (NTA) (3rd), Cisco Security Portfolio (4th)

Vectra AI

Ranking in Network Detection and Response (NDR)

2nd

Average Rating

8.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Intrusion Detection and Prevention Software (IDPS) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)

Mindshare comparison

As of November 2024, in the Network Detection and Response (NDR) category, the mindshare of Cisco Secure Network Analytics is 8.9%, down from 12.6% compared to the previous year. The mindshare of Vectra AI is 20.2%, up from 19.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Network Detection and Response (NDR)

Q&A Highlights

Cara Wolf

Founder & CEO with 51-200 employees

Feb 11, 2020

I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?

I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by a second-generation AV but I need to have a solid 2nd gen. AV besides the total high cost of Darktrace which by the way is worth it for IT pros but not for business owners. We need to have something like virus total but for risks and threats beyond viruses where all vendors work on this and all endpoint customers with different vendors connect to it to be secured.

You are able to drill down into a center's utilization, then create reports based on it

Featured Reviews

Rainier S.

Head of Integration Engineering / Enterprise Technology & Innovation at a healthcare company with 10,001+ employees

In the last year or two, we have been working with our Cisco NAS engineers to improve our security posturing. It is more our being proactive rather than reactive. While Stealthwatch and Lancope have this ability to look inside and give you visibility (a great feature), follow-up is the rule. We would like filters that you can put into place to tap onto certain types of behaviors, alerts out, and/or hopefully a block. This is sort of what we are looking for. I might be speaking too early, because we are not down this path yet. We know the feature set is there, we just do not know yet how to achieve it. That is proactive rather than more reactive. For Lancope Stealthwatch, we would like to see it more on the ASA Firewall platform. While this might already be available, this is more a failing of Cisco to inform us if it is there. For example: * Are we on the right or wrong version of the code? * What does the code look like? * Are we are really looking at firewalls? Or is it more about the foundation and route switches that we are seeing? It is about visibility.

Read full review

Tony Whelton

Director IT at Wellington College

Integrates well with other security solutions and provides good technical support

The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.

See recommendations

816,192 professionals have used our research since 2012.

Answers from the Community

Cara Wolf

Founder & CEO with 51-200 employees

Feb 11, 2020

I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?

2 out of 9 answers

reviewer973458

CEO & Founder at a tech services company with 1-10 employees

Aug 26, 2019

Raffael Marty, Vice President, Forcepoint Research and Intelligence, said: "There is no artificial intelligence in the field of information security, and it is unlikely to be developed in 2019." Most of unsupervised machine learning-based network anomaly detection solution does not provide why the anomaly has been aroused and whether the anomaly is malicious or not. Most of such solution's pricing model is based on number of endpoints but I prefer to have flat fee subscription-based.

Read full answer

ImadTaha

Group CIO with 10,001+ employees

Aug 26, 2019

Read full answer

See all 9 answers

Top Industries

By visitors reading reviews

Computer Software Company

31%

Financial Services Firm

11%

Government

Manufacturing Company

Computer Software Company

16%

Financial Services Firm

12%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco Stealthwatch?

The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.

What is your experience regarding pricing and costs for Cisco Stealthwatch?

The tool is not cheaply priced. In cybersecurity, you want an extra layer of security in your organization. Some sectors want NDR solutions, so you cannot deploy such tools everywhere, as they are ...

What needs improvement with Cisco Stealthwatch?

The expensive nature of the tool is an area of concern where improvements are required.

What is the biggest difference between Corelight and Vectra AI?

The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...

What do you like most about Vectra AI?

The solution is currently used as a central threat detection and response system.

What is your experience regarding pricing and costs for Vectra AI?

The licensing is on annual basis.

Darktrace vs Cisco Secure Network Analytics

Comparisons

Compared 18% of the time

ThousandEyes vs Cisco Secure Network Analytics

Compared 9% of the time

Arista NDR vs Cisco Secure Network Analytics

Compared 5% of the time

ExtraHop Reveal(x) vs Cisco Secure Network Analytics

Compared 5% of the time

SolarWinds NetFlow Traffic Analyzer vs Cisco Secure Network Analytics

Compared 3% of the time

More Cisco Secure Network Analytics Competitors

Darktrace vs Vectra AI

Compared 35% of the time

ExtraHop Reveal(x) vs Vectra AI

Compared 12% of the time

Arista NDR vs Vectra AI

Compared 5% of the time

Corelight vs Vectra AI

Compared 5% of the time

Trend Micro Deep Discovery vs Vectra AI

Compared 3% of the time

More Vectra AI Competitors

Product Reports

Cisco Secure Network Analytics

November 2024

Download Cisco Secure Network Analytics product report

Download Vectra AI product report

October 2024

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch

Vectra Networks, Vectra AI NDR

Learn More

Video not available

Cisco

Overview

Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.

Cisco Secure Network Analytics Benefits

A few ways that organizations can benefit by choosing to deploy Cisco Secure Network Analytics include:

Security scaling. Secure Network Analytics makes it easy for organizations to scale up their level of network protection to match the growth that their business is experiencing. It can be deployed on whatever type of system is necessary. Users will have their growth needs met at every stage of their business journey because the solution offers users the ability to use it on-premises or in the cloud and it can be consumed as a SaaS-based or license-based solution. Whenever any kind of device is added, Secure Network Analytics can automatically classify that device so that it is seamlessly integrated into its network protection system.

Detects threats as they appear. Users gain the ability to scan their network traffic for even the most advanced threats at all times. Secure Network Analytics easily identifies the early warning signs that are typically initiated before attacks are conducted by bad actors. Once these signs are found, users are warned so that they can take steps to prevent those threats from escalating. This also enables users to determine the source of the threat and whether it might have spread further than initially thought.

Eliminate blind spots. Organizations that use Secure Network Analytics can view their network traffic across both private networks and public cloud environments. The scanning power of the solution allows users to gain complete visibility with a fewer number of sensors than their competitors require to achieve a similar level of protection.

Cisco Secure Network Analytics Features

Some of the many features that Cisco Secure Network Analytics offers include:

Centralized security management. Secure Network Analytics’ Identity Services Engine feature enables users to control their network from a single graphical user interface. Administrators can simplify their jobs by controlling profiler, posture, guest, authentication, and authorization services from a single pane of glass.

Machine learning tools. Secure Network Analytics uses machine learning to generate alerts when malicious or suspicious activity is detected. It also analyzes the threat so that users gain insight into the nature of the dangers that confront them. Additionally, it examines the threats to determine whether they are actual threats or false alarms. This significantly reduces the number of false alarms that administrators have to spend time attempting to resolve.

Automation. Users can automate routine tasks that users would otherwise have to handle manually. This automation feature frees administrators and employees to handle other more critical tasks.

Reviews from Real Users

Cisco Secure Network Analytics is a solution that stands out even when compared to many other comparable products. Two major advantages that it offers are the way that it enables users to define the threshold at which the solution will issue a warning to administrators and the predefined alerts that it offers straight out of the box.

Gerald J., the information technology operations supervisor at Aboitiz Equity Ventures, Inc., writes, “StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.”

A senior security engineer at a tech services company, says, “Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box.”

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association