I use the solution in my company just like an NDR solution so that encrypted traffic does not require to be decrypted. Users can monitor all of the encrypted traffic in the product, making it a unique USP of the solution. I think even other tools have such abilities, but Cisco has claimed it is 100 percent sure of all the encrypted traffic it captures.
Our main use case for Cisco Secure Network Analytics is its ability to monitor encrypted traffic without requiring decryption. This is a unique selling point, allowing us to analyze encrypted traffic securely. While this capability is highlighted by Cisco, it's not exclusive to their solution, as other vendors also offer similar functionalities for monitoring encrypted traffic.
We use Cisco Secure Network Analytics to collect network data, which we then send to our cybersecurity team for analysis. It is a basic use case that focuses on monitoring network traffic for potential security threats and providing our team with the information they need to detect and respond to issues.
Using Cisco Secure Network Analytics has revolutionized our network security. The integration with SRTIntel provides unparalleled visibility, going beyond imagination. SNA, along with the SMA feature, offers detailed insights and call relations, enabling effective threat detection and response. The combination with endpoint protection gives us precise control over traffic, ensuring a robust defense against cyber threats.
We use the solution to improve the security of private hosting and network management systems. We can detect data exfiltration by analyzing statistics and identifying obsolete protocols and applications. It also helps us graph traffic metrics with valuable insights into routing and flows.
Development Manager at a healthcare company with 10,001+ employees
Real User
Top 20
2023-02-20T13:55:00Z
Feb 20, 2023
We're currently using it to figure out what is happening in our network. For example, to see whether there's any incorrect traffic in our network. We are also using it to monitor traffic coming from the internet into our network. We have about 30,000 end users and about 60,000 end devices in the network. We are located in the capital area and have 30 hospitals and 200 other sites.
Learn what your peers think about Cisco Secure Network Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
Senior Cyber Scientist at a government with 10,001+ employees
Real User
Top 10
2023-02-13T14:17:00Z
Feb 13, 2023
We have a number of users that deployed both fixed hubs and satellite sites. Cisco Secure Network Analytics enables us to get full visibility and detect general threats on both types of sites. Regardless of whether a site is deployed overseas or back home, we want one single solution to be able to collect the telemetry, make a decision on it, and report it in a meaningful way. We also want the solution to be able to pipe it to tools that we can use to fight threats.
IT Operations Supervisor at Aboitiz Equity Ventures, Inc.
Real User
2022-05-26T10:57:00Z
May 26, 2022
We use StealthWatch for telemetry on the cybersecurity side. It's also used for CCTV, IoT, and all the other stuff that isn't connected to the network. There is a cloud version of StealthWatch, but we use the on-prem solution.
PMO Department at a comms service provider with 1,001-5,000 employees
Real User
2022-02-17T13:00:00Z
Feb 17, 2022
We are a system integrator and a partner of Cisco. We are providing Network Detection and Response (NDR) solutions, and depending on a customer's requirement, we propose it. This product was launched recently, and it is new in the Cisco portfolio. We have supplied this solution to some of the customers. It is used for network protection for those segments that are not covered by the firewall. It is used for doing ransomware detection in terms of east-west traffic. A firewall can't detect that because it is mostly focused on north-south traffic. So, in the segments that are left out from the firewall, the StealthWatch network detection platform is able to see the malware that is sent to the devices.
Chief Technology Officer at a tech services company with 51-200 employees
MSP
2021-06-25T19:18:40Z
Jun 25, 2021
Our primary use case of Stealthwatch is for flow analysis, to see what's running on the network and to check for anomalous behavior. Stealthwatch runs in the background and analyzes flows, producing summary reports based on the information it receives. You can look for anything that's out of place, for example, background checking on a file transfer where there's a query as to whether it's a legitimate transfer. It's quite a powerful tool that questions what's going on. We are integrators and I'm the chief technology officer. We're gold partners with Cisco.
National Offering Lead - Security Practice at a computer software company with 501-1,000 employees
MSP
2021-02-11T14:58:47Z
Feb 11, 2021
We are resellers, we provide solutions for our clients. We use Stealthwatch for network segmentation use-cases, data analytics around exfiltration, encrypted threat analytics, map phishing, scans. and as a tripwire on top of all of the other security controls that are available.
Ingenieria at a tech services company with 11-50 employees
Real User
2021-02-07T11:03:51Z
Feb 7, 2021
We primarily handle the design, implementation, and support for the solution and we also manage collaboration, routing and switching, security products, et cetera.
Enterprise Information Security Architect at a agriculture with 5,001-10,000 employees
Real User
2021-01-14T23:25:17Z
Jan 14, 2021
From a security perspective, we are watching for behind the scenes data exfiltration, or tubulous, or malicious network traffic, that our other tools may not be detecting at a basic network layer. We are also using it for performance issues in trying to figure out if a site is experiencing issues with slowness. Also, we try to determine things like whether we are exceeding the bandwidth of the link or whether there is a bottleneck or something that's not negotiating correctly on the network. Also, we use it for TAP to try and do inline network traffic analysis from a security perspective or from a performance perspective as well.
Chief Consultant at a tech services company with 11-50 employees
Consultant
2019-09-23T06:34:00Z
Sep 23, 2019
We are a system integrator and I have implemented this solution for one of our customers. This solution is normally used for anomaly detection and malware detection. It is deployed on-premises.
Network Administrator at a mining and metals company with 1,001-5,000 employees
Real User
2019-06-17T08:46:00Z
Jun 17, 2019
Our primary use case for this solution is to monitor east, west, north, and south traffic so that we can see what's going on in the network internally. You don't get that granularity with anything else. We have an ASA that gets north and south traffic. So we're just really interested in this one by itself.
Network Operations Manager at Symantec Corporation
Real User
2019-06-17T08:46:00Z
Jun 17, 2019
Our primary use for this solution is to provide operational metrics. In terms of the analytics and threat detection capabilities, it basically cures our day-to-day for everything that we do. It helps us out tremendously.
We really just use the product for behavior analytics of our employees. When we have issues or when there is some type of an investigation from a security perspective, we pull up Stealthwatch and start trying to see what that user was doing. If there are any anomalies in their activities we have to take action to correct it. We don't need to monitor every device. The reports show everything that person's doing and what device they're running, et cetera, and we really only need specific things. That was one of our problems in the initial deployment. We tried to overcome that by redeploying. I'm not sure exactly sure that it helped a lot. We're getting more data, but I'm not really sure it gives us a true picture.
Lead Network Engineer at a retailer with 1,001-5,000 employees
Real User
2019-06-17T08:46:00Z
Jun 17, 2019
The security team uses it more than we do. I don't work on it that much. We have a couple uses for Stealthwatch: gathering security data and sending logs. I believe there is a gatherer that we have that has all of our logs sitting there. That's basically all we use them for.
Network Section Chief at a government with 1,001-5,000 employees
Real User
2019-06-17T08:45:00Z
Jun 17, 2019
We use Cisco Stealthwatch to do NetFlow across our enterprise network. Cisco Stealthwatch helps our cybersecurity guys detect threats across the network.
Manager of Digital Communications at Memorial Hermann Healthcare System
Real User
2019-06-17T08:45:00Z
Jun 17, 2019
We use Cisco Stealthwatch for security and network analytics. The solution saves you time, money, and administrative work. If we have the device support, it means that I don't have to send someone in a car to go to be local on the site and look at whatever the issue is.
Senior Director of Architecture and Engineering at Trace3
Real User
2019-06-17T08:45:00Z
Jun 17, 2019
We use Stealthwatch primarily to secure customers' endpoint devices, in order to provide more visibility into their security vectors. We determine where they are getting attacked, if they are getting attacked, how to prevent it, how to fight it, etc. We are really trying to take the fight to the administrator and be a little more proactive, as opposed to being so reactive with security events.
Network Engineer at a university with 10,001+ employees
Real User
2019-06-17T08:45:00Z
Jun 17, 2019
For our organization, Cisco Stealthwatch is more of a confirmation of what is happening on our network, or compliance. And in addition to that, it helps us to troubleshoot issues. We get to see where traffic is flowing and it helps us figure out problems.
We mainly use Cisco Stealthwatch in our organization for bandwidth monitoring and other issues we experience on our networks. When someone reports an issue, this solution helps us to determine what's going on in the network by checking the cell blocks and see if there are any issues.
We use Cisco Stealthwatch for device compliance and device auditing. It's part of our overall strategy. We have been consolidating down. Our security team is over-packed. We're trying to leverage what we have and move the blame away from us on the network side.
Manager, Network Engineering & Telecommunications at a healthcare company with 1,001-5,000 employees
Real User
2019-06-17T08:45:00Z
Jun 17, 2019
We use Cisco Stealthwatch mostly for network visibility and security. I believe the solution reduces false-positives by flagging it as potential threats.
IT Network Engineer at a logistics company with 10,001+ employees
Real User
2019-06-17T08:45:00Z
Jun 17, 2019
Our primary use for Stealthwatch is to provide insights into what traffic is flowing through the network for our security operations center. With that, they can go and enforce security.
Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.
Cisco Secure Network Analytics Benefits
A few ways that...
I use the solution in my company just like an NDR solution so that encrypted traffic does not require to be decrypted. Users can monitor all of the encrypted traffic in the product, making it a unique USP of the solution. I think even other tools have such abilities, but Cisco has claimed it is 100 percent sure of all the encrypted traffic it captures.
Our main use case for Cisco Secure Network Analytics is its ability to monitor encrypted traffic without requiring decryption. This is a unique selling point, allowing us to analyze encrypted traffic securely. While this capability is highlighted by Cisco, it's not exclusive to their solution, as other vendors also offer similar functionalities for monitoring encrypted traffic.
We use Cisco Secure Network Analytics to collect network data, which we then send to our cybersecurity team for analysis. It is a basic use case that focuses on monitoring network traffic for potential security threats and providing our team with the information they need to detect and respond to issues.
Using Cisco Secure Network Analytics has revolutionized our network security. The integration with SRTIntel provides unparalleled visibility, going beyond imagination. SNA, along with the SMA feature, offers detailed insights and call relations, enabling effective threat detection and response. The combination with endpoint protection gives us precise control over traffic, ensuring a robust defense against cyber threats.
We use the solution to improve the security of private hosting and network management systems. We can detect data exfiltration by analyzing statistics and identifying obsolete protocols and applications. It also helps us graph traffic metrics with valuable insights into routing and flows.
We're currently using it to figure out what is happening in our network. For example, to see whether there's any incorrect traffic in our network. We are also using it to monitor traffic coming from the internet into our network. We have about 30,000 end users and about 60,000 end devices in the network. We are located in the capital area and have 30 hospitals and 200 other sites.
We have a number of users that deployed both fixed hubs and satellite sites. Cisco Secure Network Analytics enables us to get full visibility and detect general threats on both types of sites. Regardless of whether a site is deployed overseas or back home, we want one single solution to be able to collect the telemetry, make a decision on it, and report it in a meaningful way. We also want the solution to be able to pipe it to tools that we can use to fight threats.
We use StealthWatch for telemetry on the cybersecurity side. It's also used for CCTV, IoT, and all the other stuff that isn't connected to the network. There is a cloud version of StealthWatch, but we use the on-prem solution.
We are a system integrator and a partner of Cisco. We are providing Network Detection and Response (NDR) solutions, and depending on a customer's requirement, we propose it. This product was launched recently, and it is new in the Cisco portfolio. We have supplied this solution to some of the customers. It is used for network protection for those segments that are not covered by the firewall. It is used for doing ransomware detection in terms of east-west traffic. A firewall can't detect that because it is mostly focused on north-south traffic. So, in the segments that are left out from the firewall, the StealthWatch network detection platform is able to see the malware that is sent to the devices.
Our primary use case of Stealthwatch is for flow analysis, to see what's running on the network and to check for anomalous behavior. Stealthwatch runs in the background and analyzes flows, producing summary reports based on the information it receives. You can look for anything that's out of place, for example, background checking on a file transfer where there's a query as to whether it's a legitimate transfer. It's quite a powerful tool that questions what's going on. We are integrators and I'm the chief technology officer. We're gold partners with Cisco.
We are resellers, we provide solutions for our clients. We use Stealthwatch for network segmentation use-cases, data analytics around exfiltration, encrypted threat analytics, map phishing, scans. and as a tripwire on top of all of the other security controls that are available.
We primarily handle the design, implementation, and support for the solution and we also manage collaboration, routing and switching, security products, et cetera.
From a security perspective, we are watching for behind the scenes data exfiltration, or tubulous, or malicious network traffic, that our other tools may not be detecting at a basic network layer. We are also using it for performance issues in trying to figure out if a site is experiencing issues with slowness. Also, we try to determine things like whether we are exceeding the bandwidth of the link or whether there is a bottleneck or something that's not negotiating correctly on the network. Also, we use it for TAP to try and do inline network traffic analysis from a security perspective or from a performance perspective as well.
My customers buy Stealthwatch for traffic analysis.
We are a system integrator and I have implemented this solution for one of our customers. This solution is normally used for anomaly detection and malware detection. It is deployed on-premises.
Our primary use case of this solution is for troubleshooting network issues.
Our primary use case is for it to run our call center 24/7 365 days a year.
Our primary use case for this solution is to monitor east, west, north, and south traffic so that we can see what's going on in the network internally. You don't get that granularity with anything else. We have an ASA that gets north and south traffic. So we're just really interested in this one by itself.
We use this solution for NetFlow statistics.
We use the solution primarily for IDS/IPS.
Our primary use for this solution is to provide operational metrics. In terms of the analytics and threat detection capabilities, it basically cures our day-to-day for everything that we do. It helps us out tremendously.
Our primary uses for this solution are threat management and traffic management.
We use this solution primarily for the TLS audit in our on-premise environment, and to assist our customers.
We provide this solution to our customers to give them visibility into their network.
We really just use the product for behavior analytics of our employees. When we have issues or when there is some type of an investigation from a security perspective, we pull up Stealthwatch and start trying to see what that user was doing. If there are any anomalies in their activities we have to take action to correct it. We don't need to monitor every device. The reports show everything that person's doing and what device they're running, et cetera, and we really only need specific things. That was one of our problems in the initial deployment. We tried to overcome that by redeploying. I'm not sure exactly sure that it helped a lot. We're getting more data, but I'm not really sure it gives us a true picture.
Our primary use for this solution is to help protect against threats on our network.
Our primary use case for this solution is to work on it so that we can learn enough about it to sell it to our customers.
The security team uses it more than we do. I don't work on it that much. We have a couple uses for Stealthwatch: gathering security data and sending logs. I believe there is a gatherer that we have that has all of our logs sitting there. That's basically all we use them for.
Our primary use of Stealthwatch is for a secure remediation of systems that are causing problems on our internal network.
Our primary use is to monitor our network, especially our remote branches.
Our main reason for using Stealthwatch is it gives us visibility.
Our primary use case for Cisco Stealthwatch is to ensure net flow.
We use Cisco Stealthwatch as our primary NetFlow collector. We use it for data analysis and for any issues that arise that require NetFlow data.
We use Cisco Stealthwatch to do NetFlow across our enterprise network. Cisco Stealthwatch helps our cybersecurity guys detect threats across the network.
We use Cisco Stealthwatch for security and network analytics. The solution saves you time, money, and administrative work. If we have the device support, it means that I don't have to send someone in a car to go to be local on the site and look at whatever the issue is.
We mainly use this solution for diagnostic information.
We use Stealthwatch primarily to secure customers' endpoint devices, in order to provide more visibility into their security vectors. We determine where they are getting attacked, if they are getting attacked, how to prevent it, how to fight it, etc. We are really trying to take the fight to the administrator and be a little more proactive, as opposed to being so reactive with security events.
For our organization, Cisco Stealthwatch is more of a confirmation of what is happening on our network, or compliance. And in addition to that, it helps us to troubleshoot issues. We get to see where traffic is flowing and it helps us figure out problems.
We mainly use Cisco Stealthwatch in our organization for bandwidth monitoring and other issues we experience on our networks. When someone reports an issue, this solution helps us to determine what's going on in the network by checking the cell blocks and see if there are any issues.
We use Cisco Stealthwatch for device compliance and device auditing. It's part of our overall strategy. We have been consolidating down. Our security team is over-packed. We're trying to leverage what we have and move the blame away from us on the network side.
The primary use case for Cisco Stealthwatch is for us to sell it.
We use Stealthwatch to identify any risk or vulnerabilities in the environment.
We use Cisco Stealthwatch mostly for network visibility and security. I believe the solution reduces false-positives by flagging it as potential threats.
Stealthwatch is primarily a network monitoring tool.
Our primary use for Stealthwatch is to provide insights into what traffic is flowing through the network for our security operations center. With that, they can go and enforce security.
This is a security solution for us and our customers. We use it for port monitoring aggregation and doing captures.
Our primary use case for Stealthwatch is endpoint security.
Our primary use case for this solution is security.
We use Stealthwatch mainly for security.