• Home
  • Check Point CloudGuard CNAPP vs. Cisco Secure Network Analytics

Check Point CloudGuard CNAPP vs Cisco Secure Network Analytics comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Vulnerability Management
March 2024
Executive Summary

We performed a comparison between Check Point CloudGuard CNAPP and Cisco Secure Network Analytics based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management.
To learn more, read our detailed Vulnerability Management Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Anonymous User
Lowers our risk and helps to be proactive
We use CloudGuard CNAPP's Cloud Security Posture Management capabilities. It knows all the accounts that were spun up. When we create an account in... Read more →
Richard Payne
Improved our organization greatly but greater customizability would be beneficial
I think Cisco Secure Network Analytics improved our organization quite a lot. Prior to deploying it, we did not use anything, so, with it, we have... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end.""The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security.""The most valuable features are the ability to create pipeline rules, the enhanced NetOps security, and the deep visibility across our entire infrastructure.""It offers security insights and recommendations to assist organizations in acting and remediating issues swiftly.""The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules.""It provides the most useful tools for protecting our financial account records from hackers.""On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures.""The audit feature is the most valuable for compliance reasons. It gives you a full view of the whole environment, no matter how many accounts you have in AWS or Azure. You have it all under one umbrella."

More Check Point CloudGuard CNAPP Pros →

"I value the feature which enables me to detect devices talking to suspect IPs.""StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.""Using this solution has helped us to detect and identify viruses or malicious activity in the network early on.""Being able to identify specific date closed across the network is invaluable.""It's easy to set up. The deployment takes one or two days. You need to collect the data from a device and then direct it to the portal.""The most valuable feature of this solution is the way the net flow is being merged together in a single pane. That's been extremely useful for us, because can see what's going on with traffic in one single place.""The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now.""The most valuable features provided by this solution are visibility and information."

More Cisco Secure Network Analytics Pros →

Cons
"The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure.""When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug.""The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out.""Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier.""I would like them to include support for their products in languages other than English.""Making basic rules is easy, but it's complex if you want to do something a little more nuanced. I've been unable to make some rules that I wanted. I couldn't evaluate some values or parameters of the components I look for. I haven't always been able to assess them.""It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published.""The costs are high."

More Check Point CloudGuard CNAPP Cons →

"Reliance on Java. Get away from that.""Initially, I felt Cisco Secure Network Analytics lacked integration with Splunk.""I would like to see more expansion in artificial intelligence and machine learning features.""The initial setup was complex.""We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too.""There could be better integration on the programming side, which uses Python. StealthWatch could provide a template for Python to manage the switches. For example, it would be nice if StealthWatch bounced a port automatically it detected something anomalous.""It would be better to let people know, up front, that is doesn't give you nice, clear information, as seen in the demos, without Cisco ISE installed.""They should include Citrix VDIs in the next release."

More Cisco Secure Network Analytics Cons →

Pricing and Cost Advice
  • "​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
  • "I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
  • "It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
  • "The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
  • "I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
  • "Right now, we have licenses on 500 machines, and they are not cheap."
  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."

    • More Check Point CloudGuard CNAPP Pricing and Cost Advice →

  • "It is worth the cost."
  • "Licensing is done by flows per second, not including outside>in traffic."
  • "Pricing is much higher compared to other solutions."
  • "​Licensing is done by flows per second, not including outside (in traffic)."
  • "Today, we are part of the big Cisco ELA, and it is a la carte. We can get orders for whatever we want. At the end of the day, we have to pay for it in one big expense, but that is fine. We are okay with that."
  • "NetFlow is very expensive."
  • "One of the things which bugs me about Lancope is the licensing. We understand how licensing works. Our problem is when we bought and purchased most of these Lancope devices, we did so with our sister company. Somewhere within the purchase and distribution, licensing got mixed up. That is all on Cisco, and it is their responsibility. They allotted some of our sister company's equipment to us, and some of our equipment to them. To date, they have never been able to fix it."
  • "The licensing costs are outrageous."

    • More Cisco Secure Network Analytics Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Check Point CloudGuard Posture Management?
    Top Answer:The visibility in our cloud environment is the most valuable feature.
    Read all 33 answers   →
    What is your experience regarding pricing and costs for Check Point Cloud...
    Top Answer:The price is on the higher end.
    Read all 27 answers   →
    What needs improvement with Check Point CloudGuard Posture Management?
    Top Answer:We have concerns regarding the pricing and would appreciate seeing some improvements.
    Read all 32 answers   →
    What do you like most about Cisco Stealthwatch?
    Top Answer:The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
    Read all 48 answers   →
    What is your experience regarding pricing and costs for Cisco Stealthwatch?
    Top Answer:I would rate Cisco SNA as a nine out of ten in terms of costliness.
    Read all 18 answers   →
    What needs improvement with Cisco Stealthwatch?
    Top Answer:Initially, I felt Cisco Secure Network Analytics lacked integration with Splunk. However, with Cisco's recent acquisition of Splunk, it seems this gap will be addressed. If this integration happens… more »
    Read all 43 answers   →
    Ranking
    5th
    out of 110 in Vulnerability Management
    Views
    1,472
    Comparisons
    862
    Reviews
    48
    Average Words per Review
    651
    Rating
    8.5
    24th
    out of 148 in Network Monitoring Software
    Views
    3,059
    Comparisons
    2,389
    Reviews
    7
    Average Words per Review
    528
    Rating
    8.4
    Comparisons
    Also Known As
    Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
    Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
    Learn More
    Check Point Software Technologies
    Cisco
    Video Not Available
    Overview

    Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

    Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.

    Cisco Secure Network Analytics Benefits

    A few ways that organizations can benefit by choosing to deploy Cisco Secure Network Analytics include:

    • Security scaling. Secure Network Analytics makes it easy for organizations to scale up their level of network protection to match the growth that their business is experiencing. It can be deployed on whatever type of system is necessary. Users will have their growth needs met at every stage of their business journey because the solution offers users the ability to use it on-premises or in the cloud and it can be consumed as a SaaS-based or license-based solution. Whenever any kind of device is added, Secure Network Analytics can automatically classify that device so that it is seamlessly integrated into its network protection system.
    • Detects threats as they appear. Users gain the ability to scan their network traffic for even the most advanced threats at all times. Secure Network Analytics easily identifies the early warning signs that are typically initiated before attacks are conducted by bad actors. Once these signs are found, users are warned so that they can take steps to prevent those threats from escalating. This also enables users to determine the source of the threat and whether it might have spread further than initially thought.
    • Eliminate blind spots. Organizations that use Secure Network Analytics can view their network traffic across both private networks and public cloud environments. The scanning power of the solution allows users to gain complete visibility with a fewer number of sensors than their competitors require to achieve a similar level of protection.

    Cisco Secure Network Analytics Features

    Some of the many features that Cisco Secure Network Analytics offers include:

    • Centralized security management. Secure Network Analytics’ Identity Services Engine feature enables users to control their network from a single graphical user interface. Administrators can simplify their jobs by controlling profiler, posture, guest, authentication, and authorization services from a single pane of glass.
    • Machine learning tools. Secure Network Analytics uses machine learning to generate alerts when malicious or suspicious activity is detected. It also analyzes the threat so that users gain insight into the nature of the dangers that confront them. Additionally, it examines the threats to determine whether they are actual threats or false alarms. This significantly reduces the number of false alarms that administrators have to spend time attempting to resolve.
    • Automation. Users can automate routine tasks that users would otherwise have to handle manually. This automation feature frees administrators and employees to handle other more critical tasks.

    Reviews from Real Users

    Cisco Secure Network Analytics is a solution that stands out even when compared to many other comparable products. Two major advantages that it offers are the way that it enables users to define the threshold at which the solution will issue a warning to administrators and the predefined alerts that it offers straight out of the box.

    Gerald J., the information technology operations supervisor at Aboitiz Equity Ventures, Inc., writes, “StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.”

    A senior security engineer at a tech services company, says, “Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box.”

    Sample Customers
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
    Top Industries
    REVIEWERS
    Security Firm22%
    Financial Services Firm18%
    Computer Software Company11%
    Cloud Provider8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Security Firm8%
    Manufacturing Company7%
    REVIEWERS
    Healthcare Company23%
    Financial Services Firm16%
    Comms Service Provider9%
    Government7%
    VISITORS READING REVIEWS
    Computer Software Company27%
    Financial Services Firm11%
    Government9%
    Manufacturing Company5%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise13%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise62%
    REVIEWERS
    Small Business15%
    Midsize Enterprise9%
    Large Enterprise76%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise10%
    Large Enterprise74%
    Buyer's Guide
    Vulnerability Management
    March 2024
    Download Free Report
    Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management. Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 60 reviews while Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Cisco Secure Network Analytics is rated 8.2. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.