We performed a comparison between Cisco Secure Network Analytics and Cisco Umbrella based on real PeerSpot user reviews.Find out in this report how the two Cisco Security Portfolio solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"It provides good visibility to the customers. People are still evaluating it, but it provides visibility and helps them to take action to remediate and mitigate the issues that are highlighted on the dashboard. It has good integration with the Cisco switching platform."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"The most valuable features of this solution are its reporting and mitigation capabilities."
"If you are using Darktrace or NAC solutions you can integrate Stealthwatch."
"It works efficiently for encrypted traffic analysis."
"Cisco Secure Network Analytics has increased the visibility of what is happening in our network, and I think that's the most important reason to use it. We can see what is really happening instead of just looking at numbers from routers or switches."
"The solution allowed us to not only get gain insight but also start collaborating with other tools."
"Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box."
"The most valuable thing is how easy it is to deploy. We did it with 9,000 users at my last job, and it took a week to get to all the endpoints. Doing that without having to physically touch all those endpoints was very simple."
"Umbrella, being one pane for managing, being all-encompassing, allows us to quickly go in, make a change, and it applies to either every location, if we want it to, or we can have policies in place that only apply to certain users or certain computers."
"I haven't needed to reboot the servers for years due to their excellent stability."
"The documentation is good, and we have been able to resolve any issues ourselves."
"The interface is well organized, so you can easily find everything. Even if you don't have much experience with Cisco, you can easily navigate the solution and find your way around. Everything has been done well, from the deployment to monitoring."
"One valuable feature is definitely its simplicity in terms of deployment. It is very easy to integrate it into the environment without any heavy lifting. Users didn't notice that we implemented it. You can start with a very low monitoring mode and start observing what Cisco Umbrella sees."
"The most valuable features for us include tenant lock, content filtering, and DLP solutions, looking for PII and information being exfiltrated."
"The most valuable features are the dashboard, visibility, and reporting capabilities. Our customers can see how much Umbrella is protecting their organization. If you don't know what you've got, you can't protect it. With Umbrella, you get the visibility and see the protection that it's providing. We can get PDF reports on a weekly basis of any malware activities and any denial of service or command-and-control-type activities."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"Cisco Stealthwatch can improve by having bundled packages for popular add-ons. It would be a lot easier for people implementing it, have let's say a better way to use the product."
"Stealthwatch is still maturing in AI. It uses artificial intelligence for predictions, but AI still needs to mature. It is in a phase where you get 95% correct detection. As its AI engine learns more, it will become more accurate. This is applicable to all the devices that are using AI because they support both supervised and unsupervised machine learning. The accuracy in the case of supervised machine learning is dependent on the data you feed into the box. The accuracy in the case of unsupervised machine learning is dependent on the algorithm. The algorithm matures depending on retrospective learning, and this is how it is able to detect zero-day attacks."
"Better integration between Cisco Secure Network Analytics and Cisco Secure Workload would be beneficial."
"There could be better integration on the programming side, which uses Python. StealthWatch could provide a template for Python to manage the switches. For example, it would be nice if StealthWatch bounced a port automatically it detected something anomalous."
"The customizability of the UI should improve."
"It's not great as a standalone solution."
"Its granularity for RBAC roles-based access control needs improvement."
"The main issue that we have is with the final steps or the full integration and getting rid of Zscaler. The company still has to fall back to Zscaler when something in Umbrella is not working as expected, such as when we enable SSL inspection. When something is not working 100%, the company is falling back to Zscaler."
"Its reliability and the response time of the support team can be better."
"Cisco Umbrella should add some more documentation on proxies."
"The pricing could be improved."
"They can maybe simplify the configuration. For example, sometimes, the proxy part is quite difficult, and that's why we didn't deploy that."
"I'd like to see this solution more closely integrate with other products Cisco has in its portfolio."
"Overall, I'm quite happy with Cisco products, but there could be one place where you can check what's going on. There could be one place where you get all the information about these products so that you don't need to look around. You get the status, information about what lately happened, and if there was anything on the machine in one single place."
"The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical."
Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.
Cisco Secure Network Analytics Benefits
A few ways that organizations can benefit by choosing to deploy Cisco Secure Network Analytics include:
Cisco Secure Network Analytics Features
Some of the many features that Cisco Secure Network Analytics offers include:
Reviews from Real Users
Cisco Secure Network Analytics is a solution that stands out even when compared to many other comparable products. Two major advantages that it offers are the way that it enables users to define the threshold at which the solution will issue a warning to administrators and the predefined alerts that it offers straight out of the box.
Gerald J., the information technology operations supervisor at Aboitiz Equity Ventures, Inc., writes, “StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.”
A senior security engineer at a tech services company, says, “Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box.”
Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.
Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.
Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.
Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.
Why use Cisco Umbrella?
Reviews from Real Users
Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.
Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”
Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”
OpenDNS is a part of Cisco providing a suite of consumer products aimed at making the internet faster, safer, and more reliable.
Cisco Secure Network Analytics is ranked 2nd in Cisco Security Portfolio with 8 reviews while Cisco Umbrella is ranked 3rd in Cisco Security Portfolio with 51 reviews. Cisco Secure Network Analytics is rated 8.2, while Cisco Umbrella is rated 8.8. The top reviewer of Cisco Secure Network Analytics writes "Improved our organization greatly but greater customizability would be beneficial". On the other hand, the top reviewer of Cisco Umbrella writes "We can see all of our locations in one place and only have to make changes once for all our locations". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Splunk User Behavior Analytics, whereas Cisco Umbrella is most compared with Zscaler Internet Access, Microsoft Defender for Cloud Apps, Palo Alto Networks DNS Security, Prisma Access by Palo Alto Networks and Fortinet FortiGate SWG. See our Cisco Secure Network Analytics vs. Cisco Umbrella report.
See our list of best Cisco Security Portfolio vendors.
We monitor all Cisco Security Portfolio reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.