We performed a comparison between Cisco Secure Network Analytics and Cisco Umbrella based on real PeerSpot user reviews.
Find out in this report how the two Cisco Security Portfolio solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It provides good visibility to the customers. People are still evaluating it, but it provides visibility and helps them to take action to remediate and mitigate the issues that are highlighted on the dashboard. It has good integration with the Cisco switching platform."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"The most valuable features of this solution are its reporting and mitigation capabilities."
"If you are using Darktrace or NAC solutions you can integrate Stealthwatch."
"It works efficiently for encrypted traffic analysis."
"Cisco Secure Network Analytics has increased the visibility of what is happening in our network, and I think that's the most important reason to use it. We can see what is really happening instead of just looking at numbers from routers or switches."
"The solution allowed us to not only get gain insight but also start collaborating with other tools."
"Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box."
"The most valuable thing is how easy it is to deploy. We did it with 9,000 users at my last job, and it took a week to get to all the endpoints. Doing that without having to physically touch all those endpoints was very simple."
"Umbrella, being one pane for managing, being all-encompassing, allows us to quickly go in, make a change, and it applies to either every location, if we want it to, or we can have policies in place that only apply to certain users or certain computers."
"I haven't needed to reboot the servers for years due to their excellent stability."
"The documentation is good, and we have been able to resolve any issues ourselves."
"The interface is well organized, so you can easily find everything. Even if you don't have much experience with Cisco, you can easily navigate the solution and find your way around. Everything has been done well, from the deployment to monitoring."
"One valuable feature is definitely its simplicity in terms of deployment. It is very easy to integrate it into the environment without any heavy lifting. Users didn't notice that we implemented it. You can start with a very low monitoring mode and start observing what Cisco Umbrella sees."
"The most valuable features for us include tenant lock, content filtering, and DLP solutions, looking for PII and information being exfiltrated."
"The most valuable features are the dashboard, visibility, and reporting capabilities. Our customers can see how much Umbrella is protecting their organization. If you don't know what you've got, you can't protect it. With Umbrella, you get the visibility and see the protection that it's providing. We can get PDF reports on a weekly basis of any malware activities and any denial of service or command-and-control-type activities."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"Cisco Stealthwatch can improve by having bundled packages for popular add-ons. It would be a lot easier for people implementing it, have let's say a better way to use the product."
"Stealthwatch is still maturing in AI. It uses artificial intelligence for predictions, but AI still needs to mature. It is in a phase where you get 95% correct detection. As its AI engine learns more, it will become more accurate. This is applicable to all the devices that are using AI because they support both supervised and unsupervised machine learning. The accuracy in the case of supervised machine learning is dependent on the data you feed into the box. The accuracy in the case of unsupervised machine learning is dependent on the algorithm. The algorithm matures depending on retrospective learning, and this is how it is able to detect zero-day attacks."
"Better integration between Cisco Secure Network Analytics and Cisco Secure Workload would be beneficial."
"There could be better integration on the programming side, which uses Python. StealthWatch could provide a template for Python to manage the switches. For example, it would be nice if StealthWatch bounced a port automatically it detected something anomalous."
"The customizability of the UI should improve."
"It's not great as a standalone solution."
"Its granularity for RBAC roles-based access control needs improvement."
"The main issue that we have is with the final steps or the full integration and getting rid of Zscaler. The company still has to fall back to Zscaler when something in Umbrella is not working as expected, such as when we enable SSL inspection. When something is not working 100%, the company is falling back to Zscaler."
"Its reliability and the response time of the support team can be better."
"Cisco Umbrella should add some more documentation on proxies."
"The pricing could be improved."
"They can maybe simplify the configuration. For example, sometimes, the proxy part is quite difficult, and that's why we didn't deploy that."
"I'd like to see this solution more closely integrate with other products Cisco has in its portfolio."
"Overall, I'm quite happy with Cisco products, but there could be one place where you can check what's going on. There could be one place where you get all the information about these products so that you don't need to look around. You get the status, information about what lately happened, and if there was anything on the machine in one single place."
"The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 2nd in Cisco Security Portfolio with 8 reviews while Cisco Umbrella is ranked 3rd in Cisco Security Portfolio with 51 reviews. Cisco Secure Network Analytics is rated 8.2, while Cisco Umbrella is rated 8.8. The top reviewer of Cisco Secure Network Analytics writes "Improved our organization greatly but greater customizability would be beneficial". On the other hand, the top reviewer of Cisco Umbrella writes "We can see all of our locations in one place and only have to make changes once for all our locations". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Splunk User Behavior Analytics, whereas Cisco Umbrella is most compared with Zscaler Internet Access, Microsoft Defender for Cloud Apps, Palo Alto Networks DNS Security, Prisma Access by Palo Alto Networks and Fortinet FortiGate SWG. See our Cisco Secure Network Analytics vs. Cisco Umbrella report.
See our list of best Cisco Security Portfolio vendors.
We monitor all Cisco Security Portfolio reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
