Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs Fortinet FortiSandbox comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Network Analytics
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
61
Ranking in other categories
Network Monitoring Software (33rd), Network Traffic Analysis (NTA) (4th), Network Detection and Response (NDR) (9th), Cisco Security Portfolio (8th)
Fortinet FortiSandbox
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
38
Ranking in other categories
Advanced Threat Protection (ATP) (3rd), Threat Deception Platforms (7th)
 

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Cisco Secure Network Analytics is designed for Network Monitoring Software and holds a mindshare of 1.2%, down 1.5% compared to last year.
Fortinet FortiSandbox, on the other hand, focuses on Advanced Threat Protection (ATP), holds 9.7% mindshare, up 9.5% since last year.
Network Monitoring Software
Advanced Threat Protection (ATP)
 

Featured Reviews

Muhammad Harun-Owr-Roshid - PeerSpot reviewer
Have streamlined network visibility and troubleshooting while seeing benefits from AI integration
In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper management of the database is also important; it should be centralized for easier data collection from a single database. When precise manual analysis is needed, it's sometimes difficult, so having a centralized database will allow network admins to find actual scenarios more effectively, especially since some information may not be visible on the GUI. Cisco should upgrade their hardware part to run the database, because sometimes it cannot handle the load while all features are running in the network. The database management should indeed be centralized because while AI runs behind the systems, central management is essential. For example, in a network with 100 Cisco switches, a few routers, firewalls, and access points, all data generated should be preserved in a central database. This approach simplifies management and analysis for troubleshooting, as GUI interfaces may not always provide visible information. Centralizing the database will allow for better understanding of which information is preserved for each specific device.
Abdelhamid Saber - PeerSpot reviewer
Enhanced network security with adaptable integration and really good support
We use FortiSandbox for scanning files and images that pass through our networks. It integrates with different devices, such as five adapters and other Fortinet devices It is time-saving and more secure. It saves us from a lot of antivirus and anti-malware issues. The adapter is beneficial as it…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Able to drill down into a center's utilization, then create reports based on it."
"Another notable feature of Cisco Secure Network Analytics is its Layer 7 visibility, which allows us to monitor and analyze network communications at the application layer."
"The beginning of any security investigation starts with net flow data."
"Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box."
"The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
"Overall, the implementation is very good."
"It's a dependable product that is able to pinpoint where we have vulnerabilities if they occur."
"AI provides suggested common lines and protection features that help safeguard networks from various threats or unwanted situations."
"The technical support is very good."
"The solution has the highest stability...The solution's setup is not complex as they are already included in Fortinet."
"Compared to other solutions, it's easy to configure and implement because of the templates. The timing of scanning files is faster."
"What I find most valuable, is that it is easy to use."
"The most valuable features for me when it comes to Fortinet FortiSandbox are the integrity of the Sandbox and the power of the analyzing tool of the solution."
"You have access to a report as to what behaviors the example file entered in the registry."
"The main benefit of Fortinet FortiSandbox is that it allows organizations to detect and prevent unknown threats from entering an infrastructure."
"he solution's GUI is good."
 

Cons

"The solution should have the ability to analyze security events not only at the network layer but also at the application and OS layers."
"We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too."
"We've run into some issues with the configuration."
"It hasn't really improved our direct detection rate but it has definitely reduced our incident response time as we wouldn't have been able to detect threats or immediate risks without this solution."
"The expensive nature of the tool is an area of concern where improvements are required."
"I would like to see more expansion in artificial intelligence and machine learning features."
"One update that I would like to see is an agent-based client. Currently, Stealthwatch is network-based. A local agent could help manage endpoints."
"One update I would like to see is an agent-based client. Currently StealthWatch is network based."
"There could be more templates and a higher number of simulated VMs to configure more use cases. Sometimes we need to configure many use cases in many different environments, and if the number of VMs that we configure is limited, we have to remove some and reconfigure the environment if we need another environment."
"In general, maybe they are not updated to cover risks."
"For additional features, maybe a form of execution pain files in a non-virtual environment because it has threats that identify when it is being run in a virtual machine."
"I don't know if it is viable to do an improvement like this. When there are passwords in the password-protected files, it can't scan them or do things like this. I don't know if an algorithm or something else could make it better. Nowadays, many legitimate office documents have passwords."
"Most people are confused about how to use the right integration of the right Fortinet product."
"It would be better if we could integrate FortiSandbox with endpoint security solutions."
"If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer."
"If we can have more dashboards, it would be good."
 

Pricing and Cost Advice

"It has a subscription model. There is yearly support, and there is also three-year support. It depends on what the customers want."
"We pay for support costs on a yearly basis."
"The pricing for this solution is good."
"The licensing costs are outrageous."
"Licensing is on a yearly basis."
"Today, we are part of the big Cisco ELA, and it is a la carte. We can get orders for whatever we want. At the end of the day, we have to pay for it in one big expense, but that is fine. We are okay with that."
"​Licensing is done by flows per second, not including outside (in traffic)."
"NetFlow is very expensive."
"Altogether, it is about €10,000 for the Sandbox and Email Gateway."
"It is an expensive solution."
"The price of Fortinet FortiSandbox is not expensive."
"There is a license to use this solution."
"There are additional costs, which isn't included in the licensing fee."
"FortiSandbox is a subscription that can be purchased from Fortinet directly. Only using FortiSandbox as features purchased as a subscription in the cloud."
"Fortinet is more reasonable than Palo Alto."
"There are no costs in addition to the standard licensing fees."
report
Use our free recommendation engine to learn which Network Monitoring Software solutions are best for your needs.
861,803 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
25%
Financial Services Firm
10%
Government
9%
Manufacturing Company
8%
Computer Software Company
12%
Government
12%
Financial Services Firm
10%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
What is your experience regarding pricing and costs for Cisco Stealthwatch?
Regarding cost, for the Bangladesh context, Cisco Secure Network Analytics is a little bit high-priced because we are a developing country, making it tough to manage affordable solutions. However, ...
What needs improvement with Cisco Stealthwatch?
In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper m...
What do you like most about Fortinet FortiSandbox?
The real-time analysis capability of FortiSandbox is beneficial for email analysis.
What is your experience regarding pricing and costs for Fortinet FortiSandbox?
I think it's affordable. For the six to seven months of usage, the cost has been reasonable.
What needs improvement with Fortinet FortiSandbox?
We sometimes face a delay in email scanning due to not having multiple virtual machines. Improvements could be made in dynamic scanning, scanning all email components such as URLs and attachments, ...
 

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
FortiSandbox
 

Overview

 

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
Find out what your peers are saying about Zabbix, Auvik, SolarWinds and others in Network Monitoring Software. Updated: July 2025.
861,803 professionals have used our research since 2012.