Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs LogRhythm UEBA [EOL] comparison

The compared Cisco and Exabeam solutions aren't in the same category. Cisco is ranked #33 in NMS , with an average rating of 8.5, and holds a 1.2% mindshare in the category. Additionally, 88% of Cisco users are willing to recommend the solution, compared to 55% of Exabeam users who would recommend it.
Cisco Secure Network Analytics
Read 61 Cisco Secure Network Analytics reviews
  • 6,014 Views
  • 1,744 Comparison Views
88% willing to recommend
LogRhythm UEBA [EOL]
Read 11 LogRhythm UEBA [EOL] reviews
    55% willing to recommend
     

    Comparison Buyer's Guide

    Download the report
    Executive Summary
    We performed a comparison between Cisco Secure Network Analytics and LogRhythm UEBA [EOL] based on real PeerSpot user reviews.

    Find out what your peers are saying about Zabbix, Auvik, SolarWinds and others in Network Monitoring Software.

    DOWNLOAD THE COMPLETE REPORT
    To learn more, read our detailed Network Monitoring Software Report (Updated: August 2025).
    Buyer's Guide
    Network Monitoring Software
    August 2025
    Download the complete report
    Helped 865,140 peers since 2012

    Review summaries and opinions

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Categories and Ranking

    Cisco Secure Network Analytics
    Average Rating
    8.2
    Reviews Sentiment
    6.9
    Number of Reviews
    61
    Ranking in other categories
    Network Monitoring Software (33rd), Network Traffic Analysis (NTA) (5th), Network Detection and Response (NDR) (7th), Cisco Security Portfolio (8th)
    LogRhythm UEBA [EOL]
    Average Rating
    7.0
    Reviews Sentiment
    6.7
    Number of Reviews
    11
    Ranking in other categories
    No ranking in other categories
     

    Featured Reviews

    Muhammad Harun-Owr-Roshid - PeerSpot reviewer
    Have streamlined network visibility and troubleshooting while seeing benefits from AI integration
    In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper management of the database is also important; it should be centralized for easier data collection from a single database. When precise manual analysis is needed, it's sometimes difficult, so having a centralized database will allow network admins to find actual scenarios more effectively, especially since some information may not be visible on the GUI. Cisco should upgrade their hardware part to run the database, because sometimes it cannot handle the load while all features are running in the network. The database management should indeed be centralized because while AI runs behind the systems, central management is essential. For example, in a network with 100 Cisco switches, a few routers, firewalls, and access points, all data generated should be preserved in a central database. This approach simplifies management and analysis for troubleshooting, as GUI interfaces may not always provide visible information. Centralizing the database will allow for better understanding of which information is preserved for each specific device.
    Read full review
    Sheikh Abu Ayub Azad - PeerSpot reviewer
    Great at managing cyber incidents; the technical support could be improved
    The initial setup is easy, partly because LogRhythm is primarily based on the Windows platform. It's good to have two engineers for deployment but it can be done with one. It's more about the knowledge. Deployment is typically done in two or three different phases. It usually takes up to three full months to get good deployment. There's the initial onboarding of all the log sources, then collecting data in the data lake, followed a couple of weeks later with some minor tuning before the final tuneup.
    Read full review

    Quotes from Members

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Pros

    "The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration."
    "Cisco Secure Network Analytics has increased the visibility of what is happening in our network, and I think that's the most important reason to use it. We can see what is really happening instead of just looking at numbers from routers or switches."
    "Provides easily identifiable anomalies that you can't see with signature detections."
    "Most of the engineers I've worked with have been really good. Very knowledgeable and easy to work with."
    "Cisco Stealthwatch has reduced the amount of time to detect an immediate threat."
    "From what I understand, you can encrypt and unencrypt traffic moving in transit. This is one of the features that we liked about it."
    "The most valuable features are encrypted threat analysis and the ability to run jobs on entire flows."
    "If you are using Darktrace or NAC solutions you can integrate Stealthwatch."
    More Cisco Secure Network Analytics pros
    "The tool's most valuable feature is server threat hunting."
    "The most valuable features are file activity monitoring and registry activity monitoring."
    "I can investigate attacks more quickly using machine learning tools."
    "It is easy to monitor users and that is how the solution is adding value to our firm."
    "The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
    "The solution's most valuable features are the graphical user interface and the reporting."
    "What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
    "LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
    More LogRhythm UEBA [EOL] pros
     

    Cons

    "It's a good solid solution but integration with Network Access Control products with Cisco ISE would be good."
    "Initially, I felt Cisco Secure Network Analytics lacked integration with Splunk."
    "I think the interface is a little lacking. The interface seems like it just needs to be modernized. It's been the same interface now, ever since I've seen it probably four years ago."
    "I would like to see more expansion in artificial intelligence and machine learning features."
    "It's too complicated to install, when starting out."
    "The ability to be natively integrated into Port Aggregator would be beneficial because it would reduce just one more component that's needed in order to have that type of view."
    "Cisco Stealthwatch needs more integration with device discovery. We have to do a lot of hard work to figure out what things are. Better service integration is required."
    "The reporting of day-to-day metrics still has room for improvement."
    More Cisco Secure Network Analytics cons
    "It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
    "The cloud version is lacking and not up to par."
    "The search feature needs to be improved."
    "LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
    "What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
    "In general, if something needs to be improved in the algorithm, it would be the dashboards."
    "The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
    "The on-premises LogRhythm is not very scalable. When considering packets per second or the MPS needed for additional logs such as web application logs, scalability is usually found in cloud products."
    More LogRhythm UEBA [EOL] cons
     

    Pricing and Cost Advice

    "This is an expensive product. We have quit paying for support because we don't want to have to upgrade it and keep paying for it."
    "The pricing for this solution is good."
    "Pricing is much higher compared to other solutions."
    "Licensing is on a yearly basis."
    "The solution is expensive. It costs several hundred thousand dollars per year (depending on how many flows you are collecting)."
    "Licensing is done by flows per second, not including outside>in traffic."
    "The tool is not cheaply priced."
    "We pay for support costs on a yearly basis."
    More Cisco Secure Network Analytics pricing and cost advice
    "As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."
    "The pricing is nice when compared to other products in the industry."
    "LogRhythm UEBA's pricing is affordable for small and medium businesses."
    "I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."
    "Licensing is on a yearly basis. It's not expensive compared to its competitors."
    "It is quite a budget-friendly product."
    report
    See which vendors are best for you
    Use our free recommendation engine to learn which Network Monitoring Software solutions are best for your needs.
    See recommendations
    865,140 professionals have used our research since 2012.
     

    Top Industries

    By visitors reading reviews
    Computer Software Company
    24%
    Government
    10%
    Financial Services Firm
    9%
    Manufacturing Company
    9%
    Computer Software Company
    13%
    Financial Services Firm
    10%
    Retailer
    9%
    Comms Service Provider
    7%
     

    Company Size

    By reviewers
    Large Enterprise
    Midsize Enterprise
    Small Business
     

    Questions from the Community

    What do you like most about Cisco Stealthwatch?
    The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
    See all answers
    What is your experience regarding pricing and costs for Cisco Stealthwatch?
    Regarding cost, for the Bangladesh context, Cisco Secure Network Analytics is a little bit high-priced because we are a developing country, making it tough to manage affordable solutions. However, ...
    See all answers
    What needs improvement with Cisco Stealthwatch?
    In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper m...
    See all answers
    What do you like most about LogRhythm UserXDR?
    The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...
    See all answers
    What is your experience regarding pricing and costs for LogRhythm UserXDR?
    I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.
    See all answers
    What needs improvement with LogRhythm UserXDR?
    In general, if something needs to be improved in the algorithm, it would be the dashboards. The dashboards with solutions such as Splunk are very neat and clean. I would also like to improve the us...
    See all answers
     

    Comparisons

    Darktrace vs Cisco Secure Network Analytics Logo
    Darktrace vs Cisco Secure Network Analytics
    Compared 15% of the time
    ThousandEyes vs Cisco Secure Network Analytics Logo
    ThousandEyes vs Cisco Secure Network Analytics
    Compared 8% of the time
    Vectra AI vs Cisco Secure Network Analytics Logo
    Vectra AI vs Cisco Secure Network Analytics
    Compared 7% of the time
    ExtraHop Reveal(x) vs Cisco Secure Network Analytics Logo
    ExtraHop Reveal(x) vs Cisco Secure Network Analytics
    Compared 5% of the time
    Arista NDR vs Cisco Secure Network Analytics Logo
    Arista NDR vs Cisco Secure Network Analytics
    Compared 4% of the time
    More Cisco Secure Network Analytics Competitors
    Wazuh vs LogRhythm UEBA [EOL] Logo
    Wazuh vs LogRhythm UEBA [EOL]
    Compared 36% of the time
    Darktrace vs LogRhythm UEBA [EOL] Logo
    Darktrace vs LogRhythm UEBA [EOL]
    Compared 20% of the time
    Cortex XDR by Palo Alto Networks vs LogRhythm UEBA [EOL] Logo
    Cortex XDR by Palo Alto Networks vs LogRhythm UEBA [EOL]
    Compared 12% of the time
    IBM Security QRadar vs LogRhythm UEBA [EOL] Logo
    IBM Security QRadar vs LogRhythm UEBA [EOL]
    Compared 7% of the time
    Microsoft Purview Insider Risk Management vs LogRhythm UEBA [EOL] Logo
    Microsoft Purview Insider Risk Management vs LogRhythm UEBA [EOL]
    Compared 7% of the time
    More LogRhythm UEBA [EOL] Competitors
     

    Product Reports

    Buyer's Guide
    Cisco Secure Network Analytics
    August 2025
    Cisco Secure Network Analytics reportDownload Cisco Secure Network Analytics product report
    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    July 2025
    LogRhythm UEBA [EOL] reportDownload LogRhythm UEBA [EOL] product report
     

    Also Known As

    Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
    LogRhythm UserXDR, LogRhythm Enterprise UEBA
     

    Overview

    Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.

    Cisco Secure Network Analytics Benefits

    A few ways that organizations can benefit by choosing to deploy Cisco Secure Network Analytics include:

    • Security scaling. Secure Network Analytics makes it easy for organizations to scale up their level of network protection to match the growth that their business is experiencing. It can be deployed on whatever type of system is necessary. Users will have their growth needs met at every stage of their business journey because the solution offers users the ability to use it on-premises or in the cloud and it can be consumed as a SaaS-based or license-based solution. Whenever any kind of device is added, Secure Network Analytics can automatically classify that device so that it is seamlessly integrated into its network protection system.
    • Detects threats as they appear. Users gain the ability to scan their network traffic for even the most advanced threats at all times. Secure Network Analytics easily identifies the early warning signs that are typically initiated before attacks are conducted by bad actors. Once these signs are found, users are warned so that they can take steps to prevent those threats from escalating. This also enables users to determine the source of the threat and whether it might have spread further than initially thought.
    • Eliminate blind spots. Organizations that use Secure Network Analytics can view their network traffic across both private networks and public cloud environments. The scanning power of the solution allows users to gain complete visibility with a fewer number of sensors than their competitors require to achieve a similar level of protection.

    Cisco Secure Network Analytics Features

    Some of the many features that Cisco Secure Network Analytics offers include:

    • Centralized security management. Secure Network Analytics’ Identity Services Engine feature enables users to control their network from a single graphical user interface. Administrators can simplify their jobs by controlling profiler, posture, guest, authentication, and authorization services from a single pane of glass.
    • Machine learning tools. Secure Network Analytics uses machine learning to generate alerts when malicious or suspicious activity is detected. It also analyzes the threat so that users gain insight into the nature of the dangers that confront them. Additionally, it examines the threats to determine whether they are actual threats or false alarms. This significantly reduces the number of false alarms that administrators have to spend time attempting to resolve.
    • Automation. Users can automate routine tasks that users would otherwise have to handle manually. This automation feature frees administrators and employees to handle other more critical tasks.

    Reviews from Real Users

    Cisco Secure Network Analytics is a solution that stands out even when compared to many other comparable products. Two major advantages that it offers are the way that it enables users to define the threshold at which the solution will issue a warning to administrators and the predefined alerts that it offers straight out of the box.

    Gerald J., the information technology operations supervisor at Aboitiz Equity Ventures, Inc., writes, “StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.”

    A senior security engineer at a tech services company, says, “Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box.”

    Cisco

    LogRhythm UEBA [EOL] offers advanced threat detection with an intuitive interface, utilizing correlation, behavior analysis, and machine learning to monitor server threats and privileged accounts effectively.

    LogRhythm UEBA [EOL] provides comprehensive user behavior analytics and threat hunting capabilities, making use of customizable dashboards, reporting tools, file and registry monitoring. CloudAI adds depth by identifying unknown activities, enhancing network visibility and cyber risk reduction through constant monitoring. Users in Sri Lanka find it valuable for network stability, while other users leverage it for improved user monitoring and quick attack investigation. Despite its strong features, enhancements in integration, pricing in Asia, and documentation could improve its adoption.

    What are the key features of LogRhythm UEBA [EOL]?
    • Intuitive Graphical Interface: Provides a user-friendly experience tailored to cybersecurity needs.
    • Customizable Dashboards: Offers personalized monitoring views and reporting capabilities.
    • Effective Reporting Tools: Enhances incident analysis and decision-making with detailed insights.
    • Machine Learning: Identifies patterns in user behavior, detecting anomalies efficiently.
    • CloudAI: Detects unknown activities, improving threat identification accuracy.
    What benefits can users expect from LogRhythm UEBA [EOL]?
    • Enhanced Threat Detection: Increases network safety through comprehensive monitoring.
    • Improved Network Visibility: Facilitates better management of cybersecurity resources.
    • Quick Attack Investigation: Reduces time to detect and respond to threats.
    • Cyber Risk Reduction: Employs machine learning to address potential security gaps proactively.

    In the financial sector, LogRhythm UEBA [EOL] is implemented to monitor privileged accounts and identify suspicious transactions swiftly. Healthcare organizations use it to safeguard sensitive patient data through behavior analysis. Manufacturing firms apply it to protect intellectual property and ensure compliance with industry regulations. Across these industries, the adaptability and analytics of LogRhythm UEBA [EOL] offer a strategic approach to cybersecurity management.

    Exabeam
     

    Sample Customers

    Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
    Information Not Available
    Buyer's Guide
    Network Monitoring Software
    August 2025
    Download Free Report
    Find out what your peers are saying about Zabbix, Auvik, SolarWinds and others in Network Monitoring Software. Updated: August 2025.
    DOWNLOAD NOW
    865,140 professionals have used our research since 2012.

    We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.