Cisco Secure Network Analytics vs LogRhythm UEBA comparison

The compared Cisco and LogRhythm solutions aren't in the same category. Cisco is ranked #30 in NMS , with an average rating of 8.7, and holds a 1.2% mindshare in the category. LogRhythm is ranked #11 in UBA , with an average rating of 7.0, and holds a 1.9% mindshare. Additionally, 88% of Cisco users are willing to recommend the solution, compared to 55% of LogRhythm users who would recommend it.

Cisco Secure Network Analytics

Read 60 Cisco Secure Network Analytics reviews

1,893 Views
1,506 Comparison Views

88% willing to recommend

LogRhythm UEBA

Read 11 LogRhythm UEBA reviews

219 Views
184 Comparison Views

55% willing to recommend

Cisco Secure Network Analytics

LogRhythm UEBA

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Secure Network Analytics and LogRhythm UEBA based on real PeerSpot user reviews.

Find out what your peers are saying about Zabbix, Auvik, Datadog and others in Network Monitoring Software.

To learn more, read our detailed Network Monitoring Software Report (Updated: April 2025).

Buyer's Guide

Network Monitoring Software

April 2025

Download the complete report

Helped 850,760 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Network Analytics

Average Rating

8.2

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Network Monitoring Software (30th), Network Traffic Analysis (NTA) (4th), Network Detection and Response (NDR) (8th), Cisco Security Portfolio (7th)

LogRhythm UEBA

Average Rating

7.0

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (11th), Extended Detection and Response (XDR) (25th)

Mindshare comparison

Cisco Secure Network Analytics and LogRhythm UEBA aren’t in the same category and serve different purposes. Cisco Secure Network Analytics is designed for Network Monitoring Software and holds a mindshare of 1.2%, down 1.6% compared to last year.
LogRhythm UEBA, on the other hand, focuses on User Entity Behavior Analytics (UEBA), holds 1.9% mindshare, down 3.1% since last year.

Network Monitoring Software

User Entity Behavior Analytics (UEBA)

Featured Reviews

Sudhakar T

Group Head at Stpi

Strong network security analytics with excellent encrypted traffic analysis features

Improvements are needed on the application layer for complete security analysis. The solution should have the ability to analyze security events not only at the network layer but also at the application and OS layers. There's a need for a more comprehensive licensing model where all necessary licenses are included by default.

Read full review

Sheikh Abu Ayub Azad

CEO at Trustaira

Great at managing cyber incidents; the technical support could be improved

The initial setup is easy, partly because LogRhythm is primarily based on the Windows platform. It's good to have two engineers for deployment but it can be done with one. It's more about the knowledge. Deployment is typically done in two or three different phases. It usually takes up to three full months to get good deployment. There's the initial onboarding of all the log sources, then collecting data in the data lake, followed a couple of weeks later with some minor tuning before the final tuneup.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Cisco products are incredibly stable, boasting a 200% stability."

"Most valuable features are the network maps and server and network response time."

"The deployment was a breeze. It is a very innovative and robust platform that allows us to bi-directionally stitch together data elements from Netflow-enabled devices to provide a context for network utilization."

"I believe this solution has reduced our incident response time."

"The most valuable features provided by this solution are visibility and information."

"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."

"There are already many functionalities, so I don't think there is anything to improve."

"The most valuable feature we got out of Stealthwatch is to be able to, while troubleshooting, go deep into one of our interfaces and verify what the bandwidth is and if there's any activity there that's causing problems."

More Cisco Secure Network Analytics pros

"I typically use the product for reducing cyber risk, and I can investigate attacks more quickly using machine learning tools."

"I can investigate attacks more quickly using machine learning tools."

"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."

"Good capability pinpointing specific cyber incidents."

"It has a lot of features. It has file integration monitoring."

"The solution's most valuable features are the graphical user interface and the reporting."

"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."

"The tool's most valuable feature is server threat hunting."

More LogRhythm UEBA pros

Cons

"We had some trouble with the installation as we migrated from our previous solution."

"Better integration between Cisco Secure Network Analytics and Cisco Secure Workload would be beneficial."

"I would like to see more expansion in artificial intelligence and machine learning features."

"The ability to be natively integrated into Port Aggregator would be beneficial because it would reduce just one more component that's needed in order to have that type of view."

"We need to be able to filter out internal IPs as non-threats."

"We would like the solution to make more advances in the way that Extreme Networks has been doing."

"I would like to see better filters."

"I think the interface is a little lacking. The interface seems like it just needs to be modernized. It's been the same interface now, ever since I've seen it probably four years ago."

More Cisco Secure Network Analytics cons

"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."

"The cloud version is lacking and not up to par."

"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."

"In general, if something needs to be improved in the algorithm, it would be the dashboards."

"The on-premises LogRhythm is not very scalable. When considering packets per second or the MPS needed for additional logs such as web application logs, scalability is usually found in cloud products."

"It would be helpful if there were more guidance provided for integrating with unsupported devices."

"The UI could be improved a little bit."

"The search feature needs to be improved."

More LogRhythm UEBA cons

Pricing and Cost Advice

"We pay for support costs on a yearly basis."

"On a yearly basis, licensing is somewhere around $30,000."

"The licensing costs are outrageous."

"It is worth the cost."

"Licensing is done by flows per second, not including outside>in traffic."

"One of the things which bugs me about Lancope is the licensing. We understand how licensing works. Our problem is when we bought and purchased most of these Lancope devices, we did so with our sister company. Somewhere within the purchase and distribution, licensing got mixed up. That is all on Cisco, and it is their responsibility. They allotted some of our sister company's equipment to us, and some of our equipment to them. To date, they have never been able to fix it."

"Licensing is done by flows per second, not including outside (in traffic)."

"There are additional licenses needed for the number of so-called network flows. It's hard to plan the number of flows you need in the network, this is a problem. The price of the Cisco Stealthwatch is relatively inexpensive"

More Cisco Secure Network Analytics pricing and cost advice

"As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."

"The pricing is nice when compared to other products in the industry."

"LogRhythm UEBA's pricing is affordable for small and medium businesses."

"It is quite a budget-friendly product."

"I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."

"Licensing is on a yearly basis. It's not expensive compared to its competitors."

See which vendors are best for you

Use our free recommendation engine to learn which Network Monitoring Software solutions are best for your needs.

See recommendations

850,760 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

28%

Financial Services Firm

11%

Government

Manufacturing Company

Computer Software Company

18%

Financial Services Firm

10%

Manufacturing Company

Real Estate/Law Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco Stealthwatch?

The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.

See all answers

What is your experience regarding pricing and costs for Cisco Stealthwatch?

The organization experienced challenges with licensing as Cisco has multiple licensing factors, and there are concerns about the price. Cisco solutions are considered to be very expensive.

See all answers

What needs improvement with Cisco Stealthwatch?

See all answers

What do you like most about LogRhythm UserXDR?

The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...

See all answers

What is your experience regarding pricing and costs for LogRhythm UserXDR?

I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.

See all answers

What needs improvement with LogRhythm UserXDR?

In general, if something needs to be improved in the algorithm, it would be the dashboards. The dashboards with solutions such as Splunk are very neat and clean. I would also like to improve the us...

See all answers

Comparisons

Darktrace vs Cisco Secure Network Analytics

Compared 16% of the time

Vectra AI vs Cisco Secure Network Analytics

Compared 9% of the time

ThousandEyes vs Cisco Secure Network Analytics

Compared 8% of the time

ExtraHop Reveal(x) vs Cisco Secure Network Analytics

Compared 6% of the time

Arista NDR vs Cisco Secure Network Analytics

Compared 4% of the time

More Cisco Secure Network Analytics Competitors

Wazuh vs LogRhythm UEBA

Compared 43% of the time

Darktrace vs LogRhythm UEBA

Compared 19% of the time

Cortex XDR by Palo Alto Networks vs LogRhythm UEBA

Compared 9% of the time

Microsoft Purview Insider Risk Management vs LogRhythm UEBA

Compared 8% of the time

CrowdStrike Falcon vs LogRhythm UEBA

Compared 6% of the time

More LogRhythm UEBA Competitors

Product Reports

Buyer's Guide

Cisco Secure Network Analytics

May 2025

Download Cisco Secure Network Analytics product report

Buyer's Guide

User Entity Behavior Analytics (UEBA)

May 2025

Download LogRhythm UEBA product report

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch

LogRhythm UserXDR, LogRhythm Enterprise UEBA

Overview

Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.

Cisco Secure Network Analytics Benefits

A few ways that organizations can benefit by choosing to deploy Cisco Secure Network Analytics include:

Security scaling. Secure Network Analytics makes it easy for organizations to scale up their level of network protection to match the growth that their business is experiencing. It can be deployed on whatever type of system is necessary. Users will have their growth needs met at every stage of their business journey because the solution offers users the ability to use it on-premises or in the cloud and it can be consumed as a SaaS-based or license-based solution. Whenever any kind of device is added, Secure Network Analytics can automatically classify that device so that it is seamlessly integrated into its network protection system.

Detects threats as they appear. Users gain the ability to scan their network traffic for even the most advanced threats at all times. Secure Network Analytics easily identifies the early warning signs that are typically initiated before attacks are conducted by bad actors. Once these signs are found, users are warned so that they can take steps to prevent those threats from escalating. This also enables users to determine the source of the threat and whether it might have spread further than initially thought.

Eliminate blind spots. Organizations that use Secure Network Analytics can view their network traffic across both private networks and public cloud environments. The scanning power of the solution allows users to gain complete visibility with a fewer number of sensors than their competitors require to achieve a similar level of protection.

Cisco Secure Network Analytics Features

Some of the many features that Cisco Secure Network Analytics offers include:

Centralized security management. Secure Network Analytics’ Identity Services Engine feature enables users to control their network from a single graphical user interface. Administrators can simplify their jobs by controlling profiler, posture, guest, authentication, and authorization services from a single pane of glass.

Machine learning tools. Secure Network Analytics uses machine learning to generate alerts when malicious or suspicious activity is detected. It also analyzes the threat so that users gain insight into the nature of the dangers that confront them. Additionally, it examines the threats to determine whether they are actual threats or false alarms. This significantly reduces the number of false alarms that administrators have to spend time attempting to resolve.

Automation. Users can automate routine tasks that users would otherwise have to handle manually. This automation feature frees administrators and employees to handle other more critical tasks.

Reviews from Real Users

Cisco Secure Network Analytics is a solution that stands out even when compared to many other comparable products. Two major advantages that it offers are the way that it enables users to define the threshold at which the solution will issue a warning to administrators and the predefined alerts that it offers straight out of the box.

Gerald J., the information technology operations supervisor at Aboitiz Equity Ventures, Inc., writes, “StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.”

A senior security engineer at a tech services company, says, “Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box.”

Cisco

LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).

LogRhythm

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF

Information Not Available

Buyer's Guide

Network Monitoring Software

April 2025

Download Free Report

Find out what your peers are saying about Zabbix, Auvik, Datadog and others in Network Monitoring Software. Updated: April 2025.

DOWNLOAD NOW

850,760 professionals have used our research since 2012.

We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.