Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs LogRhythm UEBA [EOL] comparison

The compared Cisco and Exabeam solutions aren't in the same category. Cisco is ranked #33 in NMS , with an average rating of 8.5, and holds a 1.2% mindshare in the category. Additionally, 88% of Cisco users are willing to recommend the solution, compared to 55% of Exabeam users who would recommend it.
Cisco Secure Network Analytics
Read 61 Cisco Secure Network Analytics reviews
  • 6,014 Views
  • 1,744 Comparison Views
88% willing to recommend
LogRhythm UEBA [EOL]
Read 11 LogRhythm UEBA [EOL] reviews
    55% willing to recommend
     

    Comparison Buyer's Guide

    Download the report
    Executive Summary
    We performed a comparison between Cisco Secure Network Analytics and LogRhythm UEBA [EOL] based on real PeerSpot user reviews.

    Find out what your peers are saying about Zabbix, Auvik, SolarWinds and others in Network Monitoring Software.

    DOWNLOAD THE COMPLETE REPORT
    To learn more, read our detailed Network Monitoring Software Report (Updated: August 2025).
    Buyer's Guide
    Network Monitoring Software
    August 2025
    Download the complete report
    Helped 865,164 peers since 2012

    Review summaries and opinions

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Categories and Ranking

    Cisco Secure Network Analytics
    Average Rating
    8.2
    Reviews Sentiment
    6.9
    Number of Reviews
    61
    Ranking in other categories
    Network Monitoring Software (33rd), Network Traffic Analysis (NTA) (5th), Network Detection and Response (NDR) (7th), Cisco Security Portfolio (8th)
    LogRhythm UEBA [EOL]
    Average Rating
    7.0
    Reviews Sentiment
    6.7
    Number of Reviews
    11
    Ranking in other categories
    No ranking in other categories
     

    Featured Reviews

    Muhammad Harun-Owr-Roshid - PeerSpot reviewer
    Have streamlined network visibility and troubleshooting while seeing benefits from AI integration
    In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper management of the database is also important; it should be centralized for easier data collection from a single database. When precise manual analysis is needed, it's sometimes difficult, so having a centralized database will allow network admins to find actual scenarios more effectively, especially since some information may not be visible on the GUI. Cisco should upgrade their hardware part to run the database, because sometimes it cannot handle the load while all features are running in the network. The database management should indeed be centralized because while AI runs behind the systems, central management is essential. For example, in a network with 100 Cisco switches, a few routers, firewalls, and access points, all data generated should be preserved in a central database. This approach simplifies management and analysis for troubleshooting, as GUI interfaces may not always provide visible information. Centralizing the database will allow for better understanding of which information is preserved for each specific device.
    Read full review
    Sheikh Abu Ayub Azad - PeerSpot reviewer
    Great at managing cyber incidents; the technical support could be improved
    The initial setup is easy, partly because LogRhythm is primarily based on the Windows platform. It's good to have two engineers for deployment but it can be done with one. It's more about the knowledge. Deployment is typically done in two or three different phases. It usually takes up to three full months to get good deployment. There's the initial onboarding of all the log sources, then collecting data in the data lake, followed a couple of weeks later with some minor tuning before the final tuneup.
    Read full review

    Quotes from Members

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Pros

    "There are already many functionalities, so I don't think there is anything to improve."
    "I value the feature which enables me to detect devices talking to suspect IPs."
    "The artifacts available in the tool provide better information for analyzing network traffic. It enables a holistic view of network traffic and general packet analysis. It's easy to identify anomalies without the use of signatures. The way in which we implemented Stealthwatch Cloud has enabled my team to analyze traffic behind proxies."
    "Cisco Stealthwatch provides the solutions analytics and threat detection capabilities that I am looking for. It has also improved the network visibility of our organization."
    "The fact that it can identify down to an IP address of a system that is causing problems, or potentially causing problems, is very valuable."
    "The feature most valuable for us is to gain visibility of what is actually floating through, so we can stop it based on whether it's good or bad traffic."
    "The most valuable feature is integration."
    "The most valuable features of this solution are its reporting and mitigation capabilities."
    More Cisco Secure Network Analytics pros
    "What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
    "It has a lot of features. It has file integration monitoring."
    "The most valuable features are file activity monitoring and registry activity monitoring."
    "LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
    "The tool's most valuable feature is server threat hunting."
    "Good capability pinpointing specific cyber incidents."
    "It is easy to monitor users and that is how the solution is adding value to our firm."
    "I can investigate attacks more quickly using machine learning tools."
    More LogRhythm UEBA [EOL] pros
     

    Cons

    "I would like to see more and cleaner reporting. For example, if I pull up Steven and I want to look and maybe compare him to what you've done in the past week, and compare that to the past six months, the point would be to see what the difference in activity looks like over this time. I don't see that capability in reporting to date. You see that trend but you don't really see a straightforward comparison. That right there is key to what we want to see about the normal activity."
    "I would like Cisco to make it easier for the administrators to use it."
    "The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure."
    "Its granularity for RBAC roles-based access control needs improvement."
    "I think the interface is a little lacking. The interface seems like it just needs to be modernized. It's been the same interface now, ever since I've seen it probably four years ago."
    "I would like to see it better organized when I'm looking at it."
    "I would like to see some improvement when it comes to reporting."
    "It is time-consuming to set it up and understand how the tool works."
    More Cisco Secure Network Analytics cons
    "In general, if something needs to be improved in the algorithm, it would be the dashboards."
    "The on-premises LogRhythm is not very scalable. When considering packets per second or the MPS needed for additional logs such as web application logs, scalability is usually found in cloud products."
    "It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
    "What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
    "The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
    "The search feature needs to be improved."
    "The cloud version is lacking and not up to par."
    "It would be helpful if there were more guidance provided for integrating with unsupported devices."
    More LogRhythm UEBA [EOL] cons
     

    Pricing and Cost Advice

    "The yearly licensing cost is about $50,000."
    "The solution is expensive. It costs several hundred thousand dollars per year (depending on how many flows you are collecting)."
    "It has a subscription model. There is yearly support, and there is also three-year support. It depends on what the customers want."
    "​Licensing is done by flows per second, not including outside (in traffic)."
    "NetFlow is very expensive."
    "Licensing is on a yearly basis."
    "There are additional licenses needed for the number of so-called network flows. It's hard to plan the number of flows you need in the network, this is a problem. The price of the Cisco Stealthwatch is relatively inexpensive"
    "The pricing for this solution is good."
    More Cisco Secure Network Analytics pricing and cost advice
    "As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."
    "LogRhythm UEBA's pricing is affordable for small and medium businesses."
    "I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."
    "The pricing is nice when compared to other products in the industry."
    "It is quite a budget-friendly product."
    "Licensing is on a yearly basis. It's not expensive compared to its competitors."
    report
    See which vendors are best for you
    Use our free recommendation engine to learn which Network Monitoring Software solutions are best for your needs.
    See recommendations
    865,164 professionals have used our research since 2012.
     

    Top Industries

    By visitors reading reviews
    Computer Software Company
    24%
    Government
    10%
    Financial Services Firm
    9%
    Manufacturing Company
    9%
    Computer Software Company
    13%
    Financial Services Firm
    9%
    Retailer
    9%
    Comms Service Provider
    7%
     

    Company Size

    By reviewers
    Large Enterprise
    Midsize Enterprise
    Small Business
     

    Questions from the Community

    What do you like most about Cisco Stealthwatch?
    The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
    See all answers
    What is your experience regarding pricing and costs for Cisco Stealthwatch?
    Regarding cost, for the Bangladesh context, Cisco Secure Network Analytics is a little bit high-priced because we are a developing country, making it tough to manage affordable solutions. However, ...
    See all answers
    What needs improvement with Cisco Stealthwatch?
    In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper m...
    See all answers
    What do you like most about LogRhythm UserXDR?
    The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...
    See all answers
    What is your experience regarding pricing and costs for LogRhythm UserXDR?
    I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.
    See all answers
    What needs improvement with LogRhythm UserXDR?
    In general, if something needs to be improved in the algorithm, it would be the dashboards. The dashboards with solutions such as Splunk are very neat and clean. I would also like to improve the us...
    See all answers
     

    Comparisons

    Darktrace vs Cisco Secure Network Analytics Logo
    Darktrace vs Cisco Secure Network Analytics
    Compared 15% of the time
    ThousandEyes vs Cisco Secure Network Analytics Logo
    ThousandEyes vs Cisco Secure Network Analytics
    Compared 8% of the time
    Vectra AI vs Cisco Secure Network Analytics Logo
    Vectra AI vs Cisco Secure Network Analytics
    Compared 7% of the time
    ExtraHop Reveal(x) vs Cisco Secure Network Analytics Logo
    ExtraHop Reveal(x) vs Cisco Secure Network Analytics
    Compared 5% of the time
    Arista NDR vs Cisco Secure Network Analytics Logo
    Arista NDR vs Cisco Secure Network Analytics
    Compared 4% of the time
    More Cisco Secure Network Analytics Competitors
    Wazuh vs LogRhythm UEBA [EOL] Logo
    Wazuh vs LogRhythm UEBA [EOL]
    Compared 36% of the time
    Darktrace vs LogRhythm UEBA [EOL] Logo
    Darktrace vs LogRhythm UEBA [EOL]
    Compared 20% of the time
    Cortex XDR by Palo Alto Networks vs LogRhythm UEBA [EOL] Logo
    Cortex XDR by Palo Alto Networks vs LogRhythm UEBA [EOL]
    Compared 12% of the time
    IBM Security QRadar vs LogRhythm UEBA [EOL] Logo
    IBM Security QRadar vs LogRhythm UEBA [EOL]
    Compared 7% of the time
    Microsoft Purview Insider Risk Management vs LogRhythm UEBA [EOL] Logo
    Microsoft Purview Insider Risk Management vs LogRhythm UEBA [EOL]
    Compared 7% of the time
    More LogRhythm UEBA [EOL] Competitors
     

    Product Reports

    Buyer's Guide
    Cisco Secure Network Analytics
    August 2025
    Cisco Secure Network Analytics reportDownload Cisco Secure Network Analytics product report
    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    July 2025
    LogRhythm UEBA [EOL] reportDownload LogRhythm UEBA [EOL] product report
     

    Also Known As

    Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
    LogRhythm UserXDR, LogRhythm Enterprise UEBA
     

    Overview

    Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.

    Cisco Secure Network Analytics Benefits

    A few ways that organizations can benefit by choosing to deploy Cisco Secure Network Analytics include:

    • Security scaling. Secure Network Analytics makes it easy for organizations to scale up their level of network protection to match the growth that their business is experiencing. It can be deployed on whatever type of system is necessary. Users will have their growth needs met at every stage of their business journey because the solution offers users the ability to use it on-premises or in the cloud and it can be consumed as a SaaS-based or license-based solution. Whenever any kind of device is added, Secure Network Analytics can automatically classify that device so that it is seamlessly integrated into its network protection system.
    • Detects threats as they appear. Users gain the ability to scan their network traffic for even the most advanced threats at all times. Secure Network Analytics easily identifies the early warning signs that are typically initiated before attacks are conducted by bad actors. Once these signs are found, users are warned so that they can take steps to prevent those threats from escalating. This also enables users to determine the source of the threat and whether it might have spread further than initially thought.
    • Eliminate blind spots. Organizations that use Secure Network Analytics can view their network traffic across both private networks and public cloud environments. The scanning power of the solution allows users to gain complete visibility with a fewer number of sensors than their competitors require to achieve a similar level of protection.

    Cisco Secure Network Analytics Features

    Some of the many features that Cisco Secure Network Analytics offers include:

    • Centralized security management. Secure Network Analytics’ Identity Services Engine feature enables users to control their network from a single graphical user interface. Administrators can simplify their jobs by controlling profiler, posture, guest, authentication, and authorization services from a single pane of glass.
    • Machine learning tools. Secure Network Analytics uses machine learning to generate alerts when malicious or suspicious activity is detected. It also analyzes the threat so that users gain insight into the nature of the dangers that confront them. Additionally, it examines the threats to determine whether they are actual threats or false alarms. This significantly reduces the number of false alarms that administrators have to spend time attempting to resolve.
    • Automation. Users can automate routine tasks that users would otherwise have to handle manually. This automation feature frees administrators and employees to handle other more critical tasks.

    Reviews from Real Users

    Cisco Secure Network Analytics is a solution that stands out even when compared to many other comparable products. Two major advantages that it offers are the way that it enables users to define the threshold at which the solution will issue a warning to administrators and the predefined alerts that it offers straight out of the box.

    Gerald J., the information technology operations supervisor at Aboitiz Equity Ventures, Inc., writes, “StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.”

    A senior security engineer at a tech services company, says, “Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box.”

    Cisco

    LogRhythm UEBA [EOL] offers advanced threat detection with an intuitive interface, utilizing correlation, behavior analysis, and machine learning to monitor server threats and privileged accounts effectively.

    LogRhythm UEBA [EOL] provides comprehensive user behavior analytics and threat hunting capabilities, making use of customizable dashboards, reporting tools, file and registry monitoring. CloudAI adds depth by identifying unknown activities, enhancing network visibility and cyber risk reduction through constant monitoring. Users in Sri Lanka find it valuable for network stability, while other users leverage it for improved user monitoring and quick attack investigation. Despite its strong features, enhancements in integration, pricing in Asia, and documentation could improve its adoption.

    What are the key features of LogRhythm UEBA [EOL]?
    • Intuitive Graphical Interface: Provides a user-friendly experience tailored to cybersecurity needs.
    • Customizable Dashboards: Offers personalized monitoring views and reporting capabilities.
    • Effective Reporting Tools: Enhances incident analysis and decision-making with detailed insights.
    • Machine Learning: Identifies patterns in user behavior, detecting anomalies efficiently.
    • CloudAI: Detects unknown activities, improving threat identification accuracy.
    What benefits can users expect from LogRhythm UEBA [EOL]?
    • Enhanced Threat Detection: Increases network safety through comprehensive monitoring.
    • Improved Network Visibility: Facilitates better management of cybersecurity resources.
    • Quick Attack Investigation: Reduces time to detect and respond to threats.
    • Cyber Risk Reduction: Employs machine learning to address potential security gaps proactively.

    In the financial sector, LogRhythm UEBA [EOL] is implemented to monitor privileged accounts and identify suspicious transactions swiftly. Healthcare organizations use it to safeguard sensitive patient data through behavior analysis. Manufacturing firms apply it to protect intellectual property and ensure compliance with industry regulations. Across these industries, the adaptability and analytics of LogRhythm UEBA [EOL] offer a strategic approach to cybersecurity management.

    Exabeam
     

    Sample Customers

    Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
    Information Not Available
    Buyer's Guide
    Network Monitoring Software
    August 2025
    Download Free Report
    Find out what your peers are saying about Zabbix, Auvik, SolarWinds and others in Network Monitoring Software. Updated: August 2025.
    DOWNLOAD NOW
    865,164 professionals have used our research since 2012.

    We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.