We performed a comparison between Cisco Secure Network Analytics and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Zabbix, Datadog, Auvik and others in Network Monitoring Software."We can manage the entire system across the network and troubleshoot the pain points."
"Using the Cognitive Analytics feature, we have complete visibility that we didn’t have before."
"It's easy to set up. The deployment takes one or two days. You need to collect the data from a device and then direct it to the portal."
"The search options on Cisco Stealthwatch are the most valuable. You can get very granular with it, down to the kilobits or the seconds if you want. The product supports any time frame that you need, so that is nice."
"The most valuable feature is having visibility into the data segments throughout our network."
"Most of the engineers I've worked with have been really good. Very knowledgeable and easy to work with."
"Great network monitoring, looking at anomaly detection and evaluation."
"The most valuable feature is its alerts and dashboard."
"It's a dependable product that is able to pinpoint where we have vulnerabilities if they occur."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The most valuable features are the packet inspection and the automated incident response."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"The most valuable feature is the security that it provides."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"The Wi-Fi side needs improvement."
"We need to be able to filter out internal IPs as non-threats."
"We've run into some issues with the configuration."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"It hasn't really improved our direct detection rate but it has definitely reduced our incident response time as we wouldn't have been able to detect threats or immediate risks without this solution."
"It's a good solid solution but integration with Network Access Control products with Cisco ISE would be good."
"I would like to see some improvement when it comes to reporting."
"The initial setup was complex."
"I would like to see better filters."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"Security needs improvement."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"The implementation needs assistance."
"The user interface is a little bit difficult for new users and it needs to be improved."
"The log system is a bit complex and has room for improvement."
"Its technical support could be better."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Cisco Secure Network Analytics is rated 8.2, while NetWitness Platform is rated 7.4. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Trellix Network Detection and Response.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.