Try our new research platform with insights from 80,000+ expert users

Cisco Secure Network Analytics vs Vectra AI comparison

Cisco and Vectra AI are both solutions in the Network Detection and Response (NDR) category. Cisco is ranked #7 with an average rating of 8.5, while Vectra AI is ranked #2 with an average rating of 8.0. Cisco holds a 7.0% mindshare in NDaR, compared to Vectra AI’s 15.6% mindshare. Additionally, 88% of Cisco users are willing to recommend the solution, compared to 97% of Vectra AI users who would recommend it.
Cisco Secure Network Analytics
Read 61 Cisco Secure Network Analytics reviews
  • 5,843 Views
  • 2,045 Comparison Views
88% willing to recommend
Vectra AI
Read 45 Vectra AI reviews
  • 8,741 Views
  • 6,119 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 6, 2024

Vectra AI and Cisco Secure Network Analytics are competing products in the network security and threat detection category. Vectra AI appears to have an advantage due to its focused AI-driven insights and detection capabilities, while Cisco excels in detailed network monitoring and analysis.

Features: Vectra AI leverages AI and machine learning for advanced threat detection, reduces alert fatigue, and offers integration with SIEM tools, providing visibility into lateral network movements. It efficiently prioritizes threats and correlates detections with compromised host devices. Cisco Secure Network Analytics provides network visibility and integrates with Cisco's suite, offering encrypted threat analysis and flow-based analytics for insights into network traffic and anomalies.

Room for Improvement: Vectra AI could enhance host-level visibility and integration with external data sources, as its network-based focus restricts full integration of host behaviors. Users have requested better documentation and smoother security tool integrations. Cisco Secure Network Analytics needs a more user-friendly interface and simpler integration processes. Its pricing model and network flow-based licensing can be complex, and more comprehensive AI features are desired for improved threat response.

Ease of Deployment and Customer Service: Vectra AI provides flexible deployment options, including on-premises, public cloud, and hybrid setups, with customer service praised for responsiveness and expertise. Cisco Secure Network Analytics mainly operates on-premises with reliable support but users report occasional challenges with deployment complexity. Vectra's support is noted for quick response times, while Cisco's is initially cumbersome but dependable.

Pricing and ROI: Vectra AI's pricing is considered high due to its comprehensive AI capabilities, with tiered licensing based on IP addresses and features like Cognito Recall. It offers strong ROI through reduced attack response time and detection efficiency. Cisco Secure Network Analytics is also expensive, with pricing linked to network flow and feature usage. Its integration with larger Cisco solutions can add value but might be costly for smaller setups. Users find Vectra AI offers better ROI through its AI-driven insights and reduced manual workload.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cisco Secure Network Analytics vs. Vectra AI Report (Updated: July 2025).
Buyer's Guide
Cisco Secure Network Analytics vs. Vectra AI
July 2025
Download the complete report
Helped 867,299 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.0
Reviews on Cisco Secure Network Analytics show mixed ROI perceptions, highlighting both immediate benefits and debated long-term monetary savings.
Sentiment score
7.1
Vectra AI enhances security efficiency, reduces threat response times, and offers cost-effective risk management compared to other solutions.
 

Customer Service

Sentiment score
7.2
Cisco Secure Network Analytics' support is generally well-regarded for responsiveness and expertise, despite occasional difficulty finding the right engineer.
Sentiment score
8.2
Vectra AI's customer service is responsive, knowledgeable, and generally praised, though complex issues might experience occasional delays.
There is a lack of adequate local support from the Indian side.
For technical support of Cisco, the support they provide depends on how the client procures it, and so far, it's understandable.
For more quotes and insights, download the Cisco Secure Network Analytics report
The support is quite reliable depending on the service engineer assigned.
When I create tickets, the response is fast, and issues are solved promptly.
For more quotes and insights, download the Vectra AI report
Sudhakar T - PeerSpot reviewerMuhammad Harun-Owr-Roshid - PeerSpot reviewerreviewer2238027 - PeerSpot reviewer
NF
 

Scalability Issues

Sentiment score
6.6
Cisco Secure Network Analytics excels in scalability and adaptability, though it can be costly and challenging in data management.
Sentiment score
7.5
Vectra AI is scalable and flexible, easily integrating with cloud platforms, but may require planning and can be costly.
 

Stability Issues

Sentiment score
8.3
Cisco Secure Network Analytics is highly stable with minimal downtime, improved firmware, and strong reliability reported by users.
Sentiment score
8.0
Vectra AI is praised for stability, requiring minimal maintenance, with efficient updates and quick issue resolution ensuring reliable performance.
Cisco products are incredibly stable, boasting a 200% stability.
Once resolved, the system works well, and overall I think it's good.
For more quotes and insights, download the Cisco Secure Network Analytics report
No quotes available
For more quotes and insights, download the Vectra AI report
 

Room For Improvement

Cisco Secure Network Analytics needs better filtering, AI, integration, interface, speed, visibility, management, reporting, licensing, and cost efficiency.
Vectra AI needs better visibility, integration, flexibility, reporting, and customization, plus improved UI, detection accuracy, and endpoint coverage.
The solution should have the ability to analyze security events not only at the network layer but also at the application and OS layers.
Proper management of the database is also important; it should be centralized for easier data collection from a single database.
For more quotes and insights, download the Cisco Secure Network Analytics report
ExtraHop's ability to decrypt encrypted data is a feature that Vectra AI lacks.
You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end.
Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources.
For more quotes and insights, download the Vectra AI report
Sudhakar T - PeerSpot reviewerMuhammad Harun-Owr-Roshid - PeerSpot reviewer
NF
Mohammad Alkurdi - PeerSpot reviewerreviewer2238027 - PeerSpot reviewer
 

Setup Cost

Enterprise users find Cisco Secure Network Analytics costly due to complex licensing, with costs varying widely based on usage.
Vectra AI's pricing varies; it's seen as costly yet competitive for quality, with complex licensing needing simplification.
Cisco solutions are considered to be very expensive.
Regarding cost, for the Bangladesh context, Cisco Secure Network Analytics is a little bit high-priced because we are a developing country, making it tough to manage affordable solutions.
For more quotes and insights, download the Cisco Secure Network Analytics report
Vectra is cheaper in terms of pricing and features compared to Darktrace.
It is very acceptable when you compare it with Darktrace, for example.
For more quotes and insights, download the Vectra AI report
Sudhakar T - PeerSpot reviewerMuhammad Harun-Owr-Roshid - PeerSpot reviewerreviewer2238027 - PeerSpot reviewerMohammad Alkurdi - PeerSpot reviewer
 

Valuable Features

Cisco Secure Network Analytics offers visibility, threat detection, and analytics, enhancing security with AI-driven insights and encrypted traffic analysis.
Vectra AI excels in threat detection, risk management, and seamless integration, enhancing security operations with AI-driven insights.
The most valuable features include encrypted traffic analytics and the ability to fulfill requirements at the network level.
Every solution is gradually integrated with AI, and Cisco has already implemented AI building features in their solution.
For more quotes and insights, download the Cisco Secure Network Analytics report
The main feature of Vectra AI that I find valuable is its focus on the user interface and its approximately two hundred algorithms based on artificial intelligence and machine learning.
There are extensive out-of-box detection capabilities.
For more quotes and insights, download the Vectra AI report
Sudhakar T - PeerSpot reviewerMuhammad Harun-Owr-Roshid - PeerSpot reviewer
NF
Mohammad Alkurdi - PeerSpot reviewer
 

Categories and Ranking

Cisco Secure Network Analytics
Ranking in Network Detection and Response (NDR)
7th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
61
Ranking in other categories
Network Monitoring Software (33rd), Network Traffic Analysis (NTA) (5th), Cisco Security Portfolio (8th)
Vectra AI
Ranking in Network Detection and Response (NDR)
2nd
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (4th), Extended Detection and Response (XDR) (18th), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of September 2025, in the Network Detection and Response (NDR) category, the mindshare of Cisco Secure Network Analytics is 7.0%, down from 8.6% compared to the previous year. The mindshare of Vectra AI is 15.6%, down from 17.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Detection and Response (NDR) Market Share Distribution
ProductMarket Share (%)
Vectra AI15.6%
Cisco Secure Network Analytics7.0%
Other77.4%
Network Detection and Response (NDR)
 

Q&A Highlights

CW
Feb 11, 2020
I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by a second-generation AV but I need to have a solid 2nd gen. AV besides the total high cost of Darktrace which by the way is worth it for IT pros but not for business owners. We need to have something like virus total but for risks and threats beyond viruses where all vendors work on this and all endpoint customers with different vendors connect to it to be secured.
See all answers
 

Featured Reviews

Muhammad Harun-Owr-Roshid - PeerSpot reviewer
Have streamlined network visibility and troubleshooting while seeing benefits from AI integration
In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper management of the database is also important; it should be centralized for easier data collection from a single database. When precise manual analysis is needed, it's sometimes difficult, so having a centralized database will allow network admins to find actual scenarios more effectively, especially since some information may not be visible on the GUI. Cisco should upgrade their hardware part to run the database, because sometimes it cannot handle the load while all features are running in the network. The database management should indeed be centralized because while AI runs behind the systems, central management is essential. For example, in a network with 100 Cisco switches, a few routers, firewalls, and access points, all data generated should be preserved in a central database. This approach simplifies management and analysis for troubleshooting, as GUI interfaces may not always provide visible information. Centralizing the database will allow for better understanding of which information is preserved for each specific device.
Read full review
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.
See recommendations
867,299 professionals have used our research since 2012.
 

Answers from the Community

CW
Feb 11, 2020
Feb 11, 2020
I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by...
2 out of 9 answers
reviewer973458 - PeerSpot reviewer
Aug 26, 2019
Raffael Marty, Vice President, Forcepoint Research and Intelligence, said: "There is no artificial intelligence in the field of information security, and it is unlikely to be developed in 2019." Most of unsupervised machine learning-based network anomaly detection solution does not provide why the anomaly has been aroused and whether the anomaly is malicious or not. Most of such solution's pricing model is based on number of endpoints but I prefer to have flat fee subscription-based.
Read full answer
IT
Aug 26, 2019
I that feel there are two old problems still there in the market: 1-Vendors don't talk to each other. 2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true. I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by a second-generation AV but I need to have a solid 2nd gen. AV besides the total high cost of Darktrace which by the way is worth it for IT pros but not for business owners. We need to have something like virus total but for risks and threats beyond viruses where all vendors work on this and all endpoint customers with different vendors connect to it to be secured.
Read full answer
See all 9 answers
 

Top Industries

By visitors reading reviews
Computer Software Company
23%
Government
10%
Financial Services Firm
9%
Manufacturing Company
9%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise7
Large Enterprise52
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise10
Large Enterprise27
 

Questions from the Community

What do you like most about Cisco Stealthwatch?
The most valuable feature of Cisco Secure Network Analytics is the Threat Intelligence integration.
See all answers
What is your experience regarding pricing and costs for Cisco Stealthwatch?
Regarding cost, for the Bangladesh context, Cisco Secure Network Analytics is a little bit high-priced because we are a developing country, making it tough to manage affordable solutions. However, ...
See all answers
What needs improvement with Cisco Stealthwatch?
In terms of improvements for Cisco Secure Network Analytics, from the implementation point of view, now that AI is in use, some other features need to be upgraded considering AI solutions. Proper m...
See all answers
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
See all answers
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
See all answers
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
See all answers
 

Comparisons

Darktrace vs Cisco Secure Network Analytics Logo
Darktrace vs Cisco Secure Network Analytics
Compared 16% of the time
ThousandEyes vs Cisco Secure Network Analytics Logo
ThousandEyes vs Cisco Secure Network Analytics
Compared 8% of the time
ExtraHop Reveal(x) vs Cisco Secure Network Analytics Logo
ExtraHop Reveal(x) vs Cisco Secure Network Analytics
Compared 5% of the time
Arista NDR vs Cisco Secure Network Analytics Logo
Arista NDR vs Cisco Secure Network Analytics
Compared 4% of the time
HPE Aruba Networking UXI vs Cisco Secure Network Analytics Logo
HPE Aruba Networking UXI vs Cisco Secure Network Analytics
Compared 3% of the time
More Cisco Secure Network Analytics Competitors
Darktrace vs Vectra AI Logo
Darktrace vs Vectra AI
Compared 29% of the time
ExtraHop Reveal(x) vs Vectra AI Logo
ExtraHop Reveal(x) vs Vectra AI
Compared 11% of the time
Corelight vs Vectra AI Logo
Corelight vs Vectra AI
Compared 7% of the time
Arista NDR vs Vectra AI Logo
Arista NDR vs Vectra AI
Compared 5% of the time
Fortinet FortiNDR vs Vectra AI Logo
Fortinet FortiNDR vs Vectra AI
Compared 4% of the time
More Vectra AI Competitors
 

Product Reports

Buyer's Guide
Cisco Secure Network Analytics
September 2025
Cisco Secure Network Analytics reportDownload Cisco Secure Network Analytics product report
Buyer's Guide
Vectra AI
August 2025
Vectra AI reportDownload Vectra AI product report
 

Also Known As

Cisco Stealthwatch, Cisco Stealthwatch Enterprise, Lancope StealthWatch
Vectra Networks, Vectra AI NDR
 

Overview

Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.

Cisco Secure Network Analytics Benefits

A few ways that organizations can benefit by choosing to deploy Cisco Secure Network Analytics include:

  • Security scaling. Secure Network Analytics makes it easy for organizations to scale up their level of network protection to match the growth that their business is experiencing. It can be deployed on whatever type of system is necessary. Users will have their growth needs met at every stage of their business journey because the solution offers users the ability to use it on-premises or in the cloud and it can be consumed as a SaaS-based or license-based solution. Whenever any kind of device is added, Secure Network Analytics can automatically classify that device so that it is seamlessly integrated into its network protection system.
  • Detects threats as they appear. Users gain the ability to scan their network traffic for even the most advanced threats at all times. Secure Network Analytics easily identifies the early warning signs that are typically initiated before attacks are conducted by bad actors. Once these signs are found, users are warned so that they can take steps to prevent those threats from escalating. This also enables users to determine the source of the threat and whether it might have spread further than initially thought.
  • Eliminate blind spots. Organizations that use Secure Network Analytics can view their network traffic across both private networks and public cloud environments. The scanning power of the solution allows users to gain complete visibility with a fewer number of sensors than their competitors require to achieve a similar level of protection.

Cisco Secure Network Analytics Features

Some of the many features that Cisco Secure Network Analytics offers include:

  • Centralized security management. Secure Network Analytics’ Identity Services Engine feature enables users to control their network from a single graphical user interface. Administrators can simplify their jobs by controlling profiler, posture, guest, authentication, and authorization services from a single pane of glass.
  • Machine learning tools. Secure Network Analytics uses machine learning to generate alerts when malicious or suspicious activity is detected. It also analyzes the threat so that users gain insight into the nature of the dangers that confront them. Additionally, it examines the threats to determine whether they are actual threats or false alarms. This significantly reduces the number of false alarms that administrators have to spend time attempting to resolve.
  • Automation. Users can automate routine tasks that users would otherwise have to handle manually. This automation feature frees administrators and employees to handle other more critical tasks.

Reviews from Real Users

Cisco Secure Network Analytics is a solution that stands out even when compared to many other comparable products. Two major advantages that it offers are the way that it enables users to define the threshold at which the solution will issue a warning to administrators and the predefined alerts that it offers straight out of the box.

Gerald J., the information technology operations supervisor at Aboitiz Equity Ventures, Inc., writes, “StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk.”

A senior security engineer at a tech services company, says, “Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box.”

Cisco

Vectra AI enhances security operations by pinpointing attack locations, correlating alerts, and providing in-depth visibility across attack lifecycles, ultimately prioritizing threats and improving incident responses.

Vectra AI integrates AI and machine learning to detect anomalies early and supports proactive threat response. Its features like risk scoring, alert correlation, and streamlined SOC efficiency are supplemented by integration with tools like Office 365. Users highlight integration, reporting, and customization challenges, alongside limitations in syslog data and false positive management. They seek enhancements in visualization, UI, TCP replay, endpoint visibility, and tool orchestration, with requests for improved documentation, licensing, and cloud processing innovation.

What are the key features of Vectra AI?
  • Attack Location Identification: Pinpoints specific locations of security breaches.
  • Alert Correlation: Combines multiple alerts into a single incident for efficiency.
  • Visibility Across Attack Lifecycle: Offers detailed insight through different attack stages.
  • Risk Scoring: Aggregates risk scores to prioritize imminent threats.
  • AI and Machine Learning: Detects anomalies early to aid in proactive threat response.
  • Integration with Office 365: Seamlessly consolidates data for enriched investigations.
What benefits should users look for?
  • Enhanced SOC Efficiency: Reduces alert fatigue and improves operational efficiency.
  • Threat Prioritization: Focuses on the most critical threats with risk scoring.
  • Proactive Threat Response: Early anomaly detection aids in swift response.
  • Operational Overhead Reduction: Seamless integration minimizes extra workload.
  • Compliance and Policy Support: Assists in adhering to policies and regulations.

In industries like finance, healthcare, and critical infrastructure, Vectra AI is crucial for threat detection and network monitoring. Entities use it for identifying anomalous behaviors and enhancing cybersecurity by responding to network activities and analyzing traffic for potential breaches. It operates on-premises and in hybrid cloud settings, enabling threat detection without endpoint agents and supporting compliance and policy enforcement.

Vectra AI
 

Sample Customers

Edge Web Hosting, Telenor Norway, Ivy Tech Community College of Indiana, Webster Financial Corporation, Westinghouse Electric, VMware, TIAA-CREF
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Buyer's Guide
Cisco Secure Network Analytics vs. Vectra AI
July 2025
Free Report: Cisco Secure Network Analytics vs. Vectra AI
Find out what your peers are saying about Cisco Secure Network Analytics vs. Vectra AI and other solutions. Updated: July 2025.
DOWNLOAD NOW
867,299 professionals have used our research since 2012.
See our Cisco Secure Network Analytics vs. Vectra AI report.
See our list of best Network Detection and Response (NDR) vendors.

We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.