We are using Cisco Secure Cloud Analytics, also known as Cisco's WatchCloud, to monitor user activity in the cloud. Specifically, we are looking for users who are uploading or downloading data beyond their certain cycle limit. If we detect any suspicious activity, we receive an alert and investigate. So, basically, we are analysts. We are labor to analyze, and we are only analyzing data. And we can fine-tune something. And if we are getting alerts, then we can fine-tune it.
It's a network analytics solution. It gets logs from different network systems such as switches, routers, and firewalls, and correlates those logs to give you meaningful insights. For example, it gives you insights into whether any device has been communicating with any bad or malicious IP address on the Internet or dumping any data outside. In a nutshell, it analyzes your traffic and gives you meaningful information about what's happening in the environment.
Global Network and Telecommunication Manager at Nemera Development S.A.
Real User
Top 20
2022-07-15T10:23:56Z
Jul 15, 2022
Cisco Stealthwatch Cloud will be used in our network to monitor our network. We intend to automate the action and response when we are facing a threat.
I have used Stealthwatch Cloud in the insurance sector for what we call the software mapping and automating it with other systems to have a level of visibility. Additionally, we use it for incidents response, forensic analysis, and segmentation of the IT architecture. Cisco Stealthwatch Cloud is typically on the cloud because most of the companies choose it. However, for the government sector, I've used it on-premise, which is the Central Bank of Kenya. One of my clients Cisco Stealthwatch Cloud wanted to map their IT architecture and have visibility. Additionally, they wanted to do API integration with the next-generation firewalls with IPA's and the cross integration with the antivirus, digital forensic discovery solution that they have within the bank. They wanted to see, how they would automate the IT architecture using Cisco Stealthwatch Cloud. In case there is a threat the client needs to do automated incident response, and the solution can act on its own. We do a few tests which are very vital, such as formulated policies. We can see what is on the document, on the ground, and how the policy affects the whole IT architecture. We did those kinds of tests and it went live by automating Cisco Stealthwatch Cloud with a cloud solution and other solutions that they had. We were able to prevent an electric fraud of almost $200,000.
BDM at a tech services company with 501-1,000 employees
Real User
2021-03-09T15:21:46Z
Mar 9, 2021
We're a reseller. Our clients are in the financial vertical as well as in the telecommunication vertical. We onsell this solution. We've got an MSSP license, and we propose this solution to clients.
Find out what your peers are saying about Cisco, Darktrace, Vectra AI and others in Intrusion Detection and Prevention Software (IDPS). Updated: March 2024.
We are global distributors of Cisco Stealthwatch Cloud, we sell the solution to integrators. We usually have a team of engineers, that's the part I work with, to make sure that everything is done together with Cisco. So we work directly with the Cisco team. It's usually deployed in the cloud most of the time. Everything is moving to the cloud.
What Is an Intrusion Detection System? Intrusion detection systems (IDSes) analyze network traffic for signatures of known attackers. The systems can be hardware devices or software solutions. An IDS can mitigate existing malware, such as backdoors, rootkits, and trojans.The goal of an intrusion detection system is to detect an attack as it occurs. The system starts by analyzing inbound and outbound network traffic for signs of known attackers.
Some activities an IDS performs...
We are using Cisco Secure Cloud Analytics, also known as Cisco's WatchCloud, to monitor user activity in the cloud. Specifically, we are looking for users who are uploading or downloading data beyond their certain cycle limit. If we detect any suspicious activity, we receive an alert and investigate. So, basically, we are analysts. We are labor to analyze, and we are only analyzing data. And we can fine-tune something. And if we are getting alerts, then we can fine-tune it.
I use the solution to convey critical action and defeatability.
It's a network analytics solution. It gets logs from different network systems such as switches, routers, and firewalls, and correlates those logs to give you meaningful insights. For example, it gives you insights into whether any device has been communicating with any bad or malicious IP address on the Internet or dumping any data outside. In a nutshell, it analyzes your traffic and gives you meaningful information about what's happening in the environment.
Cisco Stealthwatch Cloud will be used in our network to monitor our network. We intend to automate the action and response when we are facing a threat.
I have used Stealthwatch Cloud in the insurance sector for what we call the software mapping and automating it with other systems to have a level of visibility. Additionally, we use it for incidents response, forensic analysis, and segmentation of the IT architecture. Cisco Stealthwatch Cloud is typically on the cloud because most of the companies choose it. However, for the government sector, I've used it on-premise, which is the Central Bank of Kenya. One of my clients Cisco Stealthwatch Cloud wanted to map their IT architecture and have visibility. Additionally, they wanted to do API integration with the next-generation firewalls with IPA's and the cross integration with the antivirus, digital forensic discovery solution that they have within the bank. They wanted to see, how they would automate the IT architecture using Cisco Stealthwatch Cloud. In case there is a threat the client needs to do automated incident response, and the solution can act on its own. We do a few tests which are very vital, such as formulated policies. We can see what is on the document, on the ground, and how the policy affects the whole IT architecture. We did those kinds of tests and it went live by automating Cisco Stealthwatch Cloud with a cloud solution and other solutions that they had. We were able to prevent an electric fraud of almost $200,000.
We're a reseller. Our clients are in the financial vertical as well as in the telecommunication vertical. We onsell this solution. We've got an MSSP license, and we propose this solution to clients.
We are global distributors of Cisco Stealthwatch Cloud, we sell the solution to integrators. We usually have a team of engineers, that's the part I work with, to make sure that everything is done together with Cisco. So we work directly with the Cisco team. It's usually deployed in the cloud most of the time. Everything is moving to the cloud.