Cisco Secure Network Analytics (formerly Stealthwatch)

Cisco Secure Network Analytics (formerly Stealthwatch) provides enterprise-wide visibility, from the private network to the public cloud to detect and respond to threats in real-time. It continuously analyses network activities and creates a baseline of normal network behavior and then uses this baseline, along with advanced machine learning algorithms, to detect anomalies.

Key Features

Here are the key features of Cisco Secure Network Analytics (formerly Stealthwatch):

1. Enterprise-wide Network Visibility: Provides comprehensive visibility across the entire network, including private networks and public clouds, without deploying sensors everywhere.

2. Real-time Threat Detection: Continuously analyzes network activities to detect and respond to threats in real-time, including advanced threats like Command-and-Control attacks, ransomware, DDoS attacks, and insider threats.

3. Behavioral Modeling and Machine Learning: Uses non-signature-based advanced analytics, including behavioral modeling and machine learning algorithms, to identify anomalies and detect threats.

4. Encrypted Traffic Analysis: Can detect malware in encrypted traffic without any decryption, providing visibility into encrypted communications.

5. Agentless Solution: Leverages existing network infrastructure and telemetry, eliminating the need for additional agents or sensors.

6. Scalability: Easily scales to accommodate network growth, whether adding new branches, data centers, or cloud workloads.

7. Cloud and On-premises Deployment: Can be deployed on-premises or in the cloud, and can be consumed as a SaaS-based or license-based solution.

8. Integration with Cisco SecureX: Integrates with the SecureX platform for extended threat investigation and response capabilities.

9. Global Threat Intelligence: Incorporates threat intelligence from Cisco Talos for superior threat detection and blocking.

10. Forensic Investigations: Enables users to conduct forensic investigations to pinpoint threat sources and determine their propagation.

11. Automatic Role Classification: Automatically classifies new devices as they are added to the network.

12. Reduced False Positives: Significantly reduces false positives by focusing on critical threats affecting the environment.

13. Compliance Support: Helps organizations comply with industry and government regulations worldwide.

14. Flexible Architecture: Includes core components like the Manager and Flow Collector, with optional components such as Flow Sensor and Data Store for a robust setup.

These features make Cisco Secure Network Analytics a comprehensive solution for network visibility, threat detection, and security analytics across complex and evolving network environments.

Description

Scalable visibility and security analytics across your business
Outsmart emerging threats in your digital business with industry-leading machine learning and behavioral modeling provided by Secure Network Analytics (formerly Stealthwatch). Know who is on the network and what they are doing using telemetry from your network infrastructure. Detect advanced threats and respond to them quickly. Protect critical data with smarter network segmentation. And do it all with an agentless solution that grows with your business.

Scalable visibility and security analytics across your business
Outsmart emerging threats in your digital business with industry-leading machine learning and behavioral modeling provided by Secure Network Analytics (formerly Stealthwatch). Know who is on the network and what they are doing using telemetry from your network infrastructure. Detect advanced threats and respond to them quickly. Protect critical data with smarter network segmentation. And do it all with an agentless solution that grows with your business.

FAQs

What is Cisco Secure Network Analytics?
Cisco Secure Network Analytics is a security solution that provides enterprise-wide visibility and real-time monitoring of network traffic to detect and respond to threats
What types of threats can it detect?
It can detect threats such as command-and-control (C&C) attacks, ransomware, DDoS attacks, illicit cryptomining, unknown malware, and insider threats
What components are required for Cisco Secure Network Analytics?
The core required components are the Manager, Flow Collector, and Flow Rate License. Optional components include the Flow Sensor, Cisco Telemetry Broker, and Data Store