May you live in interesting times…

We’re currently witnessing a fundamental shift towards a more remote workforce amidst the tumultuous world events of 2020. This recent development made me recall the tongue-in-cheek, 19th century adage – “May you live in interesting times”. This old proverb served as a curse disguised as a fortuitous blessing, as the concept of “interesting times” referred to living through turbulent and unsavory world events. And while I personally don’t believe in curses, the shift that’s currently underway with respect to how and where users work does stand to increase cyber-risks for organizations that are ill-equipped to securely monitor network footprints that have expanded to remote workers’ homes.

 Choosing the right security analytics solution as your networks expand

As networks continue to expand and become more complex, oftentimes at the cost of visibility and control, the recent transition towards remote work as the norm has only further accelerated the demand for network security analytics solutions. As a quick side-note, various terms are used to refer to these solutions – Network Traffic Analysis (NTA), Network Analysis and Visibility (NAV), Network Detection and Response (NDR).

In a recent and timely Business Insider article on the rise of Network Traffic Analysis (NTA) tools, Cisco Stealthwatch was recognized as the top solution. Business Insider’s rationale for listing Cisco Stealthwatch as the top solution was based off of a review it conducted on IT Central Station’s Ranking Scores and customer testimonials. IT Central Station awarded Stealthwatch a Ranking Score of 72 versus scores that ranged from 22 – 54 for other vendors, which came as no surprise due to the tool’s multitude of competitive differentiators.

Selecting the right security analytics solution is critical, especially now, as organizations face evolving network dynamics such as expansion in breadth and complexity, the transition to the cloud, and the shift to remote workers. With that in mind, below are 5 features that exemplify key competitive differentiators that make Stealthwatch the most suitable solution to meet these new network challenges:

Five reasons why Stealthwatch is the most competitive solution:

Scalability – Whereas most tools require purchasing and deploying sensors at every control point, Stealthwatch is agentless so that as your network grows, the solution is both scalable and cost effective.

Encrypted Traffic Analytics (ETA) – Stealthwatch is the only tool that can perform analytics on encrypted traffic without decryption to detect stealthy malware and to ensure that compliance standards are met.

Comprehensive visibility – Stealthwatch not only ingests telemetry from multiple network devices like routers, switches and firewalls, but is also the only solution that can monitor all major cloud environments such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform, as well as private cloud environments, Kubernetes, and serverless networks through its SaaS-based offering Stealthwatch Cloud. Additionally, it gets user contextual data from Cisco Identity Services Engine (ISE) and also ingests proxy, web, and endpoint data to provide comprehensive visibility.

Best-in-class analytics capabilities – Having been around for 20 years, Stealthwatch has a mature and proven anomaly detection system with nearly 100 time-tested behavioral models and approximately 400 machine learning algorithms. It’s also updated hourly by intelligence from Cisco Talos which has over 300 researchers and is the largest non-governmental threat intelligence team in the world.

Industry-leading response capabilities – Stealthwatch comes with the Cisco SecureX platform built-in to provide additional rich contextual data from your environment. The integrated platform approach also includes SecureX threat response, which automates integrations and centralizes information across Cisco security tools to expedite incident investigations and remediations. Stealthwatch also integrates with Cisco Identity Services Engine (ISE) so that upon detection of a threat, it can automatically invoke ISE to change the access policy of a user or device.

 Still not convinced?

Stealthwatch has consistently been recognized as the leading network security analytics solution, but if you’re still not convinced, that’s fair. Why would you take my word for it? Naturally, as an ambassador of Stealthwatch and Cisco’s integrated security portfolio, I’m biased. Your methodology for evaluating solutions should be data-driven and rely on information from objective third-party sources. So, if you would like further validation, check out Stealthwatch’s TechValidate research and Gartner Peer Insights results to hear from actual customers.

Summary: Caveat Emptor

I’ll close by referencing another age-old idiom that comes to mind when I think about the current marketplace – “Caveat Emptor” – Latin for “Buyer Beware”. Over the course of your research, you’ll likely come to the realization that not all solutions have been created equal. Although Stealthwatch’s rankings and customer testimonials speak for themselves, I’d be remiss to not say that you should still get under the hood and perform your own due diligence.

New vulnerabilities have emerged as a result of the ongoing transition towards a more remote workforce and malicious actors aren’t standing by idly or waiting for organizations to adapt their security postures to this new reality.

Don’t let attackers take advantage of your expanding network – learn more about how Cisco Stealthwatch stacks up against the competition and try the solution out for yourself today with a free visibility assessment.


Samuel Brown

Product Marketing Manager, Endpoint Security

Security Marketing