TechValidate Research on Cisco Stealthwatch

These pages present data that TechValidate has sourced via direct research with verified customers and users of Cisco Stealthwatch. TechValidate stands behind the authenticity of all published data. Learn more »

1,439 Customers Surveyed

11,476 Data Points Collected

422 Published TechFacts

51 Published Charts

70 Published Case Studies

Featured Research Collections for Cisco Stealthwatch

Curated collections and slideshows of TechValidate research data on Cisco Stealthwatch.

Selected Research Highlights

Cisco Provides Advanced Threat Detection

An educational institution agrees that early detection of advanced threats (APTs, malware, etc.), faster Incident response, forensics, continuous internal monitoring, contextual & situational awareness, and cross-department collaboration are the greatest benefits of the internal visibility provided by Cisco Stealthwatch.

StealthWatch Threat Detection

How effective is StealthWatch at the following?

Extremely Effective Effective Ineffective Uncertain

Detecting DDoS
Accelerating incident response and forensics
Detecting advanced persistent threats
Detecting insider threats / Suspicious behavior
Detecting malware / zero-day attacks

Stealthwatch – Internal Visibility Provides Security Benefits

What do you find to be the greatest benefit of the internal visibility provided by Cisco Stealthwatch?

Earliest detection of advanced threats (APTs, malware, etc.)
Faster Incident response
Monitors individual user activity & mobile devices
Continuous internal monitoring
Contextual & situational awareness
Meets auditing & compliance requirements
Cross-department collaboration

Network Analysis & Visibility

90% of surveyed IT organizations are currently using Stealthwatch for Network Analysis & Visibility.

Case Study: Stanford University


This case study of Stanford University is based on a December 2012 survey of Cisco Stealthwatch customers by TechValidate, a 3rd-party research service.

“[Cisco’s Stealthwatch] validates the fact that when a system is compromised/virused – we have the network information to back it up in the form of flows.”


  • Solved the following operational challenges with Stealthwatch by Cisco:
    • Enhanced network security posture
    • Improved forensic analysis
    • Increased flow collection, monitoring and analysis

Use Case

  • Primarily uses Stealthwatch by Cisco in the following ways:
    • Incident Response
    • Network Forensics
    • Security Forensics
  • Used Stealthwatch to detect or prevent the following security threats:
    • Network malware or virus
    • Suspicious user behavior
    • External hacking attempt
    • Compromised host
    • Network reconnaissance
  • Is doing the following with Stealthwatch by Cisco deployment:
    • Monitoring a centralized network with a large number of satellite or retail locations
    • Operating in a classified network with strictly controlled access to specific segments


  • Chose Stealthwatch by Cisco for the following capabilities:
    • Behavior-based security monitoring
    • Real-time flow monitoring capabilities
    • Internal visibility
  • Selected Stealthwatch by Cisco over the following vendors:
    • Q1 Labs / IBM
    • Riverbed Cascade / Mazu Networks
    • Arbor Networks
    • In-house monitoring solution
    • Open source solution
  • Meets enterprise requirements by utilizing the following Stealthwatch by Cisco benefits:
    • Real-time threat detection and correlation with user identity data
    • Enterprise-wide visibility into network activity
    • Deployment and support simplicity
    • Forensic analysis
  • Rated the following Stealthwatch by Cisco capabilities as compared to competing vendors:
    • Network Security: Better
    • Performance Monitoring: Better
    • Scalability: Better
    • Network Visibility: Better
    • Innovation: Better

Case Study: The University Of Manchester


This case study of The University of Manchester is based on a November 2013 survey of Cisco Stealthwatch customers by TechValidate, a 3rd-party research service.

“Stealthwatch provides an holistic view of our network rather than a specific link or part of the network. The rich functionality together with the superb customer support gives us an excellent tool for combating security issues on the network.”


  • Purchased Cisco because it is differentiated from competitive products in the following areas:
    • 1:1 Flows
    • Advanced behavioral detection
    • Flow analytics
    • Customer support

Use Case

  • Is currently using Stealthwatch for:
    • Network analysis & visibility
    • Network performance monitoring & diagnostics
  • Uses StealthWatch with:
    • VPN


  • The following are the greatest benefits of the internal visibility provided by Cisco Stealthwatch:
    • Faster incident response
    • Forensics
    • Continuous internal monitoring
  • Agrees that Stealthwatch’s user/host-level information is critical for the following:
    • Security
    • Performance monitoring
    • Forensics
  • Rated Stealthwatch’s effectiveness in the following areas:
    • accelerating incident response and forensics: extremely effective
    • detecting insider threats / Suspicious behavior: extremely effective
    • detecting malware / zero-day attacks: effective
  • Saves hours per incident for determining Mean-Time-To-Identify threats and Mean-Time-To-Know root cause using Stealthwatch.
  • Rated how critical Cisco Stealthwatch is for the following:
    • Monitoring visibility: very critical
    • Improving security: very critical
    • Managing cyber security: very critical
    • Responding to cyber threats : Critical
  • Ranks Cisco’s customer support as excellent.

More to Explore

About Cisco Stealthwatch

With Cisco Stealthwatch, organizations can improve both network security and performance, and avoid the high costs associated with downtime, security breaches and other issues.

Cisco Stealthwatch Website   Cisco Website