TechValidate Research on Cisco Secure Network Analytics

These pages present data that TechValidate has sourced via direct research with verified customers and users of Cisco Secure Network Analytics. TechValidate stands behind the authenticity of all published data. Learn more »

1,719 Customers Surveyed

14,055 Data Points Collected

590 Published TechFacts

63 Published Charts

71 Published Case Studies

Featured Research Collections for Cisco Secure Network Analytics

Curated collections and slideshows of TechValidate research data on Cisco Secure Network Analytics.

Selected Research Highlights

Case Study: Office of the Governor, State Of Connecticut


This case study of The Office of Governor, State of Connecticut is based on a December 2012 survey of Cisco Stealthwatch customers by TechValidate, a 3rd-party research service.

“[Cisco] allows our engineers to address network performance issues faster and the Stealthwatch System has made our network more technically visible in our reports.”


  • Solved the following operational challenges with Stealthwatch by Cisco:
    • Reduced mean-time-to-know (MTTK) root cause of network or security incidents
    • Improved in network performance
    • Enhanced network security posture
    • Improved in application performance
    • Improved forensic analysis
    • Increased correlation of user identity and activity
    • Increased flow collection, monitoring and analysis

Use Case

  • Primarily uses Stealthwatch by Cisco in the following ways:
    • Incident Response
    • Network Forensics
    • Security Forensics
    • Application performance monitoring
    • Network performance monitoring
  • Used Stealthwatch to detect or prevent the following security threats:
    • Advanced persistent threats
    • Network malware or virus
    • Suspicious user behavior
    • External hacking attempt
    • Compromised host
    • Command and control traffic / botnets
    • Network reconnaissance
  • Is doing the following with Stealthwatch by Cisco deployment:
    • Monitoring a centralized network with a large number of satellite or retail locations
    • Monitoring traffic within a data center, physical and virtual


  • Chose Stealthwatch by Cisco for the following capabilities:
    • Behavior-based security monitoring
    • Real-time flow monitoring capabilities
    • Internal visibility
    • DDoS
    • Forensics
    • Advanced Persistent Threats (APTs)
    • Auditing and compliance requirements
    • Scalability
    • Application Aware Network Performance Monitoring
  • Selected Stealthwatch by Cisco over the following vendors:
    • Fluke / Visual Network systems
    • Plixer
    • SolarWinds
  • Meets enterprise requirements by utilizing the following Stealthwatch by Cisco benefits:
    • Scalability and flexibility
    • Real-time threat detection and correlation with user identity data
    • Improved incident response and threat management
    • Enterprise-wide visibility into network activity
    • Deployment and support simplicity
    • Forensic analysis
  • Reduced the time it took to mitigate a security incident by 25% to 49% by deploying Stealthwatch.
  • Rated the following Stealthwatch by Cisco capabilities as compared to competing vendors:
    • Network Security: Much Better
    • Performance Monitoring: Much Better
    • Scalability: Much Better
    • Network Visibility: Much Better
    • Innovation: Much Better

Case Study: Fortune 500 Health Care Company


This case study of a fortune 500 health care company is based on a June 2014 survey of Cisco Stealthwatch customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.


  • Purchased Cisco because it is differentiated from competitive products in the following areas:
    • Scalability up to 3 million flows per second
    • 1:1 Flows
    • Advanced behavioral detection
    • Flow analytics
    • Customer support

Use Case

  • Uses Stealthwatch with:
    • Full-packet capture system
  • Is doing the following with Stealthwatch by Cisco deployment:
    • Monitoring a centralized network with a large number of satellite or retail locations


  • The following are the greatest benefits of the internal visibility provided by Cisco Stealthwatch:
    • Monitors individual user activity & mobile devices
    • Continuous internal monitoring
    • Contextual & situational awareness
  • Agrees that Stealthwatch’s user / host-level information is critical for the following:
    • Security
    • Performance monitoring
    • Network troubleshooting
  • Rated Stealthwatch’s effectiveness in the following areas:
    • Detecting DDoS: extremely effective
    • Accelerating incident response and forensics: extremely effective
    • Detecting advanced persistent threats: extremely effective
    • Detecting insider threats / Suspicious behavior: extremely effective
    • Detecting malware / zero-day attacks: extremely effective
  • Rated how critical Cisco Stealthwatch is for the following:
    • Monitoring visibility: Critical
    • Improving security: Critical
    • Managing cyber security: Critical
    • Responding to cyber threats : Critical
  • Selected Stealthwatch by Cisco over the following vendors:
    • Riverbed Cascade / Mazu Networks
    • NetScout
    • Fluke / Visual Network systems

Cisco Stealthwatch Customer Testimonial

Secure Network Analytics (Stealthwatch) provided the visibility into the network that we prior couldn’t see.

David Sanders, Chief Technology Officer, Mesa Public Schools

Stealthwatch Customer Review Rating

How would you rate Cisco Stealthwatch?


Security Uses of Stealthwatch

How are you currently using Stealthwatch?

Specialized threat analysis & protection
Network analysis & visibility
Advanced threat detection
Network performance monitoring & diagnostics

Real-time Network Insight

Cisco provides valuable real-time insight and reporting.

Senior IT Architect, Large Enterprise Professional Services Company

More to Explore

About Cisco Secure Network Analytics

With Cisco Stealthwatch, organizations can improve both network security and performance, and avoid the high costs associated with downtime, security breaches and other issues.

Cisco Secure Network Analytics Website   Cisco Website