We performed a comparison between Cisco Secure Network Analytics and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is a good application, providing for real-time monitoring of the organization of data. It can basically identify points of peak traffic where possible issues are being caused."
"The beginning of any security investigation starts with net flow data."
"The fact that it can identify down to an IP address of a system that is causing problems, or potentially causing problems, is very valuable."
"Able to drill down into a center's utilization, then create reports based on it."
"The solution allowed us to not only get gain insight but also start collaborating with other tools."
"The feature most valuable for us is to gain visibility of what is actually floating through, so we can stop it based on whether it's good or bad traffic."
"The most valuable feature is its alerts and dashboard."
"Visibility. The ability to look East and West. To see what is passing through your circuits, where it is coming from, and how big it is."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"The log correlation is good."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"One area that could be improved in SNA is the integration with Cisco ISE for user and session details, which currently requires additional setup."
"I would like Cisco to make it easier for the administrators to use it."
"One thing I would like to see improved is if it could automatically be tied through ISE, instead of you having to manually get notifications and disable it yourself."
"There's a lot of traffic on our network that we don't see sometimes."
"It's a good solid solution but integration with Network Access Control products with Cisco ISE would be good."
"The customizability of the UI should improve."
"We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too."
"One update I would like to see is an agent-based client. Currently StealthWatch is network based."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"The contamination feature could be improved."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The initial setup requires a high level of skill."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 58 reviews while NetWitness XDR is ranked 9th in Network Detection and Response (NDR) with 15 reviews. Cisco Secure Network Analytics is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Vectra AI. See our Cisco Secure Network Analytics vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.