I wasn't involved in the decision-making when it happened. It was a couple of years ago, but I can't think of the vendor's name. They used to be here at Cisco Live. But it was another NetFlow vendor, but they were strictly NetFlow and all they did was just a net flow and the …
After integrating and developing a lot of security features in MF NNM, we were not able to meet the requirements from the customer. After the alternative research, we got to know about this Cisco Secure Network Analytics tool and after implementing the same, we finally were …
While other platforms such as Nagios and Solarwinds NTA provide visibility of the traffic, it either (*) does not provide API/programmatic way to pull the data to other platforms or (*) does not interface with secondary security systems to report on malicious traffic activity. …
In order for Armis to truly provide value, it will require spans and taps at every location. This is not feasible in most places since not all sides have the infrastructure to support this and now you are required to support an additional appliance at every site. Stealthwatch …
Wireshark
is a good option in a lower budget, but Wireshark also has lesser security as
compared to Cisco which compelled us to look for something else in [the] same price but with more better features.
In addition [to] Cisco SteathWatch, we highly evaluated Cisco AnyConnect and Cisco Advanced Malware Protection for Endpoints (Cisco APM4E). Often [these] solutions complement each other and improve network security level. Each of them separate[ly] [are] handy products for …
Cisco has advantages in terms of the following: 1. Encrypted Traffic Analytics provides visibility and control to traffic without the need to decrypt it.
2. Threat detection that collects proxy records and associates them with flow records, delivering the user application, and …
NTOP is the only thing out there, in my opinion, that provides similar type of visibility. But StealthWatch is the product all vendors should strive to emulate. It is easy to install; it is easy to configure; it works as advertised (and then some). I do recommend the …
Cisco Secure Network Analytics is in a class of its own and some of these products come close but are not in the same class. The other products I tested take a lot more of them to get the same results you would from the Enterprise class of Cisco products. I have been very happy …
It is a similar product to Cisco ThousandEyes. Both solutions give good network monitoring and traffic analysis. But Cisco ThousandEyes works better with Cisco devices and has real-time alerts that are very useful. It also helps to see network problems faster and make …
This technology helps us and our customers understand the value and importance of our business. Not only for our business but also for Cisco business. We are developing a lot of apps in .net so we will like to have support for that in Cisco products that we and our customers …
We did briefly look into DynaTrace, but it was too much product for what we needed though and was much more expensive then just adding the licensing to our Cisco existing licenses.
Juniper RPM offers device config level sla testing in the service stream layer. Whilst this is good and is monitorable via snmp, the config can be fiddly and needs a Juniper device at the other end as a reply point
Cisco ThousandEyes has a great "macro" view and gui allowing easy to understand metrics. It also makes it easy to run synthetic application tests to measure reachability between two endpoints.
Kentik Synthetics is a newer competitor of Cisco ThousandEyes. Both do very similar things but Cisco ThousandEyes currently is the more mature platform. However, the pricing of Synthetics is very attractive. It does not have the robustness of Cisco ThousandEyes or the …
Connected directly to the switch. Other vendors all seem to be add-ons. They claim they are different, but I don't know why I would go spend additional money for another product.
Cisco Secure Network Analytics is a compulsion to any organization looking to secure their network in silence with a complete record and analysis of the threats. All the critical information of the client is also preserved for instance and assistance for future needs. Cyber-attacks can’t even think to roam about your network in any case.
As a service provider that is in multiple datacenters it's a great tool to use and leverage. Alot of smaller providers are only using NMS nodes that are hosted in their HQ or in spots that aren't where their content is hosted. Being able to run tests directly from your datacenters (between them or to the content provider itself) gives more accurate results. The downside is if you have no server infrastructure you'll have to install servers/machines to utilize it.
It's really good at mapping out like what applications are, like who's talking to what. To see if someone thinks that a particular application is only being used a certain way and we can validate what's talking to that system with the tool.
Agent to Agent testing. Full round trip test. Have a customer using a Server Side API that is having an issue. Loan a Nuc, or have them install the ThousandEyes agent in their network. You'll find the issue guaranteed.
Device Layer vision - ability to see from the server, through the Firewall, switches Proxy and internet. Measure jitter, latency, response time, load time and see the path your packet takes.
Share your tests live. Provide the customer a link to a live test, they can see what you do, review your metrics and verify your tests. They can also use it as a tool to better their service. Build the trust and stickiness with your customers' most difficult users - the IT Operations team.
Validate your QOS and routes for VOIP, video conferences, and data traffic. Highly flexible and configurable complete with transaction-based testing, custom headers, calls and tools to mimic any scenario you need.
We have the product, we have a fair amount of wireless issues. You have to go through so many hoops, links and selections that I would think would've been impossible. Maybe if you have a specialized engineer, you would be able to use the thousandeyes product to troubleshoot a problem. But if I want to share with our knock, for example, would be very challenging because there is so many paths that you have to go and there is so many assumptions you have to do to actually find the root cause of the problem. What I would expect is maybe what they can do is implementing some AI today on this product to give some hints, "hey, this might be the problem because the data is there but it's difficult to find." We need an easier way to find how we can use the platform to point out where's the root cause of those problems.
Cisco Secure Network Analytics is a fantastic tool, but does require some setup and upkeep which may turn off smaller IT Security teams. However, once all the flows are set up and the product is functioning with the proper rules, the insight into your network is fantastic. For us, the product has a significant ROI and will be a product we keep up on.
We will definitely renew and maybe even extend our usage of ThousandEyes. We have been using ThousandEyes now for a couple of years and it has shown us major benefits. With the new options it offers for SD-WAN for us it is a no brainer to renew our current licenses
Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.
There is definitely a learning curve to ThousandEyes, but once you understand how the client deployment works and how to set up monitoring, things go pretty smoothly. I think the initial setting up of clients on endpoints can be a little tricky though.
We haven't had too many issues with the uptime and availability of CSNA, but the application does have a lot of dependancies and we have seen issues after an upgrade that caused an outage for several hours.
Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.
You have online support from the tool itself 24/7 and they are very responsive. We also have a specific account manager and specific engineer assigned to help us with very specific questions for our environment. The level of response to our requirements is always super high. We have requested specific features to be added and these have been developed and introduced very quick tot he product (within weeks). Their DevOps and agile approach seems to pay off.
Our Cisco reps actually had someone teach us a few things about the functionality of ThousandEyes, and it helped a lot. The training was good and we had follow-up assistance as well when we had questions about the monitoring and reporting functions. Overall, we were satisfied with the training and support.
Implementation of the product can be tedious, especially fine tuning its rules to customize it to your environment. However, after that is done, CSNA is a very useful and flexible product that would enhance the security posture of any corporate network.
Our implementation was pretty straightforward, with some issues loading clients on endpoints. We didn't have any notable issues, and I don't really have any additional insights.
While other platforms such as Nagios and Solarwinds NTA provide visibility of the traffic, it either (*) does not provide API/programmatic way to pull the data to other platforms or (*) does not interface with secondary security systems to report on malicious traffic activity. Ultimately, these platforms accomplish the visibility, but do little else in the overall IT/security ecosystem of product, making them "dead end" data flow products where data goes in but does not share elsewhere.
It is a similar product to Cisco ThousandEyes. Both solutions give good network monitoring and traffic analysis. But Cisco ThousandEyes works better with Cisco devices and has real-time alerts that are very useful. It also helps to see network problems faster and make troubleshooting easier. Cisco ThousandEyes is also better for checking SaaS and cloud apps like Azure, AWS, Webex, etc. It has endpoint agents that show network quality directly from user devices. The web interface is simple to use, so the learning curve is not too steep. Also, it has many monitoring points around the world, making it easy to check performance outside the company network.
I think this product would be infinitely scalable since it's all cloud hosted and can support thousands of endpoints if needed. We are only using it for a limited number of endpoints, so we never really considered scalability.
Once tuned and baselines established, it is far easier to identify issues on a network
Management is able to look at the dashboard and fairly quickly get an update on the status of how the network is performing and what threats may be out there
Reports can be scheduled to send on a regular basis to all involved with management of the infrastructure and the security team
ThousandEyes has helped us quickly isolate issues on some high-profile (within the organization) incidents and whether the network (internally or on the Internet) is at fault. If it is, it becomes easier to see the "where" of the issues quicker so we can move onto what the issue is faster. In the case of non-network related issues, it helps us get the appropriate teams or individuals involved sooner.