Scalable Visibility & Security Analytics
Comprehensive visibility allows security personnel to gain real-time situational awareness of all activity taking place on the network. This is achieved by collecting NetFlow and other forms of telemetry from network infrastructure devices such as switches, routers, and firewalls.
Cisco Stealthwatch uses behavioral analysis. Traditionally, security solutions have relied on signatures to detect threats, which overlook advanced, never-before-seen, and targeted attacks. Cisco Stealthwatch instead monitors network behavior, singling out suspicious activity for investigation. Even the most sophisticated and evasive threat actors are quickly identified.
Cisco Stealthwatch also helps incident responders and network operators investigate security and network incidents. It uses NetFlow to build a historic audit trail, which records every transaction that takes place on the network. Investigators can then use this audit trail to quickly uncover the underlying cause of an incident.