Harness the power of data to protect your organisation
Cisco Stealthwatch goes beyond conventional threat detection and harnesses the power of NetFlow for security. It enables you to get advanced network visibility and provides you with network protection. You see everything happening across your network and data centre and you can uncover attacks that bypass the perimeter and infiltrate your internal environment.
You get visibility and security intelligence across the extended enterprise and the entire attack continuum. That means before, during, and after an attack. It also continuously monitors your network interior, where sophisticated attackers often lurk undetected, providing you with:
Stealthwatch ingests and conducts proprietary analytics on NetFlow data from the network infrastructure. It uncovers critical details on network traffic, including:
You gain in-depth insight into everything going on across the network and can quickly baseline normal behavior. It's then much easier to pinpoint when something looks suspicious. Add-on capabilities like the Proxy License and Cloud License to get even more layers of visibility and context.
It can identify malware, distributed denial-of-service (DDoS) attacks, advanced persistent threats (APTs), and insider threats. It monitors both north-south and east-west (lateral) movements to detect the widest range of attacks.
Stealthwatch does more than improve real-time threat detection. It turns NetFlow and other types of network data into actionable intelligence to speed incident response.
Stealthwatch's ability to store network data for months or even years provides an invaluable historical audit trail of all network activity. This capability makes Stealthwatch essential for conducting faster, more precise post-incident forensic investigations.
Consistently enforce policies across the network and scale from mobile users to the data center.
Use the Cisco Identity Services Engine, our award-winning central policy management platform, to:
With ISE you gain awareness of everything hitting your network. Provide access consistently and efficiently. Relieve the stress of complex access management.
Simplify access across wired, wireless, and VPN connections. Policies are cascaded across all types of access points and cascade policies easily across all types of access points.
Users and devices see a simple, flexible interface. Then share these details through the Cisco Platform Exchange Grid (pxGrid) with partner platforms to make them user, device, and network aware.
ISE can assess vulnerabilities and apply threat intelligence so you can reduce risks and contain threats by dynamically controlling network access. You can also contain a suspicious device for remediation.
Cisco TrustSec technology simplifies the provisioning of network access, accelerates security operations, and consistently enforces policy anywhere in the network.
This scalable and agile segmentation technology is embedded in more than 40 switches, routers, wireless devices, and other Cisco products.
Traffic classification is based on endpoint identity, not IP address.
It is also not based on IP-based access control lists (ACLs), so policy changes don’t require network redesign.
See how you can best implement network segmentation with Cisco TrustSec:
Stealthwatch, ISE and TrustSec work in tandem together to give you the most robust network security. Together you can identify and appropriately segment critical network assets, as well as monitor usage policies, to improve access control and protection.
Want to find out more about our security capabilities? Watch Kevin Skahill explain how network sensing and software-defined segmentation is used to protect endpoints and applications against a new and sophisticated species of threats.
Cisco Stealthwatch
Cisco ISE (Identity Services Engine)
TrustSec