At-a-Glance
Lancope StealthWatch
System
Improve Visibility Across the Network to Enhance
Threat Detection
Today’s enterprise network is more complex and distributed than ever
before. New security challenges arise weekly. The ever-evolving threat
landscape, along with trends such as cloud computing and the Internet of
Things, further complicates the situation. Unfortunately, as more and more
users and devices are added to the network, gaining visibility into what’s
going on is harder to achieve. And you can’t protect what you can’t see.
Benefits
• Gain visibility across all network
conversations, including eastwest and north-south traffic,
to detect both internal and
external threats
• Conduct advanced security
analytics and obtain in-depth
context to detect a wide range
of anomalous behaviors that
may signify an attack
• Accelerate and improve
threat detection, incident
response, and forensics across
the entire network
• Enable deeper forensic
investigations with audit
histories of network activity
Seeing into all traffic flows, applications, users, and devices that are
known and unknown is critical to determine whether there may be
anomalous behavior occurring on your network. Using sophisticated
behavioral analytics, the StealthWatch System transforms data from
existing infrastructure into actionable intelligence for improved network
visibility and security and accelerated incident response.
Continuous Network Traffic Analysis for Accelerated
Incident Response and Forensics
The StealthWatch System dramatically improves network visibility,
security, and response times to questionable incidents across the entire
network. It helps security operations staff gain real-time situational
awareness of all users, devices, and traffic on the network, in the
data center, and in the cloud. And it allows security teams to quickly
and effectively respond to threats before, during, and after a security
incident by providing real-time, continuous monitoring and pervasive
views into all network traffic.
Applying context-aware security analysis to automatically detect
anomalous behaviors, StealthWatch can identify a wide range of attacks,
including malware, zero-day attacks, distributed denial-of-service (DDoS)
attempts, advanced persistent threats (APTs), and insider threats.
• Simplify compliance, network
segmentation, performance
monitoring, and capacity
planning by extending visibility
across the network
© 2016 Cisco and/or its affiliates. All rights reserved.
nce
At-a-Glance
“Immediately upon deployment,
StealthWatch uncovered 400
misbehaving hosts and helped
reduce network threats by 90
percent.”
Dartmouth College
“MEMC Electronic Materials,
Inc. has experienced an
improvement in network
baselining, real-time threat
detection, incident response,
forensic investigations, and
network troubleshooting with
StealthWatch.”
Brian Barry
Security Manager,
MEMC Electronic Materials, Inc.
“Lancope’s StealthWatch
System is a product that
provides so much insight
into what is really happening
within your network, and gives
the best blend of advance
notice of problems combined
with historic reporting using
standard flow data.”
StealthWatch does all this by providing:
• Deep visibility across the network perimeter, interior, data center, and
private and public cloud
• A simplified understanding of normal network behavior by using
NetFlow to establish a baseline for easily pinpointing anomalous
behavior
• Continuous monitoring of devices, applications, and users throughout
distributed networks
• Advanced security analytics and intelligence to detect a wide range of
behaviors that could signify an attack
• Acceleration of incident response times with real-time
threat detection
• Superior forensic investigations with comprehensive network
audit trails
• Simplified capabilities for network planning, segmentation,
diagnostics, and compliance validation
• Integration with the network infrastructure, Cisco® Identity Services
Engine, and hardware supporting Cisco TrustSec® technology to use
the network as a security sensor and enforcer
Next Steps
StealthWatch collects and analyzes massive amounts of network
data to deliver comprehensive visibility and protection for even the
largest, most dynamic networks. To learn more about StealthWatch,
visit www.cisco.com/go/stealthwatch or contact your local Cisco
account representative.
Steve Mould
Senior IT Architect, Experian
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of
Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/
go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner
does not imply a partnership relationship between Cisco and any other company. (1110R)
C45-736510-00 04/16