Cisco Stealthwatch 6.8
Company: Cisco, San Jose, CA
Company Description: Cisco (NASDAQ: CSCO) is the worldwide technology leader that has been making the Internet work since 1984. Our people, products, and partners help society securely connect and seize tomorrow's digital opportunity today. Discover more at thenetwork.cisco.com and follow us on Twitter at @Cisco.
Nomination Category: New Product & Service Categories - Software
Nomination Sub Category: New Product or Service of the Year - Software - Network Security Solution
Nomination Title: Cisco Stealthwatch 6.8
Tell the story about this nominated product or service (up to 650 words). Describe its function, features, benefits, and performance to date:
As cyber-attacks become more advanced, organizations continue to buy new security products to combat each new threat. However, it is still taking an average of 100-200 days for companies to detect new attacks on their network.
The problem is that most security technologies are designed to solve a very specific problem – monitoring limited segments of an organization’s IT infrastructure, or searching only for a certain type of threat. Unfortunately, these technologies are not talking to one another, so security teams are forced to spend an overwhelming amount of man-hours analyzing logs from each separate tool to try to piece together what is going on in their network and where attackers may be hiding.
According to the Ponemon Institute, 76 percent of IT professionals say a lack of visibility is their biggest security challenge. Cisco Stealthwatch was designed specifically with this challenge in mind. It collects and analyzes massive amounts of data from an organization’s routers, switches, and firewalls to deliver in-depth visibility across the entire network.
Stealthwatch monitors for suspicious behaviors – such as a user sending out an unusual amount of data – and immediately alerts the security team so that threats can be mitigated before they turn into damaging data breaches. Due in part to Stealthwatch, Cisco’s median time to detect new threats is now only 6 hours (versus the industry average of 100-200 days).
By leveraging data from existing infrastructure, Stealthwatch enables organizations to:
1) Protect previous investments in IT infrastructure
2) Reduce the need for multiple, disjointed security products
3) Turn their entire network into an always-on security sensor
4 )Eliminate dangerous gaps in network visibility
5) Decrease the amount of time spent on manual security analysis
6) Obtain greater situational awareness for less cost
7) Detect threats faster and more efficiently, reducing business impact
According to Dartmouth College, “Immediately upon deployment, Stealthwatch uncovered 400 misbehaving hosts and helped reduce network threats by 90 percent.” And according to a study by Forrester Consulting, Stealthwatch can result in a 259 percent ROI in three years, and can produce a payback period of just 10 months.
2016 – A Major Turning Point for Stealthwatch
2016 was a big year for Stealthwatch. The Enterprise Strategy Group recently reported that 90 percent of IT professionals feel network security monitoring needs to include visibility into the cloud moving forward. In 2016, Cisco released Stealthwatch 6.8, which includes the key addition of public cloud visibility.
Now, in addition to monitoring for anomalous behavior across the network core, edge, and data center, Stealthwatch can also detect potential threats within customers’ public cloud environments. With Stealthwatch 6.8, users can monitor threats across all of their infrastructure — including physical, virtual, and cloud — all from a single interface.
Originally developed by Lancope, Inc., 2016 was also the year that Stealthwatch became part of the Cisco Security portfolio via acquisition. Another key element of Stealthwatch 6.8 is stronger integration with other Cisco security products.
Through integration with Cisco, Stealthwatch can now access and analyze even more network data, and can share its findings with other Cisco products to help automate threat mitigation. For example, Stealthwatch can collect and analyze valuable user and device details from the Cisco Identity Services Engine (ISE) network access control platform and, in turn, alert ISE to automatically quarantine suspicious hosts, accelerating incident response.
Integration with the Cisco portfolio also enables Stealthwatch customers to expand their network segmentation capabilities. As attackers continue to find clever ways to infiltrate enterprise networks, network segmentation has become an increasingly critical capability for ensuring that attackers do not get the keys to the entire kingdom if they are able to break in.
Stealthwatch is a leader in the security space, and last year’s launch of version 6.8 and evolution as part of the Cisco portfolio significantly advanced the product and ensured that it will continue to keep customers safe for years to come.
In bullet-list form, briefly summarize up to ten (10) of the chief features and benefits of the nominated product or service (up to 150 words).
1. Extensive network visibility and security intelligence.
2. End-to-end security insight across the entire network, including the public cloud.
3. Reduction of dangerous network blind spots.
4. Detection of both external attackers and insider threats.
5. Accelerated threat detection and response. (Minutes/hours versus days/weeks.)
6. Savings in technology and resource investment. (One customer reported a 75 percent cost savings with Stealthwatch compared to other internal network monitoring technologies.)
7. Massive scalability for cost-effectively securing even the largest networks.
8. Ability to store security data for months or even years to improve forensic investigations.
9. Integration with the Cisco Security portfolio for comprehensive, seamless security.
10. Support for additional efforts beyond security, including regulatory compliance and network performance.