cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2060
Views
5
Helpful
3
Replies
UncleJP
Beginner

Is Cisco Stealthwatch separate from Cisco AMP?

Is Cisco Stealthwatch separate from Cisco AMP? Or, is it just another part of Cisco AMP, like WSA and ESA?

 

Any input is appreciated.

1 ACCEPTED SOLUTION

Accepted Solutions
Rob Ingram
VIP Mentor

Hi,
Stealthwatch is separate from AMP, it provides visibility and network traffic analysis.
Stealthwatch is not another part of AMP like ESA or WSA.

HTH

View solution in original post

3 REPLIES 3
Rob Ingram
VIP Mentor

Hi,
Stealthwatch is separate from AMP, it provides visibility and network traffic analysis.
Stealthwatch is not another part of AMP like ESA or WSA.

HTH

View solution in original post

I think where this might be confusing is AMP for Networks instead of AMP for Endpoints.

The brochure information for AMP for Networks seems identical to Stealthwatch, so it's really confusing.

(Cisco renamed Stealthwatch, so I'm probably calling it the wrong thing)

 

Marvin Rhoads
VIP Community Legend

AMP for Networks and AMP for Endpoints ("Cisco Secure Endpoint") both use components of Threatgrid in the backend to perform analysis or previously unseen files. They can only act on what they see passing through the firewall (mostly in plain text) or being acted upon by the endpoint.

Stealthwatch ("Cisco Secure Analytics") is a network detection and response solution that uses sensor information (primarily Netflow) to monitor and analyze the network comprehensively. It uses a much more advanced set of machine learning and artificial intelligence capabilities to draw inferences about behavior and threats based on analysis of that information. (And of course it's "reassuringly expensive" to account for that.)

Create
Recognize Your Peers
Content for Community-Ad