HiI have been reading and watching some videos. Looking for some best practices on what alerts to enable - lets to be emailed or sysloged. I watched one video out there, and it was not very helpful. If there were 5 alerts, which would be one.. I know...
Welcome to the Security Analytics Board!
Please take a look at our Stealthwatch Information Hub and our Stealthwatch Use Cases.Forum Posts
I have got Cisco Stealthwatch - it receives netflows from my SPANs and also directly from ASA. My issue is that my stealthwatch does not show any information about autonomous systems at all. When I navigate from Java console to Traffic -> Autonomous ...
Resolved! Stealthwatch Patches
I need to apply rollup patches on my customer's Stealthwatch management console (SMC) and their flow collector (FC). The documentation on how to apply patches is very good. However, it doesn't explain how to rollback patches in case installing patche...
Hello, I am looking for a comparison between Cisco Stealthwatch vs Darktrace. What are the major differences? Do they complement each other in some aspect? regards,
Hi we are looking at purchasing StealthWatch for VMware and to get started I need some clarification on what part numbers and how many per part. Cisco Stealthwatch Enterprise Data Sheet https://www.cisco.com/c/en/us/products/collateral/security/st...
Hi Sir: When I pass the SMC configuration wizard . How to add flow collector by manually ?
Resolved! WLC Netflow for Cisco Stealthwatch
I have a problem in setting up netflow for Cisco Stealthwatch. I've set up the exporter in WLC through GUI, but Stealthwatch didn't show any data. Stealthwatch read the flows from WLC, but no data about the clients. Stealthwatch displayed an error "E...
I have a C9300 running IOS XE v 16.06.03 (CAT9K-IOSXE) and the network-advantage and dna-advantage licenses installed. I am trying to verify that the encrypted traffic analysis, et-analytics, feature is configured and working properly. I followed ...
Hello all, I setup CTA and ETA with Catalyst9300 and Stealthwatch.How can I confirm that ETA works fine?I uploaded the large file to the web server which has self signed certificate.But no alarm occurred.Should I use real malware? If yes, which mal...
Hi,I have issue of security event "Ping Oversized Packet" in Stealthwatch. In documentation I see next: "It searches for ICMP packets that are larger than thestandard size of 90 bytes, either as an ICMP echo request(if the host is the destination of ...
Hi Guys, Recently my company purchased 2 Cisco Catalyst 9000 switches with DNA Advantage software license, I noticed the DNA Advantage software included Encrypted Traffic Analytic(ETA) feature, but we don't have any NetFlow collector like StealthWa...
I am attempting to add the packet analyzer to Stealthwatch for a customer and I am getting the error, "Name is missing"
Resolved! Stealthwatch setup and functionalities
Hi; I'm working on Stealthwatch and to practice it's futures I downloaded the "Trial" virtual components (version 6.10.2) and installed/configured in this order: I installed Flow Collector virtual. I installed Management Console virtual. I created m...
I'm getting an error (exporter has sent invalid template data) running WLC netflow to StealthWatch.WLC model 5508WLC version 8.2.141.0Has anyone setup WLC netflow to stealthWatch flow collector?TAC is saying that it was removed on 8.2 for the WLC 55...
Hi..I have internet bound traffic from sources that goes via perimeter firewall, there is other internet bound traffic from sources that goes through a proxy server before going to the perimeter firewall.I need to be able to create flow diagrams that...
