Providing IT Managers with data for network load/impact during security scans using Stealthwatch
I work in an environment using Cisco Stealthwatch. We have a cybersecurity team that is doing an audit on our systems where they are scanning the network for vulnerabilities and other problems. I have to provide my management team with the outputted Stealthwatch results. I need to hone in on specific output.
Essentially, this team is just doing passive scans on our network. They are connecting Gigamon aggregators? and use Nessus to scan the network. They are just using laptops connected to the switch via an access port. I need to write up a report to management the network load their putting on the core switch. I know that their scanning is very low impact, but just need to verify that I am looking at the right tables/graphs to see the overall impact they are putting on the network.
Should I just use the Daily Report? Or is there some other output in Stealthwatch that I should be looking at that would provide more granular results. I know what ports the cyber team is connected to on the switch, but I don't believe I can actually look at data for those ports, just "index" correct?
Learn about the rapidly evolving cyberthreat landscape and how both organizations and users can protect themselves as we transition to a forever hybrid world through a conversation with Cisco Talos Security Research Leader for Europe, Middle East, Africa,...
When we said the word “hybrid” in the past, it usually recalled the image of a new variety of plant or maybe an electric car. These days, it applies to the workplace too.
The future of work isn’t “changing” to a h...
Thanks for attending our Ask the Experts (ATXs) session! Here’s the post-session resources for easy reference.
New to ATXs? An ATXs session, offered at no cost, is an hour of real-time learning led by Cisco experts, who will answer your technology q...
Cisco Secure Endpoint
New packages fit for every organization
Every Cisco Secure Endpoint (formerly AMP for Endpoints) package comes with Cisco SecureX built-in. It’s our cloud-native platform that integrates all your security solutions into one view wit...