2024-11-20 23:34:04

Cisco Stealthwatch Cloud - Public Cloud Monitoring

Detect external and internal threats across your environment, from private network to branch office to public cloud.


  • Company Name : Cisco



  • About Solution :

    Product Overview

     

     

    Free 60 Day Trial is available on the Metered version of this product, Contracts allows the user to select a fixed rate EMF volume with any overage at fixed per EMF price, support is included. Public Cloud Monitoring (PCM), an AWS Native Security Visibility Service, provides security monitoring and visualization services for AWS infrastructure using advanced modeling and machine learning techniques. Our service learns normal behavior for a resource or a user. When a behavior change is observed that should be investigated, Stealthwatch Cloud will generate an alert with various details.

     

     

    PCM consumes VPC flow logs and models all IP traffic generated by your resources, both inside the VPC and to external IP addresses. New Remote Access, Geographic Unusual Remote Access, Excessive Access Attempts and Potential Database Exfiltration are examples of Stealthwatch Cloud alerts. In addition, network reports like top IPs, top ports, active subnets with traffic statistics, etc, are available.

     

     

    PCM also integrated with additional AWS log sources like Cloud Trail, Cloud Watch, Config, Inspector, IAM, Lambda, etc. Abnormal User, Geographically Unusual AWS API Usage, Permissive AWS Security Group activity, and Inspector Findings are examples of alerts produced from these other AWS sources.

     

     

    Usage is based on the amount of flow log information that is sent and processed. The billable metric is referred to as Effective Mega Flows and equates to roughly one million lines of processed log data.

  1. Feature 1 : Automated monitoring and visibility. Stealthwatch Cloud provides visibility to every AWS asset and user. Machine learning and modeling algorithms lead to a deeper understanding of normal activity while providing automatic threat detection.
  2. Feature 2 : Easy to use. Leveraging embedded AWS tools like VPC Flow Logs, Inspector, Config, and Cloud Trail Stealthwatch Cloud requires little setup. There are no agents to install, AMIs to deploy or rules to write. Metered version also available.
  3. Feature 3 : Extremely Low noise. Stealthwatch Cloud's unique dynamic learning of your asset's behavior means that only meaningful alerts are generated. Customers have historically rated 95% + of Stealthwatch Cloud's alerts as "helpful".
  1. USP 1 : Easy to use. Leveraging embedded AWS tools like VPC Flow Logs, Inspector, Config, and Cloud Trail Stealthwatch Cloud requires little setup. There are no agents to install, AMIs to deploy or rules to write. Metered version also available.
  1. Price 1 : 180 - 1 Month
  2. Price 2 : 1901 - 12 Months
  3. Price 3 : 3672 - 24 Months
  1. Feedback 1 : Visibility, Scalability & and Security Analytics across your Organization.
  2. Feedback 2 : Cisco StealthWatch is an easy way of gaining visibility into your network
  3. Feedback 3 : Stealtwatch gives a powerfull insights in our network flows
  1. Story 1 : “Building a resilient, connected network, we've been able to join our places and people together so they can work effectively. Our partnership with Cisco has been strategically important, allowing us to build a solid foundation to enable our conservation efforts.” Jon Townsend, CIO, National Trust
  2. Story 2 : “It used to take us days to get a switch configured and months to do a data center software upgrade. With Cisco ACI and our enhanced Ansible playbooks, we are able to achieve zero-touch provisioning for switches, and data center software upgrades only take weeks. That’s an incredible gain of speed and agility.” Thomas Mouilleseaux, Global Head of Network Architecture, Security, Reliability and Automation, Societe Generale
  3. Story 3 : “Cisco added huge value to my thought leadership that helped us chart a way forward, together. Cisco also provided the security architecture we'd use to automate some of our product integrations and accelerate key security operations.” Michael Jenkins, Chief Information Security Officer Brunel University London

Contact