Disclaimer: This is a user generated content submitted by a member of the WriteUpCafe Community. The views and writings here reflect that of the author and not of WriteUpCafe. If you have any complaints regarding this post kindly report it to us.

Cisco StealthWatch Monitoring Features

Cisco Stealthwatch is a security tool that gives us very deep and detailed visibility into our network allowing us to keep track of everything happening through network telemetry. Within Cisco Secure Network Analytics dashboard several alarm categories are available and for each category you can see a number which indicates how many network endpoints are currently exhibiting that particular behavior.

Cisco StealthWatch Alarming

Within the dashboard, some intuitive graphical represent our network activity and alarming hosts. Essentially, the concern index is essentially a measure of repetition. With the Cisco StealthWatch Recon category, hosts would trigger this alarm if they are performing unauthorized scans using tcp or udp against hosts in the network. That can be an early indicator that someone is gathering intel about the network.

Cisco Cognitive Threat Analytics

Cognitive threat analytics uses Cisco cloud-based machine learning engine and this is used to automatically identify suspicious or malicious web traffic. Cisco cognitive intelligence automatically analyzes over 10 billion web requests every day, so it has the ability to create a baseline of normal activity on your network and use that analytical data to identify any traffic anomalies that might be found.

Cisco Stealthwatch Flow Collection Trend

Stealthwatch leverages network telemetry using NetFlow data and this feature is going to give you a quick look at the flows per second that were detected within the last 24 hours of operation. So this is going to allow you to see spikes in your traffic from a high level.

Login

Welcome to WriteUpCafe Community

Join our community to engage with fellow bloggers and increase the visibility of your blog.
Join WriteUpCafe