Stealthwatch is one of Cisco’s most widely popular security tools. It gives you unparalleled visibility into your network and is rapidly becoming a favourite among security professionals. Recently, Cisco rolled out a new update for the platform, Stealthwatch 7.0.

Cyber threats are constantly changing and evolving and that’s why it’s good to see that Cisco are one of the most active groups around when it comes to upgrading their platforms to ensure their customers are always fully protected.

Stealthwatch 7.0 brings plenty of new features and this article will run through some of the most important, valuable and interesting!

Learn about our Network Security Visibility Assessment.

Stealthwatch already works harmoniously with another of Cisco’s security tools, Cisco Identity Services Engine (ISE), which provides additional context and information on users when it comes to threat detection. This also gives the person responsible for safeguarding the network the ability to mitigate the threat directly from within Stealthwatch. Here are some of the new features:

No two businesses are the same. Each one has unique workflows and processes and so what may seem like suspicious activity in one business could be perfectly normal behaviour in another. It’s very likely that your security team do not have a great deal of spare time to spend reviewing irrelevant notifications which could, in turn, lead to serious threats being missed. In Stealthwatch 7.0, Cisco has further improved the ability to customise and fine-tune your unique security platform.

With Stealthwatch 7.0 you can now manage users and host groups directly from the web interface:

Improvements made to the policy manager include:

In the past, security professionals have always said that Stealthwatch is a fantastic tool that they couldn’t do their job without. However, there has been some mild criticism of the interface used to control the platform. Cisco listened to the responses and has been working hard on making improvements.

With the centralised appliance and update manager in the web interface, you are now able to configure, update, and manage all the Stealthwatch appliances such as the Stealthwatch Management Console (SMC) and the Flow Collector from one place. Spend less time managing the tool and more time utilising it for all the security benefits that are available.

Threats are always changing. Cyber-criminals are rapidly inventing new ways to break into your network every day. Since 2017, there have been 150 million new forms of malware and potentially unwanted programs detected and registered.

Because of this its vital that security applications are being consistently updated to handle the new threats. Stealthwatch 7.0 brings a huge upgrade to the platforms analytical capabilities for fast and high-fidelity threat detection. Here’s what new for the machine learning engine based in the cloud:

With Stealthwatch 7.0, Cisco is releasing three apps which will vastly improve your experience while using Stealthwatch.

The host classifier application delivers dynamic discovery and classification of core assets in the network. It’s useful for initial system configuration as well as to continuously maintain host classification. Accurately configured host groups lead to accurate and contextual alarms. All analysis is performed on-prem.

Using Encrypted Traffic Analytics (ETA) technology, this app will help you analyse encrypted traffic for cryptographic compliance. It assesses the quality of encryption that is being used, which aids audit cryptographic compliance. This app will also help to convey and explain trends and changes in the amount and type of encryption.

The last Stealthwatch app allows you to rapidly acquire insights into areas of your network where security risks exist, key network metrics, traffic to high-risk countries. There is very little tuning or host configuration involved in this app. Users of Stealthwatch can also easily generate a printable summary of the network for the executives.

Learn about our Network Security Visibility Assessment.

To see the original Cisco blog post, please click here.

To read more about Cisco Stealthwatch, please click here.