Cisco Secure Network Analytics provides enterprise-wide network visibility to detect and respond to threats in real-time. The solution continuously analyzes network activities to create a baseline of normal network behavior. It then uses this baseline, along with non-signature-based advanced analytics that include behavioral modeling and machine learning algorithms, as well as global threat intelligence to identify anomalies and detect and respond to threats in real-time. Secure Network Analytics can quickly and with high confidence detect threats such as Command-and-Control (C&C) attacks, ransomware, Distributed-Denial-of-Service (DDoS) attacks, illicit cryptomining, unknown malware, and insider threats. With an agentless solution, you get comprehensive threat monitoring across the entire network traffic, even if it's encrypted.
Organizations have already invested a lot into their IT infrastructure and security. Yet, threats continue to find ways to get through. Moreover, it often takes months or even years to detect breaches. This lack of visibility is a function of continuously growing network complexity and constantly evolving threats. Security teams with limited resources and disjointed tools can only do so much. Practically all organizations have security solutions, such as firewalls, but how do they know whether these tools are working, managed, and configured correctly How do they know that these tools are doing the job that they need them to do
The solution is Secure Network Analytics, which enlists the network to provide end-to-end visibility of traffic, on-premises as well as in private and public clouds. This visibility includes knowing every host and seeing who is accessing which information at any given point. From there, it's important to understand what is normal behavior for a particular user or "host" and establish a baseline from which you can be alerted to any change in the user's behavior the instant it happens.
Secure Network Analytics offers two different deployment models - on-premises as a hardware appliance or as a virtual machine. Secure Cloud Analytics is the Software-as-a-Service (SaaS) version of Secure Network Analytics. In addition to monitoring the private network, Secure Cloud Analytics can also be deployed to detect threats and configuration issues in the public cloud.