This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

StealthWatch

StealthWatch

Alexandr_P
Valued Contributor

‎02-09-2017 11:53 AM

Hello, all!

Can you tell me, please, what analog of Cisco's StealthWatch we have?

Thank you!
0 Kudos
8 REPLIES 8

Alexandr_P
Valued Contributor

‎02-09-2017 01:43 PM

Another question is - how SIEM integrate with NetSight?

Sorry, but I have little knowledge about Extreme's SIEM.

Thank you!
0 Kudos

Zdeněk_Pala
Extreme Employee

‎02-09-2017 12:39 PM

Hi. Extreme SIEM is able to do the same = behavioral analysis based on flows. In advance SIEM is able to correlate flows with logs from firewall and antivirus and more => much better from the false positive point of view. Regards Z.
Regards Zdeněk Pala
0 Kudos

Zdeněk_Pala
Extreme Employee
In response to Zdeněk_Pala

‎02-09-2017 12:39 PM

We can use flow based switches = does have unsampled NetFlow on each and every port without performance degradation.

We can use X460-G2 = does have ipfix support

We can use any other Extreme Switch with SFLOW support.

Extreme SIEM does support sflow, netflow, jflow, ipfix, cflowd, qflow, raw data...
Regards Zdeněk Pala
0 Kudos

Alexandr_P
Valued Contributor
In response to Zdeněk_Pala

‎02-09-2017 12:39 PM

Hello, Pala!

In Cisco switches work with StealthWatch (Bundle Catalyst 3650, Lancope StealthWatch).
Where switches work with StealthWatch Appliance as a sensor.
We have to do this with IPFIX on our switches G2?
Or there is other way?

Thank you!
0 Kudos
GTM-P2G8KFN