Troubleshoot the Network in Just 3 Clicks
Lancope’s StealthWatch provides unified security, network and application performance monitoring across physical and virtual environments. The system delivers borderless network visibility to eliminate blind spots and reduce total network and security management costs. With a powerful three-click incident investigation workflow, StealthWatch’s user friendly GUI accelerates incident investigation through graphs, pie charts, line charts and visual cues, all of which can be drilled into for further information and investigation.
The system’s patented Concern Index™ or alarm manager provides an early and powerful indication of anomalies that demand immediate attention. StealthWatch offers the flexibility and capability to drill down into host snapshot and down to the user, MAC, flows, interface utilization and a wide array of other host statistics needed for rapid incident resolution.
- Slow network — StealthWatch provides a prioritized list of your organization’s most congested interfaces, perhaps prime candidates for WAN optimization, and provides drill downs throughout the product so you can drill into a traffic spike, for example, and determine the underlying cause of the spike. These are but a couple of examples of how StealthWatch can help troubleshoot a slow network.
- User complaints about desktop — StealthWatch tracks user activity on the network to see which other hosts they’re talking to, how much traffic they’re consuming, what the traffic is composed of in terms of services and applications, the supporting flows and probes for that host, and many other valuable nuggets of host context needed for troubleshooting a wide array of network issues.
- Greatest network risks — StealthWatch’s patented Concern Index automatically prioritizes the hosts posing the greatest risk to your network, an ideal starting point for resolving the most important incidents first. In addition to alarming on concerning behavior inside the network, StealthWatch also conducts behavioral analysis on data from perimeter devices such as firewalls. This way, if an IP address is continually denied access by perimeter defenses, but eventually enters the network, it will be flagged to administrators as a concern immediately upon entry.
- Security threats — The StealthWatch Worm Tracker is a feature that illustrates where a worm has been in your enterprise and where it’s likely to go next. Existing customers lock down worms in hours compared to weeks before. StealthWatch alarms on denial of service conditions and bot activity as well.
- Security vulnerabilities — Misconfigured firewalls are an often overlooked type of network vulnerability. StealthWatch provides several features which lend themselves to identifying misconfigured firewalls. One of these features is host group locking, a soft firewall that not only alarms on unauthorized host access but also unauthorized service communications between hosts. StealthWatch also conducts in-depth behavioral analysis of data from perimeter devices, including firewalls, to enhance these efforts.
- QoS monitoring — StealthWatch dscp monitoring tracks bandwidth consumption by dscp value across your entire enterprise to help you refine QoS policies, ensuring preferential treatment for the most critical traffic.