StealthWatch® security appliances use Lancope's market-leading Network Behavior Analysis (NBA) technology to provide safe, real-time oversight and response for all traffic on internal networks, anywhere across the enterprise, without impacting normal network operations.

By leveraging flow data from the network infrastructure, StealthWatch delivers unified visibility across physical and virtual networks to security, network and datacenter administrators.

In addition, the StealthWatch Concern Index™ feature automatically ranks unexpected network activity in terms of severity and risk, which in turn greatly accelerates administrators' ability to isolate resolve any network performance or security incident - whether in the physical or virtual environment.

Lancope's StealthWatch® Xe appliances use flow information from NetFlow and sFlow routers and switches in your existing network infrastructure to provide superior network monitoring and protection without requiring massive investments in new hardware or software.

StealthWatch passively monitors all network traffic across all segments of all internal networks to deliver a true, real-time overview of what is happening inside the enterprise – right now. And yet, StealthWatch's easy-to-use management console provides instant detail drill-down for any network segment, device, application, host or user.

StealthWatch's unique Point-Of-View™ technology means that IT, network, security and datacenter staff have a single, data plane — a common source for essential network optimization and security data. As a result, incidents can be isolated and resolved faster, with StealthWatch delivering a customized subset of critical network information based on each administrator's individual job responsibilities.

StealthWatch connects unexpected network activity to the specific devices affected by that traffic in real-time, and then applies advanced forensic capabilities to determine the root cause. Each incident can be resolved automatically, or StealthWatch can recommend the appropriate corrective action as part of the alert.

StealthWatch automatically baselines normal network traffic in order to recognize unexpected network activity. This information provides essential insight into how the network is being used, in real-time, which in turn helps administrators anticipate and adjust for changing network demands.

The StealthWatch® IDentity appliance unifies network optimization and security with identity management in a single, cost-effective device. As a result, the overall StealthWatch system can automatically connect any individual network event with the user or users responsible for the anomaly.

StealthWatch does not rely on attack signatures to protect networks from attack or misuse. Zero-day attacks and other threats that easily bypass network perimeter defenses by definition create unexpected network traffic – which means that they are easily detected and resolved by StealthWatch before they can do any damage.

StealthWatch can immediately recognize any misconfigured, malfunctioning or unauthorized device as soon as it connects to the network. These resources generate unexpected network traffic, which StealthWatch recognizes in real-time as part of its normal monitoring activity.

A typical enterprise organization using StealthWatch can expect to eliminate up to 80% of the time, cost and complexity associated with internal network protection using IDS/IPS technology. At the same time, StealthWatch stops threats that IDS/IPS devices routinely miss without requiring attack signatures, without creating performance bottlenecks across internal network segments, and without requiring the intricate coordination of security policy across dozens of IDS/IPS devices.