Lancope is now part of Cisco Learn MoreLancope Arrow About Cisco
Stealthwatch Security Identity Icon

Stealthwatch IDentity


Quickly discover who caused a security event and who is affected for expedited response and remediation.

The Stealthwatch IDentity allows administrators to quickly reveal who is causing specific security or performance issues on the network for faster remediation. With the IDentity appliance, users can be held accountable for negligent or malicious actions that contribute to damaging insider threats, while those whose machines have been infected or compromised can also be pinpointed to limit the spread and effects of malware and other attacks.

Zero In on the Source of Attacks

The Stealthwatch IDentity appliance delivers detailed visibility into user activity, enabling network operators, security administrators and datacenter personnel to determine within seconds who is responsible for and affected by events anywhere across the network. Administrators can simply search the user name or IP address associated with the event from the Stealthwatch Management Console and the system returns the appropriate real-time information. User-centric monitoring capabilities also allow network and security teams to run flow queries and reports based on actual user names versus just IP addresses, and administrators can also obtain a User Snapshot outlining a specific person’s network activity – including any anomalous behavior or alarms triggered. In addition to pinpointing responsible users, the IDentity simplifies the identification of other users affected by an event, so that quarantine and corrective actions can be taken sooner. The detailed insight into user activity generated by Stealthwatch IDentity is invaluable for combating advanced attacks including APTs and insider threats, as well as for improving incident response and forensic investigations.

Improve Network Performance and Compliance

In addition to the security team, network operators can also quickly identify the users associated with questionable activity such as increases in network bandwidth usage for improved troubleshooting of performance issues. The IDentity appliance also significantly improves audit controls for regulatory compliance, since administrators can immediately uncover the party responsible for a hardware, software or security problem.


Try StealthWatch - request a demo

“By automating the monitoring of traffic and alerting of suspicious behavior, Stealthwatch does everything we were doing manually and 90 percent more…[Stealthwatch has] caught many attacks for which no signatures are and never will be written.”


Dartmouth College

4 x 1000 BaseT (Gigabit over Copper)                                   

Only 1 Port Required for Management and Data                                                                                               

1 x RS-232 Serial Console RJ-45 Port

Maximum Users 10,000
IP-to-ID Records
Second Unit HA Option Yes
Processor Single Quad Core
Cooling Fan Single
Power Supply

Single 250W                                                                          
AC Input Voltage
100 to 240 VAC
Frequency 50-60 Hz


Height: 1.75 in. (4.4 cm)                                                 

Width: 17.3 in. (43.9 cm)                                               

Depth: 16.7 in. (42.4 cm)

Rack Units (Mountable) 1U
Weight 16 lbs. (7.3 kg)
Temperature 32°F to 104°F (0°C to 40°C)
Humidity 5% to 95%
Heat Dissipation 450 BTUs per hour maximum
Regulatory Compliance
  • FCC Class A
  • CE
  • VCCI
  • UL
  • CB
  • TUV

Please call for a complete list.