Professional Documents
Culture Documents
Cisco Stealthwatch:
Network Visibility across the Enterprise Network
Partner/Reseller Version
November 2019
This proposal is being provided by a Cisco authorized reseller utilizing a Cisco solution. Certain technical and other
information in this response may have been provided by Cisco; however, nothing herein shall be construed as a quotation
or offer to contract directly with Cisco. The Cisco logos, trademarks and other information provided by Cisco appear in this
response with Cisco’s permission and are proprietary and confidential information of Cisco Systems, Inc. All other
information, including any pricing information, is provided by the Cisco authorized reseller and not by Cisco, and any
<Insert
Cisco
<<UserName>> ● <<UserPhone>> ● <<UserEmail>> Partner
Logo>
Click Here
relationship resulting from this response will be directly with such reseller and not Cisco.
<Insert
Cisco
<<UserName>> ● <<UserPhone>> ● <<UserEmail>> Partner
Logo>
Click Here
<clientLogo> <PartnerLogo>
Template Instructions
Template instructions are provided in text boxes as demonstrated below.
NOTE TO USER: THIS IS BOILERPLATE CONTENT. YOU WILL NEED TO
CUSTOMIZE TO FIT THE CUSTOMER’S OBJECTIVES AND CHALLENGES. THIS
PROPOSAL IS PROVIDED AS IS AND MAY NOT BE APPROPRIATE FOR ALL
SITUATIONS.
RESELLER SHALL BE RESPONSIBLE FOR THE CONTENTS OF THIS PROPOSAL.
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
- iii -
<clientLogo> <PartnerLogo>
Table of Contents
VISIBILITY AND THREAT DETECTION FOR THE ENTERPRISE NETWORK..............1
INTRODUCING THE PROPOSED CISCO STEALTHWATCH....................................1
THE PROPOSED CISCO STEALTHWATCH ADVANTAGE..................................................................2
PROPOSED CISCO STEALTHWATCH BENEFITS............................................................................2
CUSTOMER CASE STUDY...................................................................................................... 3
CUSTOMER TESTIMONIALS.................................................................................................... 3
PROPOSED CISCO STEALTHWATCH DETAILS....................................................4
STEALTHWATCH CLOUD........................................................................................................ 4
Public Cloud Monitoring.............................................................................................. 4
Private Network Monitoring.........................................................................................4
Cisco Stealthwatch Components.................................................................................5
CISCO STEALTHWATCH ENTERPRISE........................................................................................ 5
Cisco Stealthwatch Enterprise Components................................................................6
ADDITIONAL STEALTHWATCH ENTERPRISE LICENSES...................................................................8
DCLOUD DEMONSTRATION.................................................................................................... 9
CISCO CUSTOMER EXPERIENCE OVERVIEW......................................................9
ACCELERATE YOUR SUCCESS................................................................................................. 9
Business Critical Services............................................................................................ 9
FINANCING OPTIONS.....................................................................................9
CISCO CAPITAL................................................................................................................... 9
PRICING...................................................................................................... 11
APPENDICES............................................................................................... 11
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
- iv -
Example Graphic Only
You can help defend your entire organization with views into everything happening
across your network, data center, and even your data stored in public clouds. Threats
don’t only come from outside the network anymore. Stolen credentials or other
techniques make it necessary to monitor more than just the perimeter or even just your
network.
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-1-
Cisco Web Security Appliance (WSA)
Cisco Security Packet Analyzer
The proposed solution continuously monitors both north-south and east-west traffic
inside your network to identify traffic patterns that may signal system abuse and insider
threats. This allows you to help identify and defend against zero-day malware, advanced
persistent threats (APTs), DDoS attempts, and other attacks before they cause harm. The
proposed solution’s Stealthwatch Management Console enables you to view and monitor
these traffic flows for anomaly detection.
Accelerate behavioral • Isolate the root cause of an incident within seconds and
anomaly detection and conduct efficient triage for fast mitigation.
incident response • Use NetFlow for advanced security analytics, network
forensics, and security incident management.
• Continuously monitor and detect advanced threats that
have either bypassed existing security controls or originate
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-2-
from within.
Improve network visibility • Reduce risk by seeing when and how users and devices are
connecting to your network, including:
Conversations within your network
Communications extending out to the cloud
Information passing between distributed branch offices
• View large amounts of data being exfiltrated to
unrecognized IP addresses and machines. This includes
visibility of command-and--control (C2) sessions.
• Gain complete visibility in public cloud environments
Fulfill and maintain • Protect intellectual property and proprietary data with PCI
compliance and HIPAA compliance. The proposed solution can assist in
compliance audit trails and help gather information to
accelerate audit compliance.
• Simplify compliance with network segmentation, enterprise-
wide visibility, and enhanced network management.
• Monitor domain name service (DNS) traffic to destinations
outside corporate DNS servers and notify when such traffic
is detected.
• Classify known applications without deep packet inspection
(DPI) by associating server IP and service ports to an
application.
Customer Testimonials
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-3-
PROPOSED CISCO STEALTHWATCH DETAILS
<<PartnerName>>’s proposed Cisco Stealthwatch describes a suite of products that
work together to provide real-time situational awareness of all users, devices, and traffic
on your extended network. By combining the right components, the proposed solution is
scalable to your specific needs as well. <<PartnerName>> offers the following suite of
products, packages, and features.
Stealthwatch Cloud
Stealthwatch Cloud is a SaaS delivered, web-based solution that provides end-to-end
visibility, behavioral analysis, and threat detection across your private network, public
cloud, and hybrid environments. Stealthwatch Cloud delivers high value notifications of
changes in behavior that it observes on your network without wasting the precious time
of your IT and security personnel. Being web-based, it is platform independent and can
work for any cloud environment including Amazon Web Services (AWS), Microsoft Azure,
and Google Cloud Platform. Stealthwatch Cloud is also capable of monitoring small to
medium-sized private networks and hybrid infrastructures that combine on-premises and
cloud deployments. Stealthwatch Cloud can export threat and behavioral details to a
number of security and web-based services including Datadog, Hipchat, PagerDuty,
Slack and SIEMs and supports standard formats like email and syslog.
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-4-
Stealthwatch Cloud Screenshot
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-5-
Cisco Stealthwatch Management Console: Provides a single vantage point for
disparate IT groups to see behavioral information of traffic across the network. The
simple at-a-glance interface permits operators to quickly spot trouble and respond
accordingly.
Cisco Stealthwatch Flow Collector: Allows for network visibility and security
intelligence across physical and virtual environments to improve incident response.
Cisco Stealthwatch Flow Sensor: Produces NetFlow data for segments of the
switching and routing infrastructure that do not support NetFlow. It also delivers
thorough visibility of network and server performance metrics. The result is optimized
security, network operations, and application performance.
Component Description
Cisco Stealthwatch The console coordinates, manages, and configures Stealthwatch
Management Console appliances deployed at various segments throughout your
enterprise. The management console can also collect data from
other types of technologies, including firewalls, web proxies,
network access control (NAC) systems, and more. Disparate IT
teams can easily obtain pervasive network visibility and
actionable security intelligence to detect and prioritize security
threats through a single viewpoint. The console is available as a
hardware appliance or a virtual machine.
Features include:
• In-depth visibility and behavior-based context defends against
APTs, malware, insider threats, worms, viruses, targeted
attacks, DDoS attempts, and evolving attacks. Advanced
detection capabilities decrease the time between threat onset
and resolution.
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-6-
• Real-time telemetry delivers data flow for monitoring traffic
across hundreds of network segments simultaneously to
detect suspicious network behavior.
• Robust network intelligence facilitates performance
monitoring, capacity planning, and enhances network
management. It also reduces time-consuming and resource-
intensive manual analysis often associated with other
vendors.
• Network groupings, graphical representations, and
relationship maps deliver simple views of your organization’s
traffic within seconds, illustrating where to focus your
attention.
• Multiple alarm categories and context-based alerts on the
home dashboard provide quick assessments of your
organization’s security posture. This allows for decisive action
to mitigate potential damage.
• Scalable functionality performs well in high-speed
environments and can protect every part of the network that
is accessible by IPs, regardless of size.
Cisco Stealthwatch Telemetry collected from network devices is used to provide
Enterprise deep visibility throughout your extended network. Stealthwatch
Enterprise exposes potential attacks by continuously monitoring
all devices, applications, and users.
Features include:
• Behavioral baseline combined with advanced security
analytics, intelligence, and forensic investigations pinpoint
and detect a wide range of anomalous activity that could
signify an attack.
• Uninterrupted monitoring of both north-south and east-west
traffic as behavioral patterns can prevent lateral movement of
threats.
• Real-time anomaly detection accelerates incident response
times.
Cisco Stealthwatch The flow collector collects and analyzes massive amounts of
Flow Collector network data from your current devices. The result is visibility
and security intelligence across physical and virtual
environments, improving incident response. Flow Collector
provides cost-effective behavioral analytics and advanced
security context. This enables early anomaly detection, quick
root-cause determination, and enhanced protection for a wide
range of threats, including APTs, insider threats, DDoS, and zero-
day malware. The solution is available as a hardware appliance
or a virtual machine.
Features include:
• Flow-based anomaly detection pinpoints unusual behavior and
immediately sends an alarm with actionable intelligence,
promoting quick and decisive mitigation.
• Stitched, duplicated, and 1:1 flows simplify network and
security monitoring. In addition to detecting anomalies in real
time, the solution can store years of data, creating a complete
audit trail to improve forensic investigations and compliance.
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-7-
• Easy upgrading allows you to start small and expand as your
capacity needs change. At full scale, Flow Collector can
process data from as many as 50,000 flow sources at up to 6
million flows per second (FPS).
Cisco Stealthwatch This component provides robust visibility of network, application,
Flow Sensor and server performance metrics. The flow sensor gives you a
(optional) cost-effective method of troubleshooting both security incidents
and application performance problems, while eliminating
dangerous network blind spots. It can provide L7 application
information for environments where Cisco Network-Based
Application Recognition (NBAR) is disabled. The solution is
available as hardware appliances or as software for monitoring
virtual machine environments.
Features include:
• Network anomaly alerts pinpoint unusual behavior and
immediately send alarms with contextual intelligence,
allowing you to act quickly and mitigate damage.
• URL data allows administrators to see exactly which websites
users are going to, including the file path. This improves the
identification of applications causing performance or security
problems.
• Enhanced operational efficiency reduces costs by identifying
and isolating the root cause of an issue or incident within
seconds.
User Datagram The UDP Director simplifies the collection and distribution of
Protocol (UDP) network and security data across the enterprise. It helps reduce
Director the processing power on network routers and switches by
receiving essential network and security information from
multiple locations and then forwarding it to a single data stream
(optional)
to one or more destinations.
Features include:
• Reduces unplanned downtime and service disruption on the
high availability UDP Director 2200 appliance.
• Simplifies network security and monitoring by providing a
single standard destination for NetFlow, SFlow, syslog, and
SNMP information.
• Directs UDP data from any UDP application to one or more
destinations, duplicating the data if required.
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-8-
Cisco Stealthwatch Proxy License: Delivers additional network visibility and
anomaly detection capabilities from proxy servers to your management console. This
license enables the correlation of information sent from the proxy servers and
provides information about web traffic being intercepted by the proxy server,
enabling deeper visibility into web traffic.
Cisco Stealthwatch Threat Intelligence License: Correlates flow data to provide
enhanced detection capabilities for advanced malware, including botnet activity.
Botnet detection functionality includes in-depth traffic reporting and analysis of C2
communications.
Cisco Stealthwatch Learning Network License: Identifies traffic at the network
device level using network based application recognition, localized network flow data,
and machine learning sensors. This software resides on select Integrated Services
Router (ISR) 4000 series routers. This helps you to make informed decisions to flag or
drop suspicious packets, enabling accelerated incident response and device level
mitigation.
Cisco Stealthwatch Endpoint License: Allows for the collection of application data
by integrating with Cisco AnyConnect® Secure Mobility Client. The endpoint license
receives input from Cisco AnyConnect Secure Mobility Client and forwards that data
to Stealthwatch for analysis and reporting in the Stealthwatch Management Console.
dCloud Demonstration
Experience the proposed solution’s components with cloud-based demonstrations. See
for yourself on Cisco dCloud how they can benefit you. Get started with dCloud today or
contact <<PartnerName>> at <<UserEmail>> or <<UserPhone>> for dCloud
demonstration details.
Get things done more quickly by speeding up design, deployment, and adoption to
maximize the results of your technology projects while also minimizing risk. Gain the
value of technology and intelligence that enables you to anticipate problems, optimize
operations, and accelerate technology transitions.
Save time, deliver better service levels, and enable scaling by automating infrastructure
management. Develop talent and equip your team with resources, new skills, and
professional certifications. Enjoy the many benefits of having industry-leading expertise
on your side
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
-9-
Business Critical Services
<<PartnerName>> is pleased to offer Cisco Business Critical Services, Cisco’s next
generation of optimization services. They combine the company’s unrivaled engineering
expertise with integrated analytics and automation to enable you to predict
opportunities, preempt risks, and navigate pivotal technology transitions. Organized
across three themes—Foundation, Acceleration, and Transformation—these services can
assist in meeting your needs at any stage of your digital transformation journey.
Cisco experts help you ensure a secure, efficient, and agile infrastructure with less risk,
while enabling business growth and increased productivity. Services cover Analytics,
Automation, Design Engineering, Compliance and Remediation, Security, and more, with
Cisco expert recommendations on how to align with best practices as you optimize your
technologies. Cisco Business Critical Services can accelerate your IT transformation and
help you realize the high-impact business outcomes you seek.
With this support from the start, you can be better poised for success.
FINANCING OPTIONS
Cisco Capital
<<PartnerName>> offers Cisco Capital® financial services which provide maximum value to
customers through industry-leading vendor financing that enable desired business
outcomes. Cisco capital offers tailored solutions for Cisco hardware, software, services
and licenses that can be customized based upon the specific needs of each customer –
including migration options, competitive rates and flexible terms.
Make the most out of your IT budget. Cisco Capital’s flexible and innovative payment
solutions make it easier for you to grow your business and go to market faster with Cisco
technologies. Cisco Capital is:
Innovative: Cisco’s adaptable solutions offer new ways to consume and deliver
digital transformation and stay up to date with technology.
Agile: Get the technology you need to quickly adapt to market dynamics, make
faster decisions and boost ROI.
Competitive: Cisco offers aggressive residuals on Cisco hardware that can lower
your overall solution cost and below-market rates for Cisco subscription-based
services.
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
- 10 -
PRICING
<Note to user: Insert bill of materials (BOM) / pricing details, or remove this
section as appropriate.
If applicable, be sure to provide a BOM summary before inserting a BOM /
APPENDICES
<Note to user: Use this section to respond to customer questions, provide
any additional information, or remove this section as appropriate.>
<<PartnerName>> ● CONFIDENTIAL
Cisco Stealthwatch – Partner/Reseller Version
- 11 -