Lancopes StealthWatch Software Scopes Networks | eWeek

Lancopes StealthWatch Software Scopes Networks

Aug 23, 2004
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Lancope Inc.s launch this month of its first SMC (StealthWatch Management Console) appliance, and the simultaneous release of its StealthWatch 4.1 system software, makes the companys network behavior anomaly detection tools far easier to manage than previous StealthWatch versions.

Click here to read the full review of SMC/StealthWatch 4.1.

2

Lancope Inc.s launch this month of its first SMC (StealthWatch Management Console) appliance, and the simultaneous release of its StealthWatch 4.1 system software, makes the companys network behavior anomaly detection tools far easier to manage than previous StealthWatch versions.

The ability to manage sensors, policies, alerts and reports is a key differentiator in the hotly contested anomaly detection market, which includes competitors such as Arbor Networks Inc.s Peakflow X and iSpheres Corp.s Halo.

During tests at eWEEK Labs, in which we collected network data for more than a month to train the StealthWatch appliance, we found that Lancopes SMC made creating and distributing policies a painless task.

However, because configuration changes will have a huge impact on the quality of security data being reported by the StealthWatch appliance to the SMC, only senior security staff should be allowed to create SMC policies.

People can make mistakes, and we wish there were an automatic way to roll back configuration changes.

NBAD (network behavior anomaly detection) systems are relatively pricey, and Lancopes SMC and accompanying StealthWatch appliance are no exception. The SMC and the StealthWatch appliance start at $9,995 each, and there is a fee of $1,995 to $3,995 for every StealthWatch appliance connected to the SMC. The console is based on Dell Inc.s PowerEdge 1750 server with dual 3.06GHz processors, 4GB of RAM and 146GB of hard drive space in a RAID 5 configuration.

The beefy hardware is required to process the network traffic flows to discern patterns that fall outside the profiles the StealthWatch system software learns over time. New in this version of the software is a three-dimensional StatusView that clearly shows the security posture and the health of a network in real time—something earlier versions of the software could not do.

We found the graphic displays useful, but we recommend that IT managers spend their time scrutinizing the other real-time monitors included in this version of the system software.

The new investigation work space view provided us with all the data views created by the product and allowed us to move easily among windows of data while also being able to see tables that showed time stamps indicating when particular network devices were acting in an anomalous manner.

In tests, the SMC appliance worked without a hitch and should perform well in large-scale deployments. Setting up trust relationships between appliances and the SMC must be done manually, but these management connections are important enough to warrant the extra effort. Once we established these trusted relationships between the StealthWatch appliance and the SMC, the policy and configuration changes were simple to make.

Lancope did not significantly change the anomaly detection capabilities in this version of the StealthWatch system software, focusing, instead, on monitoring and management improvements. Nevertheless, we were impressed with the extent and accuracy of the SMCs reports of anomalous behavior in our network, and we could use the reports to determine quickly when likely security problems were occurring.

Labs Technical Director Cameron Sturdevant can be reached at cameron_sturdevant@ziffdavis.com.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.