An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network. What action will resolve this issue?
A.
Deploy a Cisco FTD sensor to send events to Cisco Stealthwatch Cloud.
B.
Deploy a Cisco Stealthwatch Cloud sensor on the network to send data to Cisco Stealthwatch Cloud.
C.
Configure security appliances to send syslogs to Cisco Stealthwatch Cloud.
D.
Configure security appliances to send NetFlow to Cisco Stealthwatch Cloud.
I agree with B:
Stealthwatch Cloud Sensor for Private Network Monitoring
In order to monitor on-premises networks, a Stealthwatch Cloud Sensor
appliance will need to be installed.
I agree with some people who have already raised this concern, Correct Answer is D
To resolve the issue of logs not being received from the on-premise network in a Cisco Stealthwatch Cloud deployment, the organization should configure their security appliances to send NetFlow data to Cisco Stealthwatch Cloud. NetFlow is a network protocol that provides visibility into network traffic flows.
Option B, deploying a Cisco Stealthwatch Cloud sensor on the network to send data to Cisco Stealthwatch Cloud, is not the appropriate action to resolve this issue. Cisco Stealthwatch Cloud sensors are not deployed on the network itself but rely on data received from network devices, such as routers or switches, through protocols like NetFlow.
The answer is B. Check this out: https://www.cisco.com/c/dam/en/us/products/collateral/security/stealthwatch-cloud/sw-cloud-sensor-performance-wp.pdf
"Cisco Stealthwatch Cloud Private Network...is the perfect solution for organizations that want better awareness and security within their on-premises environments while reducing capital expenditure and operational overhead. It works by deploying a lightweight appliance, referred to as the Stealthwatch Cloud Sensor, in a virtual machine or server that can consume a variety of native sources of telemetry or extract metadata from network packet flow. It encrypts this metadata and sends it to the Stealthwatch Cloud analytics platform for analysis. Stealthwatch Cloud consumes metadata only. The packet payloads are never retained or transferred outside the network."
I might be wrong, this is the info I have from the document= Stealthwatch Cloud Sensor for Private Network Monitoring
In order to monitor on-premises networks, a Stealthwatch Cloud Sensor
appliance will need to be installed. This appliance can be installed either
as a physical appliance or as a virtual machine leveraging the ISO or OVF
distributions. Conceptually, the figure below illustrates the deployment
scenario of the Stealthwatch Cloud Sensor, where the on-premises sensor
collects telemetry and forwards metadata to the customer’s Stealthwatch
Cloud instance through an encrypted private tunnel.
B could be incorrect because deploying a Cisco Stealthwatch Cloud sensor on the network to send data to Cisco Stealthwatch Cloud is not necessary. According to the scenario, the problem is that logs are not being received from the on-premise network, but adding a new sensor in the same network will not resolve the issue. The correct solution is to configure security appliances to send syslogs or NetFlow to Cisco Stealthwatch Cloud, which will allow logs to be received and analyzed.
Logs from the Cloud are working. Logs from the On-Prem are not. Install a sensor on-prem to send the files. Netflows should be sent to the sensor, not directly to the cloud
upvoted 2 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ic0deem
Highly Voted 3 years, 1 month agoEdy79
1 year, 1 month agoEMoshi
Most Recent 3 days agokloug
1 month, 2 weeks ago4pelos
9 months, 1 week agoStevens0103
1 year, 1 month agoums008
1 year, 5 months agoStevens0103
1 year, 1 month agoddev3737
1 year, 10 months agoddev3737
1 year, 10 months agoddev3737
1 year, 10 months agoDorr20
1 year, 8 months ago