499
Back to Top

IBM Security QRadar SIEM All-in-One Appliance 21XX LT - Software Subscripti

Mfg. Part: E0I4YLL | CDW Part: 3554998 | UNSPSC: 43233204
Request Pricing
Close

Have leasing questions? Let us know how can we help.

Note: Leasing is available to organizations only. Leasing is not available to individuals.
800.808.4239
Mon-Fri 7am-7:30pm CT
Availability:
Ships today if ordered within 13 hrs 17 mins
  • Software Subscription and Support Renewal ( 1 year )
  • 1 install
  • Passport Advantage Express
View More
Product Overview
Main Features
  • Software Subscription and Support Renewal ( 1 year )
  • 1 install
  • Passport Advantage Express
IBM Security QRadar products provide a security intelligence platform that integrates disparate functions including SIEM, Log Management, Configuration Monitoring, and Network Behavior Analytics into a comprehensive security intelligence solution.

Updates to IBM Security QRadar SIEM, IBM Security QRadar Log Manager, and IBM Security QRadar Network Anomaly Detection provide new capabilities in data management, visualization, and role-based access control. Updates to IBM Security QRadar Risk Manager help provide expanded support for multicontext security devices and additional networking technologies, enabling more comprehensive assessment and monitoring of large corporate networks.

Technical Specifications
Specifications are provided by the manufacturer. Refer to the manufacturer for an explanation of the print speed and other ratings.
General
Category: Online & appliance based services
Subcategory: Online & appliance based services - appliance software

Header
Brand: IBM
Compatibility: PC
Manufacturer: IBM
Model: SIEM All-in-One Appliance 21XX LT
Packaged Quantity: 1
Product Line: IBM Security QRadar

Licensing
License Pricing: Volume

Service
Support Details Full Contract Period: 1 year

Service & Support
Type: New releases update

Service & Support Details
Service Type: New releases update



Response Time: 2 hours
Service Availability (Hours a Day): Business hours
Service Type: Phone consulting



Service Availability (Days a Week): Monday-Sunday
Service Availability (Hours a Day): 24 hours a day
Service Type: Emergency phone consulting



Service Type: Web knowledge base access



Service Type: E-mail consulting

Software
License Category: Maintenance
License Qty: 1 install
License Type: Software Subscription and Support Renewal
License Validation Period: 1 year
Licensing Program: Passport Advantage Express

Product Reviews
IBM Security QRadar SIEM All-in-One Appliance 21XX LT - Software Subscripti is rated 4.2 out of 5 by 13.
Rated 5 out of 5 by from Built-in rules are enabled by default and tunable to meet the specific needs of each organization. Valuable Features:* Correlation Rule Engine, built-in use cases: QRadar has the highest number of built-in use cases among any SIEM on the market. There are many built-in rules that are enabled by default and easily tunable to meet the specific needs of each organization. The correlation engine automates what is a manual process for many SIEM platforms.* Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered.* QRadar Vulnerability Management: Built-in vulnerability scanner or leverage for other supported scanners to either schedule a scan and/or import the results from a scan. Importing the results enriches the assets profile database to quickly identify assets that have known vulnerabilities.* X-Force Threat Intelligence: Threat intelligence IP reputation feed which leverages a series of international data centers to collect tens of thousands of malware samples, to analyze web pages and URLs, and to run analysis to categorize potentially malicious IP addresses and URLs.* App Exchange: Many vendors have written apps to enhance QRadar. The apps are free and enhance your SIEM experience by adding rules and custom event properties. In some cases a new tab. You will need to have purchased the third party solution. For example, if you have Palo Alto or Blue Coat, there's a free app for better integration.Improvements to My Organization:As a Professional Services consultant, I have heard many reports of how QRadar SIEM has quickly identified offenses which the users were unaware of previously. In addition to giving CISO’s gained visibility and increasing security posture, QRadar adheres to many compliance regulations across vertical industries.Room for Improvement:Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules.Use of Solution:We have been using the solution for four years.Deployment Issues:NoStability Issues:We did not encounter any issues with stability.Scalability Issues:We did not encounter any issues with scalability.Technical Support:The technical support is very good.Previous Solutions:We had limited experience with RSA enVision, LogRhythm, and HPE ArcSight. QRadar is much easier and takes less time to implement and maintain.Initial Setup:The initial setup was straightforward.Pricing, Setup Cost and Licensing:Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.Other Solutions Considered:We did not evaluate any other options.Other Advice:All SIEMs have a certain degree of complexity, especially where use cases and rules are concerned. I advise using Professional Services so your SIEM is configured by trained professionals.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are a business partner of IBM.
Date published: 2017-09-03
Rated 4 out of 5 by from For vulnerabilities, you see a popup on the screen. We do not have to look for it. It is pushed to us. Valuable Features:It's easy for us to see what's happening in the environment. It's very good to see the logs and the analytic stuff.Improvements to My Organization:We can see the vulnerabilities much easier with the product. You see a popup on the screen. We do not have to look for it. It is pushed to us.Room for Improvement:It is very expensive; very expensive.Stability Issues:The solution is very stable.Scalability Issues:I think it is scalable.Technical Support:We have used technical support. They are very good and very nice.Other Solutions Considered:We didn't evaluate any alternatives. We have yearly talks with the IBM consulting team. We look at the trends.Other Advice:When choosing a vendor, we look for a stable and trustworthy company. I think QRadar is the best solution you can get.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-06-23
Rated 4 out of 5 by from Contextual and threat-based incident management. Valuable Features:* Paradigm shift, security intelligence 2.0* Contextual-based incident management* Threat-based incident management* A single management console to handle all the data* Ease of use* Existing integration capabilities* Out-of-the-box reports* Parser developmentImprovements to My Organization:It has helped us in the reduction of VPN frauds via the active monitoring of various frauds.Room for Improvement:* There is a scope of improvement in the orchestration layer, such as the SecOps from RSA. RSA Security Analytics bundles their offering with their SecOps (a subset of Archer - Risk Governance tool). This gives them a competitive edge.* The reporting and dashboard capabilities require a bit of improvement in terms of fine tuning and bifurcation for the technical and management reports.Use of Solution:I have used this solution for four years.Stability Issues:There were no stability issues.Technical Support:I would give technical support a rating of 9/10.Initial Setup:The setup was straightforward and the deployment was easy.Cost and Licensing Advice:The pricing policy is a bit on the higher side. IBM offers discounts when applicable.Other Solutions Considered:We looked at other solutions such as RSA enVision and HPE ArcSight.Other Advice:Trust it, test it, and deploy it.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-04-30
Rated 4 out of 5 by from Contextual and threat-based incident management. Valuable Features:* Paradigm shift, security intelligence 2.0* Contextual-based incident management* Threat-based incident management* A single management console to handle all the data* Ease of use* Existing integration capabilities* Out-of-the-box reports* Parser developmentImprovements to My Organization:It has helped us in the reduction of VPN frauds via the active monitoring of various frauds.Room for Improvement:* There is a scope of improvement in the orchestration layer, such as the SecOps from RSA. RSA Security Analytics bundles their offering with their SecOps (a subset of Archer - Risk Governance tool). This gives them a competitive edge.* The reporting and dashboard capabilities require a bit of improvement in terms of fine tuning and bifurcation for the technical and management reports.Use of Solution:I have used this solution for four years.Stability Issues:There were no stability issues.Technical Support:I would give technical support a rating of 9/10.Initial Setup:The setup was straightforward and the deployment was easy.Cost and Licensing Advice:The pricing policy is a bit on the higher side. IBM offers discounts when applicable.Other Solutions Considered:We looked at other solutions such as RSA enVision and HPE ArcSight.Other Advice:Trust it, test it, and deploy it.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-04-30
Rated 4 out of 5 by from Offers device auto-discovery, along with rules and reports already created. Valuable Features:In my understanding, the best features are:* DSMs (Device Support Modules),* Device auto-discovery, and* Hundreds of rules and reports already created for you to mix up.These features are keeping QRadar on top in Gartner. You can have it running in a few hours, then start collecting your logs and events in no time.Improvements to My Organization:I have implemented QRadar in a big airline company, where they needed to get all their security information in one place. It helped in reducing the amount of time that was needed to evaluate the risk of every event. Configuring the alerts has never been easier; you just search for the event you think you need and start creating the rules that way. It is really straightforward and you don't need much IT knowledge for it. Of course, your experience with the product and a generalist view of the infrastructure, business and IT are strongly recommended, when using a tool similar to this.Use of Solution:We have implemented QRadar for two years, both in mid-size and big environments.Stability Issues:We never experienced any stability issues. The only problem that I had was related to the hardware and the high availability worked as expected.Something to take into account is the IBM support; they really know their business and how to fix problems. I had the opportunity to talk with L2 Managers in the US, who told me that IBM is investing in research, documentation and training for all the people working with it. This is a very interesting thing to have in mind, when choosing this platform.Scalability Issues:We never experienced any scalability issues. If you correctly estimate the amount of EPS (the license variable), then scalability is not a problem. They can run in a really big environment (100,000 EPS tested in production) and all the infrastructure will work as a charm.Technical Support:The technical support is excellent. As I've mentioned, they know their business and have a really good team behind them.Previous Solutions:I had the opportunity to use other SIEM solutions, but no one can provide what QRadar does, i.e., in terms of its simplicity, support or integration.Initial Setup:The setup was really straightforward. You simply need to put your ISO image in the hypervisor, follow the on-screen instructions and you have it running in one hour.Cost and Licensing Advice:The pricing and licensing policies are really competitive. These solutions are not for a really small business, but having just one license variable is really good. You simple tell the partner or sales representative the number of EPS you want to receive in your appliance and that's it. Other solutions have a 'correlation' license, which is more like a trap than anything else.Other Solutions Considered:I have tested Splunk and used a little bit of NitroSecurity (McAfee). I have also seen a little bit of HPE ArcSight.Other Advice:You should ask the sales representative to give you the Excel sheet to calculate EPS. Keep in mind that the firewalls, proxies and networking devices such as those will consume lots of EPS, but they do provide really nice information and insight from your network.On Gartner, this is one of the most competitive SIEMs in the market. It is robust and IBM is investing a lot of money to get it running even better than it is running right now. You feel secured when you use it.This solution is being implemented around the world and every day, a new feature or add-on is created for it.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are business partners and have a really good relationship with IBM.
Date published: 2017-04-20
Rated 5 out of 5 by from Integrates with other applications and systems. Valuable Features:SIEM technology is the most valuable feature of this solution, as it can be integrated with almost every application and system. If not, then you may ask IBM to write a parser for it.Improvements to My Organization:You have the visibility of different events, thus we can resolve the issue.Room for Improvement:They should provide more integration with more devices.Use of Solution:I have been using this solution for three years.Technical Support:I would give the technical support a 8/10 rating. They are excellent.Initial Setup:The setup was straightforward.Cost and Licensing Advice:The pricing policy is good.Other Solutions Considered:We looked at another solution, NitroSecurity Inc.Other Advice:If you have a good budget, then go for IBM QRadar.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-04-13
Rated 4 out of 5 by from Provides log management, application monitoring, vulnerability scanning, full packet capture and risk analysis. Valuable Features:IBM Security's QRadar Security Intelligence is a multi-feature security monitoring platform that provides log management, SIEM, NetFlow, application monitoring, vulnerability scanning, full packet capture and risk analysis.The platform is designed to be deployed as an all-in-one appliance, as discrete components that can be scaled horizontally for distributed and larger environments.Improvements to My Organization:The SIEM solution is considered as a monitoring tool for the network but you can set routing roles and special actions for certain events.Room for Improvement:* The vulnerability scanner is not accurate. It needs more vulnerability signature updates or more regulation templates to be added on.* We urgently need to add more report templates.Maybe the improvements could be achieved by adding some modules like IPS, IDS and a next generation firewall that is able to start from monitoring the events and processing, then takes actions not only based on signatures but smart intelligent monitoring which would make QRadar into a full SIEM security solution.Use of Solution:I have been using the solution for three years.Stability Issues:I didn't find any issues with stability of the product.Scalability Issues:The scalability of this product is very flexible because of the way that it counts the events that exceed the threshold of licenses it handled with the queue and stores the data for 5 GB, dealing with the events in a first-in, first-out (FIFO) methodology.Technical Support:I would rate the technical support as 9/10 for solving issues and 5/10 for responses.Previous Solutions:I didn't previously use another product but I deal with some accounts that used to use other vendors, and they were facing many issues in performance and slowness in processing events.Initial Setup:The initial setup is very easy, just like when you install an operating system, and then you do the configuration needed for your environment.Disclaimer: My company has a business relationship with this vendor other than being a customer:Prosoft is an IBM VAD (value added distributor) in Egypt.
Date published: 2017-04-12
Rated 3 out of 5 by from We can build interactive dashboards around it. Mathematical operators currently cannot be used within the reference maps. Valuable Features:The most valuable feature that we found, especially this year, was the ability to build apps over it. Basically, the platform has opened up and we can now customize it, as per our needs and requirements. We can build interactive dashboards and other interesting things around it.Improvements to My Organization:We are using QRadar to solve our business problems and the IT operation requirements. We are fine tuning the processes that are laid from the InfoSec perspective, such as to detect unauthorized changes happening across the IT environment or the business problems, namely the password sharing issues, which are not easy to detect otherwise.Room for Improvement:In future versions, the various features that we would like to see are pretty much in line with what QRadar is coming up with, like this IBM QRadar UBA version 2.0 or support for STIX/TAXII. Basically, we have similar milestones there.There are a few technical requirements that we have opened feature requests for, such as some of our complex use cases that need mathematical operators to be used within the reference maps. That's currently not available.Stability Issues:There were no stability issues.Scalability Issues:There were no scalability issues. With this Event Processor and Data Node concept, I think it is highly scalable.Technical Support:We have been facing a few technical issues and we are working with the technical support and the development team to resolve them.Sometimes we get a really good response and at times, some of the issues have been floating around for a lot of time. But our IT resources have been assigned for the same and we hope that they should be resolved easily.Initial Setup:I was involved in the setup; it was pretty straightforward. Once you understand the overall architecture, it is pretty much easy to install and work upon.Other Advice:It should be implemented by the best professionals available within IBM. It is really important to have a clean base installation, so that you can build things on the top of it.When we are selecting a vendor, first and foremost, we look for the stability of the vendor, and what level of resources they are investing in their research and development. These are a couple of things that we look for while selecting a vendor and of course, the kind of resources we are looking for to get certain engagement and make sure those resources are aligned.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-04-06
  • y_2017, m_12, d_13, h_20
  • bvseo_bulk, prod_bvrr, vn_bulk_2.0.3
  • cp_1, bvpage1
  • co_hasreviews, tv_0, tr_13
  • loc_en_US, sid_3554998, prod, sort_[SortEntry(order=SUBMISSION_TIME, direction=DESCENDING), SortEntry(order=FEATURED, direction=DESCENDING)]
  • clientName_cdwg
 
Adding to Cart...
12/14/2017 2:43:57 AM
^ Back to Top

Maximum 300 characters
An account manager will email you within one business day to confirm your request.

Your Quote has been submitted

What Happens Next? A confirmation email is on its way. Within one business day, you will be contacted by an Account Manager to finalize your quote.

Error!

Something went wrong.

Please try again later.