75

IBM Security QRadar SIEM Event Capacity Increase of 2.5K EPS - license

Mfg. Part: D0V5JLL-BL | CDW Part: 2943085 | UNSPSC: 43233205
Request Pricing
Close

Have leasing questions? Let us know how can we help.

Note: Leasing is available to organizations only. Leasing is not available to individuals.
800.808.4239
Mon-Fri 7am-7:30pm CT
Availability:
Ships today if ordered within 8 hrs 59 mins
  • License + 1 Year Software Subscription and Support
  • 1 install
  • Passport Advantage Express
View More
Product Overview
Main Features
  • License + 1 Year Software Subscription and Support
  • 1 install
  • Passport Advantage Express
IBM Security QRadar products provide a security intelligence platform that integrates disparate functions including SIEM, Log Management, Configuration Monitoring, and Network Behavior Analytics into a comprehensive security intelligence solution.

Updates to IBM Security QRadar SIEM, IBM Security QRadar Log Manager, and IBM Security QRadar Network Anomaly Detection provide new capabilities in data management, visualization, and role-based access control. Updates to IBM Security QRadar Risk Manager help provide expanded support for multicontext security devices and additional networking technologies, enabling more comprehensive assessment and monitoring of large corporate networks.

Technical Specifications
Specifications are provided by the manufacturer. Refer to the manufacturer for an explanation of the print speed and other ratings.
General
Category: Security applications
Subcategory: Security - intrusion and vulnerability detection , Security - security suite

Header
Brand: IBM
Compatibility: PC
Manufacturer: IBM
Model: SIEM Event Capacity Increase of 2.5K EPS
Packaged Quantity: 1
Product Line: IBM Security QRadar

Licensing
License Pricing: Volume

Service
Support Details Full Contract Period: 1 year

Service & Support
Type: New releases update

Service & Support Details
Service Type: New releases update



Response Time: 2 hours
Service Availability (Hours a Day): Business hours
Service Type: Phone consulting



Service Availability (Days a Week): Monday-Sunday
Service Availability (Hours a Day): 24 hours a day
Service Type: Emergency phone consulting



Service Type: Web knowledge base access



Service Type: E-mail consulting

Software
Bundled Support: 1 Year Software Subscription and Support
License Category: License
License Qty: 1 install
License Type: License
Licensing Program: Passport Advantage Express

Product Reviews
Rated 4 out of 5 by 3reviewers.
Rated 4 out of 5 by It captures and processes large volumes of event data, and scales to support them in a unified database. But, it'd be good to have a default configuration to meet PCI requirements. Valuable Features:It's very helpful in meeting compliance monitoring and reporting (PCI DSS, PA DSS, ISO, SOX) requirements.Improvements to My Organization:It captures and processes large volumes of event data, and scales to support hundreds of thousands of events in one unified database.It also offers high-availability and disaster-recovery options.There's very high quality in reporting suitable to all most all compliance requirements.Room for Improvement:We use it mostly for purchases and regulatory requirements of that process. It would be good, therefore, if there was a standard configuration by default that was offered or proposed during install or configuration to meet PCI requirements, e.g. log archive duration set by default to one year for each device added.The event Information display might prioritize event ID, user, destination, source, and date/time as the first info gathered in the report.Use of Solution:We're only using the Log Manager.Disclaimer: I am a real user, and this review is based on my own experience and opinions. November 11, 2015
Rated 5 out of 5 by The dashboards give us an overview of traffic flow and pinpoint configuration issues. Valuable Features:I find that the dashboards are the most helpful to get an overview of traffic flow and issues.Improvements to My Organization:We find that reviewing Q1 Radar is very helpful to pinpoint configuration issues, as well as go back and find traffic flows from comprimised hosts.Deployment Issues:No.Stability Issues:None.Scalability Issues:N/ACustomer Service:N/ATechnical Support:N/ADisclaimer: I am a real user, and this review is based on my own experience and opinions. September 10, 2015
Rated 3 out of 5 by No matter what technology you choose the technology area is 15% of the effort. Your process’s are 85% Valuable Features:IBM Qradar is* Ease of install . Its effectively redhat6.5 with an app on top.* Automatic log source identification* Inbuilt rules and reports are comprehensive so out of the box the system does things* Recognises every log source we have added.* IBM supply a virtual image which makes the standing up of a system a small piece of work.Improvements to My Organization:IBM Qradar has great data reduction. We have several hundred million log records arrive on various of the platforms daily and have been able to tune them to alert on important things well. Very few false positives.Like any SIEM product at a very base level the system is a pattern matcher. Looking for patterns in single log messages or looking for patterns in multiple logs messages combined with flow data. It has a primary focus of Security Event Management but you can look for anything in the information flowing through the system and can alert on it. So it can be used - and we do - as a general IT event management/monitoring system.Room for Improvement:Room for improvement - IBM Qradar:* Graphing on the system is a tad course. Analytics now requires really high quality graphing to assist in pinpointing anomalies.* Need for multiple Java versions for deployment setup is a pain.* There are areas you need to have Java 7 to be able to use.(Primary need for this is to access the Deployment area)* We need to be able to handle multiple overlapping ip address areas. That is coming we know. But slowly.* When you are building this in a virtualised environment you do have a bit of difficulty accessing the GUI.Use of Solution:3.5 yearsI have used several versions of the Qradar system. Both the IBM version and the Juniper STRM OEM version.IBM I rate as 7.5/10STRM at 7/10Deployment Issues:No real issues with deploy. What it is doing is exactly what we expected. It does have a few wrinkles but that is more about where we are collecting logs from.Stability Issues:No stability issues yet.Scalability Issues:No scalability issues yet. We have sized the latest system to cope with up to 10000 eps and or only at about 4000 at the moment. Scaling is simply adding extra license as required at the moment. Easy.Customer Service:Generally excellent.Technical Support:Generally excellent.Previous Solutions:* We were using SPLUNK. Licensing does not allow you to expose Splunk screens to customers (we are an ISP and IT service provider).* Mcafee Nitro was too expensive* Arcsight takes too long to install and tuneInitial Setup:Simple:* Boot VM off ISO image.* Install license* Point logs at it* DoneOccasionally the documentation did not reflect what was happening so did need to access tech support a few times.Implementation Team:We implemented it ourselves. Initial seat of pants approach. Worked. I got my Redhat builder to spin up the two VM servers off the supplied image, licensed them, gave them the appropriate IP addresses, created the deployment (the Java 7 bit) and the system started receiving logs from the 1200 CISCO routers.ROI:We are fulfilling a government contract. Install and move to BAU has been done and it came in under the estimated budget…..so All Good.Other Solutions Considered:* Mcafee Nitro* Juniper STRM* AlienVault. Note. We would probably have used AlienVault but there was no representation in Asia Pacific at the time* TrustWaveOther Advice:* First gather your requirements* From that build a business case.* Understand that no matter what technology you choose the technology area is 15% of the effort. Your processes are 85%. No process…then 5h1t in …5h1t out.* Make sure you know your business reasons for the implementationDisclaimer: I am a real user, and this review is based on my own experience and opinions. January 15, 2015
  • 2016-10-30 T09:14:40.333-05:00
  • bvseo_lps, prod_bvrr, vn_prr_5.6
  • cp-1, bvpage1
  • co_hasreviews, tv_3, tr_3
  • loc_en_US, sid_2943085, prod, sort_default
1-3 of 3
 
Adding to Cart...
12/7/2016 7:01:09 AM
^ Back to Top

Maximum 300 characters
An account manager will email you within one business day to confirm your request.

Your Quote has been submitted

What Happens Next? A confirmation email is on its way. Within one business day, you will be contacted by an Account Manager to finalize your quote.

Error!

Something went wrong.

Please try again later.

License Selector

    The license selector is not currently available. Please try again later.