Likelihood to Recommend QRadar is very well suited on environments where there are not multiple tenants or domains, we do have success on this kind of scenario. IBM Security QRadar SIEM is less appropriate for environments with multiple tenants, specially when each tenant represent a different End Costumer (such as for MSSP companies), those environments require a high amount of rules and building blocks replications, since each tenant will have its own "BB definitions", servers, rules exception, etc. Also, some information, such as EPS count or EPS dropped are generated by QRadar's own log sources, which takes place on default domain, therefore users associated with different domain can not have access to those logs, even when the information is related to other domain's environment. For example, even if Event Collector 1 is associated to Domain A, the log informing its dropped EPS is generated by System notification, log source that must be associated to Default domain.
Read full review If there are a number of different protocols and devices to monitor PRTG is really an all in one solution. There are network specific solutions, telephony solutions, server solutions, etc - but this tool can do anything. Even if you don't use this tool as your main "monitoring solutions" every IT professional should have access to this tool for at least troubleshooting purposes. If you are looking for something specific built for a task you may be able to find [a] more direct and easy tool to use that would be easier and quicker to setup as customization is not needed.
Read full review Pros Enables identification and prioritization of vulnerabilities in IT infrastructure for corrective action. Facilitates security incident investigation and forensic analysis. Provides a real-time view of security events, enabling immediate incident response. Can integrate with external threat intelligence sources to enrich data and improve threat detection. Enables the generation of detailed and customized reports. Read full review Very, very configurable. You can create all kinds of monitors for all kinds of things. Plus it has loads of suggestions out of the box. It can get complicated but monitoring is complicated. Pretty decent interface and good support - active community. I really liked how easy it was to add alerts by SMS. So easy to setup. I like their sizing models (for purchase). We're actually small enough that we are free. But it's not free as in stripped down - it's free because we don't use many "sensors" and don't honestly have the need. Read full review Cons Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources. While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete. IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting. Read full review The probe service can be quite resource-intensive. This can cause false-positive readings from some sensors sometimes. The software gets updated very regularly. Whilst this is usually a good thing to fix bugs etc, it does meantime downtime of the monitoring quite often while they are installed. The ability to create Maps from Libraries. Very specific issue but a lot of people have been asking for it for years and it is still not available. Read full review Likelihood to Renew With the arrival of IBM Security QRadar SIEM at our company, we have a better vision of all the security needs that may arise, it is a very safe software to use that prevents threats from damaging our IT environment, it is impossible to change it for another software.
Read full review It is now an essential tool for monitoring and maintaining the health of our network and systems.
Read full review Usability A very special system to use without problems, the process is very genuine and does not require complicated procedures.
Read full review The tool is very intuitive to use and it is Windows-based (everybody knows how to use Windows) so it's easy to get into. Every time is setup in a hierarchy so if you have a good initial hierarchy design, it will really reduce administrative effort down the road.
Read full review Support Rating Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm
Read full review I am giving this a 6 simply because I have never had to contact support. The online documentation is adequate for most things, and the user-maintained knowledgebase is excellent. The few times I have run into issues that were not easily resolvable with intuitive UI, I was able to find the answers that I needed either in the PRTG-provided documentation, the knowledgebase, or with a quick online web search.
Read full review Alternatives Considered IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.
Read full review I have deployed and tested three products for evaluation I found [PRTG Network Monitor] very easy to deploy, the deployment literally took not more than one hour including basic configuration and network discovery. After deployment few configuration changes and creation of maps, reports and little tweaking is required. [Then] it would go through its process of recommendation that took some time to complete, while [on] other hand other software's took lot of time to install and configure. And features were also missing, which resulted in decision in favor of [PRTG Network Monitor].
Read full review Return on Investment Offense investigation was really helped in tackling the incidents. It was accurate and brief The automation with IBM resilient (SOAR) was a milestone in elimination of user mistakes The X-Force threat intelligence supported us in getting the work done without any 3rd party enterprise OSINT database Read full review The ability to analyze multiple pieces of information in one place, especially with historical data, has saved our IT department time and headaches. It would be so much more difficult to trace an issue without PRTG, just relying on event logs and an open task manager window. The cost is not cheap, so it's an expense that hits the bottom line like everything else. Figure in hardware costs as well, ideally a server outside of your main environment. I keep saying this, but the historical data piece is worth so much. There's really no good way to collect all of that information in one place without something like PRTG. And that definitely saves time and money in the long run. Read full review ScreenShots