IBM Security QRadar is security information and event management (SIEM) Software.
N/A
Symantec Critical System Protection
Score 10.0 out of 10
N/A
Symantec Critical System Protection is a lightweight behavioral hardening engine purpose-built to protect legacy, EOL systems and embedded devices, by adding layers of defense at the kernel level to prevent unhygenic operations on IoT devices and machines.
QRadar is very well suited on environments where there are not multiple tenants or domains, we do have success on this kind of scenario. IBM Security QRadar SIEM is less appropriate for environments with multiple tenants, specially when each tenant represent a different End Costumer (such as for MSSP companies), those environments require a high amount of rules and building blocks replications, since each tenant will have its own "BB definitions", servers, rules exception, etc. Also, some information, such as EPS count or EPS dropped are generated by QRadar's own log sources, which takes place on default domain, therefore users associated with different domain can not have access to those logs, even when the information is related to other domain's environment. For example, even if Event Collector 1 is associated to Domain A, the log informing its dropped EPS is generated by System notification, log source that must be associated to Default domain.
Symantec Critical System Protection (CSP) is very well suited for environments that do not change such as point of sale systems and critical servers. This product is spectacular at protecting end of life operating systems when supporting legacy software prevents upgrades. When security updates are no longer available, CSP will prevent exploits and other malware from taking advantage. This product is not well suited for systems that require a lot of changes. For one, it does not notify when a change has been blocked by CSP, causing some server administrators to waste many hours chasing a phantom technical problem when turning off CSP could have solved it right away. Also, profiling takes time so systems that constantly change would need hundreds of exceptions made.
Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.
While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.
IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.
With the arrival of IBM Security QRadar SIEM at our company, we have a better vision of all the security needs that may arise, it is a very safe software to use that prevents threats from damaging our IT environment, it is impossible to change it for another software.
Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm
They respond quickly and efficiently without the need to reiterate the actual issue. Their backline support is amazing and always there for us when it is needed. They explain the troubleshooting steps taken and what they did to help us resolve the issue just incase it creeps up again we have the information to correct it ourselves.
IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.
We evaluated Bit 9 and you have more flexibility with the rule set and do not rely on the cloud to tell you what is approved and not approved. You build out the policies the way you need them to be and who better knows the environment that the people that work it daily.
