Simply the best - QRadar
February 14, 2019

Simply the best - QRadar

David Bories | TrustRadius Reviewer
Score 10 out of 10
Vetted Review

Overall Satisfaction with IBM QRadar

IBM QRadar is being used to monitor the logs of the Cisco Firewall and several AIX Logs.

Business problems addressed include detection of security risk and automation of response to aid in taking prompt action to detect sources of security using log data and new network traffic data, making investigations possible and prompt

  • Data visibility
  • Only alerts when necessary. Detects threats, identifies and prioritizes potential incidents
  • Automates response, contains threat
  • Machines require fairly high resources
  • The process of setting what is considered an offense is a bit cumbersome.
  • Variable login expiration would be appreciated
  • We are in a position to have peace knowing that we can find out about intrusions and identify access
  • Ability to search old logs
  • We can now focus on core business
IBM AIX, Red Hat Enterprise Linux (RHEL), Domino

1. IBM QRadar is suited for a scenario where there is limited administrative support.

2. Where there are multiple log sources

3. Where there are multiple clients accessing from several locations

4. Highly secure sites / Sites where security is very important

5. Can't think of any scenario where it is less appropriate - maybe a single home system

IBM Security QRadar SIEM Feature Ratings

Centralized event and log data collection
Event and log normalization/management
Deployment flexibility
Custom dashboards and workspaces