Simple, flexible architecture. Easy deployment. Out of the box rules, offenses and reports
April 10, 2019
Simple, flexible architecture. Easy deployment. Out of the box rules, offenses and reports
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with IBM QRadar
We have used IBM QRadar for more than 8 years. We collect and corelate events from Microsoft Servers, SQL, Oracle, Fortigate, Cisco ASA, Active Directory, Linux, Apache and from many other custom services. The out-of-the-box rules, offences, and reports, made SOC's lives easy and more comfortable. DSM Editor is simple and works with simple regex. Now, we integrate into IBM QRadar, Vulnerability Manager and Risk Manager from IBM. This integration helps us to view the problems with the IT infrastructure and resolve them fast. It's the solution for businesses who want to get rapid deployment and instant log visibility to meet security and compliance requirements.
- Log Sources - QRadar has a lot of built-in log source types, more than 400. If you can't find THE source, you can create your own log source with DSM Editor.
- DSM Editor - This tool is great and can help you if you have own services and you want to parse the events like you want.
- Integration with Vulnerability Manager and Risk Manager - Installation is easy and intuitive
- Built-in Rules, Offences and Reports - for new users it's a great opportunity to learn how QRadar works and how to create new rules and offences.
- Update procedure between versions, sometimes after update, something doesn't work and you need to contact support or work with command line
- SE Linux by default is disable
- Metric events can't be disabled
- Increase Security
- Compliance with standards
- Built in All in One solution
User friendly interface and easy to install and implementation. A lots of Log source types ( more than 400) and DSM Editor with standard regexp. Demo version IBM Qradar CE help to practice and learn how it's work and allow you to test scripts before applying them on deployment infrastructure.