IBM Security QRadar SIEM All-in-One Virtual 3190 - license + 1 Year Softwar

Mfg.Part: D0WSCLL-BL | CDW Part: 2959447 | UNSPSC: 43233205
Availability: In Stock
$20,851.99 Advertised Price
Advertised Price
Lease Option ($612.21/month) Lease Price Information
Note: Leasing is available to businesses only. Leasing is not available to individuals.
Product Details
  • License + 1 Year Software Subscription and Support
  • 1 install
  • Passport Advantage Express
View Full Product Details
Better Together
IBM Security QRadar SIEM All-in-One Virtual 3190 - license + 1 Year Softwar
Quick View
Total Price:

Product Overview

Main Features
  • License + 1 Year Software Subscription and Support
  • 1 install
  • Passport Advantage Express
IBM Security QRadar products provide a security intelligence platform that integrates disparate functions including SIEM, Log Management, Configuration Monitoring, and Network Behavior Analytics into a comprehensive security intelligence solution.

Updates to IBM Security QRadar SIEM, IBM Security QRadar Log Manager, and IBM Security QRadar Network Anomaly Detection provide new capabilities in data management, visualization, and role-based access control. Updates to IBM Security QRadar Risk Manager help provide expanded support for multicontext security devices and additional networking technologies, enabling more comprehensive assessment and monitoring of large corporate networks.

IBM Security QRadar SIEM All-in-One Virtual 3190 - license + 1 Year Softwar is rated 4.2 out of 5 by 20.
Rated 4 out of 5 by from Enables us to stop and detect vulnerabilities What is our primary use case?The primary use of the solution in our deployment was for threat detection.What is most valuable?The first feature that I love to demonstrate for my customers is the fact that the vulnerability manager is integrated in QRadar SIEM. This lets us stop and detect vulnerability. The reports provide many methods to fix it. The circumvention method and the patch method is perfected very well in the QRadar area.The second valuable feature is when we get events and make the correlation or rules. In IBM, we can implement our customer's rules. We can have very clear status threats and severity of antigens. The other fact I love about IBM is that we can integrate many other tiers solutions, such as Carbon Black and other plans.What needs improvement?The interface is very old. IBM should remake it into a more modern interface. I think this is the only thing they should improve on.Another feature that would be nice is if it's possible to integrate some of the application style and configuration that is currently not easy to set up in the product. If it's possible to do that, it would be a major improvement.In fact, I never got a road map to bring you from zero to the end. There should be information everywhere, from YouTube to any other places. It was very complicated to organize all the information in my head.For how long have I used the solution?We've been using IBM QRadar for one and half years.What do I think about the stability of the solution?It's very stable. The only issue we can report about is a system issue. When the partition is full, the whole system shuts down. If some partition of the logs is not in QRadar, maybe we can't find any solution to do this from QRadar.In fact, we observed that sometimes the systems are going down when a partition is up to 90%. This issue is related to Red Hat, also we observed this issue relating to logs TOMCAT, the /var/log be up to 100% quickly.What do I think about the scalability of the solution?In my experience the upgrade, it could lead to some misconfiguration. We had this experience of disruption when upgrading the 7.2.7 to 7.2.9 and then 7.3.0.We observed that some application and configuration needs to be redone. The scalability at this moment, because it's an older version, has some issues. Otherwise, I think scalability is excellent.How are customer service and technical support?We don't use IBM Support. We communicate with Morocco Teams about this. When I have an issue, I post it and ask for the community, because I have an account in the IBM Community. The community is very, very knowledgeable and strong.How was the initial setup?The setup is really very easy. It takes a few hours. The integration, orchestrating all the components to send logs to, etc., is very, very complicated. In the last setup we did for our customer, it took us four months to integrate. The setup, on the other hand, took only half a day.What other advice do I have?The first advice I give my customers before buying SIEM is: "You should understand the solution well before starting the implementation." If they don't understand the solution, they will never be able to use it correctly. This is the first piece. The second point is that they will resist the change made to the setup installation. If they look for the solution, QRadar ATM is the best.I would rate this solution as nine out of ten. I think there is no perfect product; maybe there will never be a perfect product. When I started to learn IBM QRadar, it was complicated to me in the beginning, because we did the installation for the customer. It is complicated, and the meaning and training were not very clear.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partner.
Date published: 2019-06-27
Rated 4 out of 5 by from Analytics and reporting of user behavior helps to find anomalies and suspicious events What is our primary use case?Our primary use for this solution is to collect and correlate our logs. We also create appropriate alarms based on the contents of the logs.How has it helped my organization?This solution provides me with various alarms, and I have found security issues with some of my other products. We also have some special correlation rules that give me information about mail servers, websites, and other user behavior.What is most valuable?The most valuable feature is user-behavior analytics, where it will create logs based on the users' behavior and report suspicious events or other anomalies. I am working with the data analytics so it is a very good one for what I am doing.What needs improvement?There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic. There is no need for so much manual configuration. For example, it should be able to automatically create at least some of the rules that are suitable for our environment.The solution has a good user interface, but it could be further developed. I have used other products that are more user-friendly. I would rate the user interface a six out of ten.For how long have I used the solution?Between three and five years.What do I think about the stability of the solution?We have not experienced any bugs or vulnerabilities, so the stability seems to be fine.What do I think about the scalability of the solution?The scalability seems great.We have five hundred people in our company. All of them are end-users, except for myself and one of my colleagues who are administrators. We have more that one hundred assets, such as databases, that are monitored by this solution.How are customer service and technical support?I have never used technical support for this solution.How was the initial setup?The initial setup for this solution is very easy. It is an image file, and we haven't had any difficulties in the setup. After installation, there are many things to do. Again, the difficult part is the configuration of the product.The installation period was very short, at perhaps one or two weeks. The configuration takes six months or more.What about the implementation team?We have a technology company, and we are working with them for deployment and maintenance. They spend one or two hours per week maintaining this solution.What was our ROI?We have not calculated ROI.Which other solutions did I evaluate?I am familiar with products from other vendors, such as McAfee. We specifically evaluated Splunk, which is a good solution but there is no local partner in Turkey for support. Having a local partner is very important to us.We chose this solution because we have a good relationship with IBM, and they are able to provide us with local support.What other advice do I have?There are many good products and solutions on the market, but for implementation and maintenance, I can say that the most important thing is local support.We do not have any issues with this product, and we have seen the benefits of it. It is easily configured and installed, and we have a local team to support it. It does have issues in terms of user experience, however.I would rate this solution an eight out of ten.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-06-26
Rated 4 out of 5 by from Enchances Security Through Vulnerability Management and Increased Visibility What is our primary use case?I'm the technical consultant here at ActivEdge Technologies. Our primary use case for this solution is for Security Intelligence and Event Monitoring ( /categories/event-monitoring ) (SIEM ( /categories/security-information-and-event-management-siem )) p. We provide protection services models for an organization's networks through a sophisticated technology which permits a proactive security posture. We have a business relationship with IBM QRadar ( /products/ibm-qradar-reviews ) as well as being a partner. We are a partner and we also use this feature. It's an integrated solution. We design it to be compatible with our client's network devices to maintain real-time monitoring through a centralized console. Our clients rely on us to create value.How has it helped my organization?QRadar ( /products/ibm-qradar-reviews ) has significantly improved our security. It has reduced threats considerably. The solution provides increased visibility along with actionable intelligence. We are looking into implementing it to proactively take steps to prevent or reduce the attacks.What is most valuable?The most valuable features would have to be the products' ability to customize vulnerability management settings and the ability to customize integration functions.What needs improvement?I can't see any need for service improvements because I feel it's easy to use and very functional as it is. There could be improvements made to the UI, the user interface. Though the newer version, 7.3.2, might already have this improvement in place.For how long have I used the solution?One to three years.What do I think about the stability of the solution?It's very stable. We never need much help with that.What do I think about the scalability of the solution?The solution is very scalable; it's designed to be, it's distributed architecture. It's entirely scalable.Currently, there are five domain users working with this solution. We don't have visibility on our end user count due to the fact that end users don't need to log on to the application.Our maintenance needs require just one experienced QRadar analyst to moderate.How are customer service and technical support?Technical support has proven to be very helpful.How was the initial setup?The initial setup wasn't straightforward. The setup is situation specific.The deployment for us took about 3 months.What about the implementation team?Implementation was done in-house.What was our ROI?What other advice do I have?I think this product adds significant value to organizations seeking a scalable, security integration tool. It does a great job of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities. It's a good solutionOn a scale of 1 - 10, 10 being the best, I give this product a rating of 9.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-05-01
Rated 4 out of 5 by from Alerts Us About Events in our Network Environment What is our primary use case?We are a partner with IBM. We have a scenario and simulation that people visit. What we are doing for our clients is just a simulation for them.Then we resolve the issue using IBM QRadar ( /products/ibm-qradar-reviews ) that they are facing.How has it helped my organization?We have integrated IBM QRadar ( /products/ibm-qradar-reviews ) with our firewall and some services that we use. When the logs are about to get full of skill, IBM QRadar makes a notification.The admin knows that they're about to get full so he just goes and clears them out. That is when we usually use IBM QRadar.On our firewall, when the issue notifications are generated, we don't usually open the firewall but QRadar alerts us about what went down in our environment.What is most valuable?The most valuable feature of IBM QRadar is its slow control and even activation. I also like the post notifications on the screen.What needs improvement?I guess the quoting and the dashboard session of IBM QRadar could be improved. It should be more user-friendly, I suppose. I think that would be enough.Otherwise, the overall functionality of IBM QRadar is superb. A better GUI and reporting both would be good additions to the product.For how long have I used the solution?Less than one year.What do I think about the stability of the solution?IBM QRadar is very stable. It doesn't have many errors involved.What do I think about the scalability of the solution?IBM QRadar is easy to scale. We can integrate other devices if we want to. We could go to distributed architecture instead, but we like this product.IBM QRadar is easy to scale, it doesn't affect the environment. In our office, we have around 40 - 50 users, but our clients have more users on their networks.Our organization has staff in the software department that manages IBM QRadar for us. The security division just manages the login.Overall, only two to three staff are required for the management of IBM QRadar. They are more than enough to control the situation because most of it is easy.We definitely have plans to increase our current usage of the solution in the future.How are customer service and technical support?Technical support from IBM is not that good here in this region. It's quite helpful in that case to have local support. They don't have much expertise in this product.We usually have to go to IBM to resolve the issues if we have them because the overall product is a bit complex.There are not many local resources here in this region with expertise in IBM QRadar.If you previously used a different solution, which one did you use and why did you switch?We did use other solutions. I did a regional partner focus on QRadar to implement IBM solutions.How was the initial setup?The initial setup of IBM QRadar is straightforward. It's very easy. I think anyone can install it within minutes.The deployment of IBM QRadar takes around 20 to 25 minutes if you have a good hard drive.What about the implementation team?We just deploy IBM QRadar ourselves. We have technicians. We bill the client and do the installation on our own, along with other IBM productsWhat's my experience with pricing, setup cost, and licensing?About the licensing cost for QRadar, we have it on a yearly basis. It's for deployment. If the client wants more services, we support the license. No other cost for the product.Which other solutions did I evaluate?When I joined the company we were already partners with IBM. I didn't have much experience with other products.What other advice do I have?I'll recommend IBM QRadar because of the security features and the organization. I can recommend the security. Security is nowadays an essential part of IBM QRadar.IBM QRadar is probably the best possible solution in the market. I would rate it 8/10.Disclaimer: I work for the vendor.
Date published: 2019-04-19
Rated 4 out of 5 by from Enables us to handle the most critical attacks and integrates well with other solutions What is our primary use case?We are using it for SIEM ( /categories/security-information-and-event-management-siem ), for Security Information and Event Management ( /categories/event-monitoring ). We're gathering the logs and doing analytics on how we are going to react to security incidents.How has it helped my organization?With QRadar ( /products/ibm-qradar-reviews ) we managed to focus on the more critical incidents that we have experienced. As a result, we have managed to decrease the most critical incidents, most critical attacks. Now we're focusing on the ones that are not too heavy, not too critical. As of the moment, we are more secure than before.What is most valuable?One of the most valuable features is its ability to integrate with other solutions. In our current setup, we need a holistic view of our network to provide better service. Therefore, integration with our security tools and infrastructure is a must. We managed to get our NGFW, Endpoint Security ( /products/check-point-endpoint-security-reviews ), network servers, compliance tools and others to integrate with QRadar ( /products/ibm-qradar-reviews ) which enables our team to better understand what is happening in our network and respond accordingly.What needs improvement?The first area for improvement is the cost. It's a little bit too expensive for us.Also, initially it was difficult to understand or to grasp, but once you get the hang of it is easier to understand and to analyze. So the main problems are its cost, the maintenance cost, and the fact that it takes some time to learn how to use it.In terms of additional features, a mobile app would be nice. Also, the reporting is definitely okay, but you have to make sure that everybody with different roles can understand it. There is room for improvement in the reporting.For how long have I used the solution?One to three years.What do I think about the stability of the solution?It's very robust. If it fails it does not really harm the network. It just gathers information and that's the important part. It has not failed, it's been working since day one so there is no problem. As long as the server that you install it on is working fine, it's very reliable. It's very stable.What do I think about the scalability of the solution?It's also scalable yes. You can adjust the number of devices it communicates with so there is no problem with scalability.How are customer service and technical support?I have not yet contacted technical support. I have not encountered any problems. So far, we have had no need for them. We have just fixed things ourselves.If you previously used a different solution, which one did you use and why did you switch?We did not use any solutions before QRadar.How was the initial setup?It's straightforward. We just had to connect it to our servers, to our security solutions, and that was it. Everything was already communicating.We are just a small company, so the deployment did not take that long, about a month to a month-and-a-half. It didn't involve too much downtime since we're just monitoring a few servers and a couple of security tools.What about the implementation team?We are directly in touch with IBM and we have an IBM security specialist. He usually gives us pointers and he's the one who also gave us a little bit of training and knowledge transfer.What's my experience with pricing, setup cost, and licensing?It's too expensive. The licensing is also a little bit difficult to understand because you have to license it per event and per number of flows. So you have to understand the difference between a flow and an event, and then you have to forward that to the resellers, the distributors, and to IBM. That part took a long time for us. Now we're adjusted to the process.Which other solutions did I evaluate?We did evaluate some, like LogRhythm ( /products/logrhythm-nextgen-siem-reviews ). We found that LogRhythm ( /products/logrhythm-nextgen-siem-reviews ) was more difficult to understand because it was a little bit too static. I believe they have already improved but, as of the moment, we are still happy with QRadar.What other advice do I have?My advice is to take your time. It depends on your network, on what you want to gather information from. Make sure that the networking and the cybersecurity teams are working towards a common goal. The solution is very much worth it. You can gather all the information that you need as long as you know first what you need.This solution is mainly for the Security Operations Center, so there are just three or four users. But it's one of the key tools for us to identify threats and attacks. The users are security operations analysts and threat hunters.In our case, deployment and maintenance requires just a few people. They are the network administrators and our cybersecurity engineers.At the moment we have no plans to increase usage. If the company grows, usage should grow as well. The company is growing but, as of the moment, we are planning for expansion. That's why the solutions that we carry are already built for expansion for the next three to five years.I would rate QRadar at eight out of ten. It's not perfect and the big issues would be the price and it that it takes some time to understand it. But so far, it's one of the best solutions out there.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partner.
Date published: 2019-04-10
Rated 4 out of 5 by from Helps us to discover any threats with their alerts and tracking How has it helped my organization?It helps us discover any threats with their alerts and tracking.What is most valuable?QNI is the most valuable feature.What needs improvement?I would like for them to lower the price.For how long have I used the solution?One to three years.What do I think about the stability of the solution?The system is quite stable, so far we haven't had any problems. Although the initial supply of the appliance was a bit faulty, the processor kept on failing. We were within the warranty so they supplied new ones. After loading logs, the system is very stable and nothing to worry about.What do I think about the scalability of the solution?It's very scalable. There are currently five users. We may still onboard more users depending on the requirements and their departmental level.We do plan to increase usage.How are customer service and technical support?Their support is excellent, they are available when we need them. I'm satisfied so far.How was the initial setup?The initial setup wasn't exactly straightforward but the vendor who set it up for was helpful. It was very straightforward with their help. The deployment took two months.We require two admins for maintenance.What about the implementation team?We used our own people and the certified IBM vendor for the implementation. We had a very good experience with them.What's my experience with pricing, setup cost, and licensing?We do licenses once a year.Which other solutions did I evaluate?We also looked at LogRhythm ( /products/logrhythm-nextgen-siem-reviews ).What other advice do I have?I would advise someone considering this solution to write down your use cases and evaluate them with the vendor. Evaluate the best solution based on your use cases because you are the ones who are going to use it. The vendor will try and implement and leave you with your problems.If the solution meets your requirements and solves most of your problems, you're good to go. QRadar ( /products/ibm-qradar-reviews ) is the best solution we have. The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not always straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference.I would rate it an eight out of ten.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-04-05
Rated 4 out of 5 by from It is really helpful to us from the compliance point of view. What is our primary use case?The primary use case for us is the plug and play implementation and it is pretty easy to set it up, and scale up the SIEM. It has a kind of a functionality to it.How has it helped my organization?It is really helpful to us from the compliance point of view. Whenever we had an external lawyer come in, he used to ask us for the data retention and log retention. So, QRadar could put out reports that could audit for us within the log collections. It was very helpful for us to meet compliance requirements.In addition, it is a helpful solution for forensic analysis. It will easily perform Google type searches and get the logs searched easily. This is really helpful for us, and gives us a quicker investigation.What is most valuable?The most valuable feature is that it is a one stop solution for many things. It is a manager for vulnerability, functionality, packet filtering, packet analysis and log analysis.What needs improvement?They have introduced a lot of different suite of products and functionalities and that sometimes leads to confusion among the customers. There are a lot of options to provided and then I need to decide, what is my requirement, and what is my desire. I may be tempted to have a particular feature, but I have to decide whether it is relevant or not.For how long have I used the solution?More than five years.What do I think about the stability of the solution?The stability is very good. There is not a single point lacking in terms of stability. And, I have never faced technical issues.What do I think about the scalability of the solution?The scalability is good, especially with the introduction of data nodes. As of now, it is not a problem.How is customer service and technical support?The tech support is not that good. They often rely on their learned knowledge base, instead of getting their hands dirty upon the actual case issues. They just think of the traditional approach of "OK, try this, or that." Obviously, we already know which steps to follow, we need for them to come up with some out-of-the-box solutions. This delays the process of finding a solution to the problem. Unfortunately, this happens a lot.Which solutions did we use previously?I previously used Splunk. And, we considered Sumo Logic, which has a similar kind of functionality. But, they are still in a very premature stage in terms of the product development.How was the initial setup?The initial setup was straightforward. It was not complex or difficult. It is not complicated.What's my experience with pricing, setup cost, and licensing?The cost of this product is expensive.What other advice do I have?If you are a medium to large size enterprise, you can surely consider IBM as one of the major contenders for your selection. If you are a small enterprise, QRadar may be too much for you, it may be too complex.When deciding on a solution, we always consider:* Cost-benefit* Shelf-life of the solution* Security of the solutionDisclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2018-11-08
Rated 5 out of 5 by from Built-in rules are enabled by default and tunable to meet the specific needs of each organization. Valuable Features:* Correlation Rule Engine, built-in use cases: QRadar has the highest number of built-in use cases among any SIEM on the market. There are many built-in rules that are enabled by default and easily tunable to meet the specific needs of each organization. The correlation engine automates what is a manual process for many SIEM platforms.* Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered.* QRadar Vulnerability Management: Built-in vulnerability scanner or leverage for other supported scanners to either schedule a scan and/or import the results from a scan. Importing the results enriches the assets profile database to quickly identify assets that have known vulnerabilities.* X-Force Threat Intelligence: Threat intelligence IP reputation feed which leverages a series of international data centers to collect tens of thousands of malware samples, to analyze web pages and URLs, and to run analysis to categorize potentially malicious IP addresses and URLs.* App Exchange: Many vendors have written apps to enhance QRadar. The apps are free and enhance your SIEM experience by adding rules and custom event properties. In some cases a new tab. You will need to have purchased the third party solution. For example, if you have Palo Alto or Blue Coat, there's a free app for better integration.Improvements to My Organization:As a Professional Services consultant, I have heard many reports of how QRadar SIEM has quickly identified offenses which the users were unaware of previously. In addition to giving CISO’s gained visibility and increasing security posture, QRadar adheres to many compliance regulations across vertical industries.Room for Improvement:Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules.Use of Solution:We have been using the solution for four years.Deployment Issues:NoStability Issues:We did not encounter any issues with stability.Scalability Issues:We did not encounter any issues with scalability.Technical Support:The technical support is very good.Previous Solutions:We had limited experience with RSA enVision, LogRhythm, and HPE ArcSight. QRadar is much easier and takes less time to implement and maintain.Initial Setup:The initial setup was straightforward.Pricing, Setup Cost and Licensing:Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.Other Solutions Considered:We did not evaluate any other options.Other Advice:All SIEMs have a certain degree of complexity, especially where use cases and rules are concerned. I advise using Professional Services so your SIEM is configured by trained professionals.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are a business partner of IBM.
Date published: 2017-09-03
  • y_2019, m_7, d_19, h_16
  • bvseo_bulk, prod_bvrr, vn_bulk_2.0.12
  • cp_1, bvpage1
  • co_hasreviews, tv_0, tr_20
  • loc_en_US, sid_2959447, prod, sort_[SortEntry(order=SUBMISSION_TIME, direction=DESCENDING), SortEntry(order=FEATURED, direction=DESCENDING)]
  • clientName_cdw