IBM Security QRadar SIEM Flow Capacity Increase from 25K to 50K FPM - licen

Mfg.Part: D0WUCLL | CDW Part: 4105533 | UNSPSC: 43233205
Availability: In Stock
Warranties
$47,694.99 Advertised Price
Advertised Price
Lease Option ($1374.09/month) Lease Price Information
Note: Leasing is available to businesses only. Leasing is not available to individuals.
Product Details
  • License + 1 Year Software Subscription and Support
  • 1 install
  • Passport Advantage Express
View Full Product Details
Better Together
IBM Security QRadar SIEM Flow Capacity Increase from 25K to 50K FPM - licen
Quick View
Total Price:

Product Overview

Main Features
  • License + 1 Year Software Subscription and Support
  • 1 install
  • Passport Advantage Express
IBM Security QRadar SIEM consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. It performs immediate normalization and correlation activities on raw data to distinguish real threats from false positives. As an option, this software incorporates IBM Security X-Force Threat Intelligence which supplies a list of potentially malicious IP addresses including malware hosts, spam sources and other threats. IBM Security QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritize security incidents.

IBM Security QRadar SIEM Flow Capacity Increase from 25K to 50K FPM - licen is rated 4.2 out of 5 by 18.
Rated 4 out of 5 by from Enchances Security Through Vulnerability Management and Increased Visibility What is our primary use case?I'm the technical consultant here at ActivEdge Technologies. Our primary use case for this solution is for Security Intelligence and Event Monitoring ( /categories/event-monitoring ) (SIEM ( /categories/security-information-and-event-management-siem )) p. We provide protection services models for an organization's networks through a sophisticated technology which permits a proactive security posture. We have a business relationship with IBM QRadar ( /products/ibm-qradar-reviews ) as well as being a partner. We are a partner and we also use this feature. It's an integrated solution. We design it to be compatible with our client's network devices to maintain real-time monitoring through a centralized console. Our clients rely on us to create value.How has it helped my organization?QRadar ( /products/ibm-qradar-reviews ) has significantly improved our security. It has reduced threats considerably. The solution provides increased visibility along with actionable intelligence. We are looking into implementing it to proactively take steps to prevent or reduce the attacks.What is most valuable?The most valuable features would have to be the products' ability to customize vulnerability management settings and the ability to customize integration functions.What needs improvement?I can't see any need for service improvements because I feel it's easy to use and very functional as it is. There could be improvements made to the UI, the user interface. Though the newer version, 7.3.2, might already have this improvement in place.For how long have I used the solution?One to three years.What do I think about the stability of the solution?It's very stable. We never need much help with that.What do I think about the scalability of the solution?The solution is very scalable; it's designed to be, it's distributed architecture. It's entirely scalable.Currently, there are five domain users working with this solution. We don't have visibility on our end user count due to the fact that end users don't need to log on to the application.Our maintenance needs require just one experienced QRadar analyst to moderate.How are customer service and technical support?Technical support has proven to be very helpful.How was the initial setup?The initial setup wasn't straightforward. The setup is situation specific.The deployment for us took about 3 months.What about the implementation team?Implementation was done in-house.What was our ROI?What other advice do I have?I think this product adds significant value to organizations seeking a scalable, security integration tool. It does a great job of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities. It's a good solutionOn a scale of 1 - 10, 10 being the best, I give this product a rating of 9.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-05-01
Rated 4 out of 5 by from Alerts Us About Events in our Network Environment What is our primary use case?We are a partner with IBM. We have a scenario and simulation that people visit. What we are doing for our clients is just a simulation for them.Then we resolve the issue using IBM QRadar ( /products/ibm-qradar-reviews ) that they are facing.How has it helped my organization?We have integrated IBM QRadar ( /products/ibm-qradar-reviews ) with our firewall and some services that we use. When the logs are about to get full of skill, IBM QRadar makes a notification.The admin knows that they're about to get full so he just goes and clears them out. That is when we usually use IBM QRadar.On our firewall, when the issue notifications are generated, we don't usually open the firewall but QRadar alerts us about what went down in our environment.What is most valuable?The most valuable feature of IBM QRadar is its slow control and even activation. I also like the post notifications on the screen.What needs improvement?I guess the quoting and the dashboard session of IBM QRadar could be improved. It should be more user-friendly, I suppose. I think that would be enough.Otherwise, the overall functionality of IBM QRadar is superb. A better GUI and reporting both would be good additions to the product.For how long have I used the solution?Less than one year.What do I think about the stability of the solution?IBM QRadar is very stable. It doesn't have many errors involved.What do I think about the scalability of the solution?IBM QRadar is easy to scale. We can integrate other devices if we want to. We could go to distributed architecture instead, but we like this product.IBM QRadar is easy to scale, it doesn't affect the environment. In our office, we have around 40 - 50 users, but our clients have more users on their networks.Our organization has staff in the software department that manages IBM QRadar for us. The security division just manages the login.Overall, only two to three staff are required for the management of IBM QRadar. They are more than enough to control the situation because most of it is easy.We definitely have plans to increase our current usage of the solution in the future.How are customer service and technical support?Technical support from IBM is not that good here in this region. It's quite helpful in that case to have local support. They don't have much expertise in this product.We usually have to go to IBM to resolve the issues if we have them because the overall product is a bit complex.There are not many local resources here in this region with expertise in IBM QRadar.If you previously used a different solution, which one did you use and why did you switch?We did use other solutions. I did a regional partner focus on QRadar to implement IBM solutions.How was the initial setup?The initial setup of IBM QRadar is straightforward. It's very easy. I think anyone can install it within minutes.The deployment of IBM QRadar takes around 20 to 25 minutes if you have a good hard drive.What about the implementation team?We just deploy IBM QRadar ourselves. We have technicians. We bill the client and do the installation on our own, along with other IBM productsWhat's my experience with pricing, setup cost, and licensing?About the licensing cost for QRadar, we have it on a yearly basis. It's for deployment. If the client wants more services, we support the license. No other cost for the product.Which other solutions did I evaluate?When I joined the company we were already partners with IBM. I didn't have much experience with other products.What other advice do I have?I'll recommend IBM QRadar because of the security features and the organization. I can recommend the security. Security is nowadays an essential part of IBM QRadar.IBM QRadar is probably the best possible solution in the market. I would rate it 8/10.Disclaimer: I work for the vendor.
Date published: 2019-04-19
Rated 4 out of 5 by from Enables us to handle the most critical attacks and integrates well with other solutions What is our primary use case?We are using it for SIEM ( /categories/security-information-and-event-management-siem ), for Security Information and Event Management ( /categories/event-monitoring ). We're gathering the logs and doing analytics on how we are going to react to security incidents.How has it helped my organization?With QRadar ( /products/ibm-qradar-reviews ) we managed to focus on the more critical incidents that we have experienced. As a result, we have managed to decrease the most critical incidents, most critical attacks. Now we're focusing on the ones that are not too heavy, not too critical. As of the moment, we are more secure than before.What is most valuable?One of the most valuable features is its ability to integrate with other solutions. In our current setup, we need a holistic view of our network to provide better service. Therefore, integration with our security tools and infrastructure is a must. We managed to get our NGFW, Endpoint Security ( /products/check-point-endpoint-security-reviews ), network servers, compliance tools and others to integrate with QRadar ( /products/ibm-qradar-reviews ) which enables our team to better understand what is happening in our network and respond accordingly.What needs improvement?The first area for improvement is the cost. It's a little bit too expensive for us.Also, initially it was difficult to understand or to grasp, but once you get the hang of it is easier to understand and to analyze. So the main problems are its cost, the maintenance cost, and the fact that it takes some time to learn how to use it.In terms of additional features, a mobile app would be nice. Also, the reporting is definitely okay, but you have to make sure that everybody with different roles can understand it. There is room for improvement in the reporting.For how long have I used the solution?One to three years.What do I think about the stability of the solution?It's very robust. If it fails it does not really harm the network. It just gathers information and that's the important part. It has not failed, it's been working since day one so there is no problem. As long as the server that you install it on is working fine, it's very reliable. It's very stable.What do I think about the scalability of the solution?It's also scalable yes. You can adjust the number of devices it communicates with so there is no problem with scalability.How are customer service and technical support?I have not yet contacted technical support. I have not encountered any problems. So far, we have had no need for them. We have just fixed things ourselves.If you previously used a different solution, which one did you use and why did you switch?We did not use any solutions before QRadar.How was the initial setup?It's straightforward. We just had to connect it to our servers, to our security solutions, and that was it. Everything was already communicating.We are just a small company, so the deployment did not take that long, about a month to a month-and-a-half. It didn't involve too much downtime since we're just monitoring a few servers and a couple of security tools.What about the implementation team?We are directly in touch with IBM and we have an IBM security specialist. He usually gives us pointers and he's the one who also gave us a little bit of training and knowledge transfer.What's my experience with pricing, setup cost, and licensing?It's too expensive. The licensing is also a little bit difficult to understand because you have to license it per event and per number of flows. So you have to understand the difference between a flow and an event, and then you have to forward that to the resellers, the distributors, and to IBM. That part took a long time for us. Now we're adjusted to the process.Which other solutions did I evaluate?We did evaluate some, like LogRhythm ( /products/logrhythm-nextgen-siem-reviews ). We found that LogRhythm ( /products/logrhythm-nextgen-siem-reviews ) was more difficult to understand because it was a little bit too static. I believe they have already improved but, as of the moment, we are still happy with QRadar.What other advice do I have?My advice is to take your time. It depends on your network, on what you want to gather information from. Make sure that the networking and the cybersecurity teams are working towards a common goal. The solution is very much worth it. You can gather all the information that you need as long as you know first what you need.This solution is mainly for the Security Operations Center, so there are just three or four users. But it's one of the key tools for us to identify threats and attacks. The users are security operations analysts and threat hunters.In our case, deployment and maintenance requires just a few people. They are the network administrators and our cybersecurity engineers.At the moment we have no plans to increase usage. If the company grows, usage should grow as well. The company is growing but, as of the moment, we are planning for expansion. That's why the solutions that we carry are already built for expansion for the next three to five years.I would rate QRadar at eight out of ten. It's not perfect and the big issues would be the price and it that it takes some time to understand it. But so far, it's one of the best solutions out there.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partner.
Date published: 2019-04-10
Rated 4 out of 5 by from Helps us to discover any threats with their alerts and tracking How has it helped my organization?It helps us discover any threats with their alerts and tracking.What is most valuable?QNI is the most valuable feature.What needs improvement?I would like for them to lower the price.For how long have I used the solution?One to three years.What do I think about the stability of the solution?The system is quite stable, so far we haven't had any problems. Although the initial supply of the appliance was a bit faulty, the processor kept on failing. We were within the warranty so they supplied new ones. After loading logs, the system is very stable and nothing to worry about.What do I think about the scalability of the solution?It's very scalable. There are currently five users. We may still onboard more users depending on the requirements and their departmental level.We do plan to increase usage.How are customer service and technical support?Their support is excellent, they are available when we need them. I'm satisfied so far.How was the initial setup?The initial setup wasn't exactly straightforward but the vendor who set it up for was helpful. It was very straightforward with their help. The deployment took two months.We require two admins for maintenance.What about the implementation team?We used our own people and the certified IBM vendor for the implementation. We had a very good experience with them.What's my experience with pricing, setup cost, and licensing?We do licenses once a year.Which other solutions did I evaluate?We also looked at LogRhythm ( /products/logrhythm-nextgen-siem-reviews ).What other advice do I have?I would advise someone considering this solution to write down your use cases and evaluate them with the vendor. Evaluate the best solution based on your use cases because you are the ones who are going to use it. The vendor will try and implement and leave you with your problems.If the solution meets your requirements and solves most of your problems, you're good to go. QRadar ( /products/ibm-qradar-reviews ) is the best solution we have. The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not always straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference.I would rate it an eight out of ten.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-04-05
Rated 4 out of 5 by from It is really helpful to us from the compliance point of view. What is our primary use case?The primary use case for us is the plug and play implementation and it is pretty easy to set it up, and scale up the SIEM. It has a kind of a functionality to it.How has it helped my organization?It is really helpful to us from the compliance point of view. Whenever we had an external lawyer come in, he used to ask us for the data retention and log retention. So, QRadar could put out reports that could audit for us within the log collections. It was very helpful for us to meet compliance requirements.In addition, it is a helpful solution for forensic analysis. It will easily perform Google type searches and get the logs searched easily. This is really helpful for us, and gives us a quicker investigation.What is most valuable?The most valuable feature is that it is a one stop solution for many things. It is a manager for vulnerability, functionality, packet filtering, packet analysis and log analysis.What needs improvement?They have introduced a lot of different suite of products and functionalities and that sometimes leads to confusion among the customers. There are a lot of options to provided and then I need to decide, what is my requirement, and what is my desire. I may be tempted to have a particular feature, but I have to decide whether it is relevant or not.For how long have I used the solution?More than five years.What do I think about the stability of the solution?The stability is very good. There is not a single point lacking in terms of stability. And, I have never faced technical issues.What do I think about the scalability of the solution?The scalability is good, especially with the introduction of data nodes. As of now, it is not a problem.How is customer service and technical support?The tech support is not that good. They often rely on their learned knowledge base, instead of getting their hands dirty upon the actual case issues. They just think of the traditional approach of "OK, try this, or that." Obviously, we already know which steps to follow, we need for them to come up with some out-of-the-box solutions. This delays the process of finding a solution to the problem. Unfortunately, this happens a lot.Which solutions did we use previously?I previously used Splunk. And, we considered Sumo Logic, which has a similar kind of functionality. But, they are still in a very premature stage in terms of the product development.How was the initial setup?The initial setup was straightforward. It was not complex or difficult. It is not complicated.What's my experience with pricing, setup cost, and licensing?The cost of this product is expensive.What other advice do I have?If you are a medium to large size enterprise, you can surely consider IBM as one of the major contenders for your selection. If you are a small enterprise, QRadar may be too much for you, it may be too complex.When deciding on a solution, we always consider:* Cost-benefit* Shelf-life of the solution* Security of the solutionDisclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2018-11-08
Rated 5 out of 5 by from Built-in rules are enabled by default and tunable to meet the specific needs of each organization. Valuable Features:* Correlation Rule Engine, built-in use cases: QRadar has the highest number of built-in use cases among any SIEM on the market. There are many built-in rules that are enabled by default and easily tunable to meet the specific needs of each organization. The correlation engine automates what is a manual process for many SIEM platforms.* Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered.* QRadar Vulnerability Management: Built-in vulnerability scanner or leverage for other supported scanners to either schedule a scan and/or import the results from a scan. Importing the results enriches the assets profile database to quickly identify assets that have known vulnerabilities.* X-Force Threat Intelligence: Threat intelligence IP reputation feed which leverages a series of international data centers to collect tens of thousands of malware samples, to analyze web pages and URLs, and to run analysis to categorize potentially malicious IP addresses and URLs.* App Exchange: Many vendors have written apps to enhance QRadar. The apps are free and enhance your SIEM experience by adding rules and custom event properties. In some cases a new tab. You will need to have purchased the third party solution. For example, if you have Palo Alto or Blue Coat, there's a free app for better integration.Improvements to My Organization:As a Professional Services consultant, I have heard many reports of how QRadar SIEM has quickly identified offenses which the users were unaware of previously. In addition to giving CISO’s gained visibility and increasing security posture, QRadar adheres to many compliance regulations across vertical industries.Room for Improvement:Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules.Use of Solution:We have been using the solution for four years.Deployment Issues:NoStability Issues:We did not encounter any issues with stability.Scalability Issues:We did not encounter any issues with scalability.Technical Support:The technical support is very good.Previous Solutions:We had limited experience with RSA enVision, LogRhythm, and HPE ArcSight. QRadar is much easier and takes less time to implement and maintain.Initial Setup:The initial setup was straightforward.Pricing, Setup Cost and Licensing:Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.Other Solutions Considered:We did not evaluate any other options.Other Advice:All SIEMs have a certain degree of complexity, especially where use cases and rules are concerned. I advise using Professional Services so your SIEM is configured by trained professionals.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are a business partner of IBM.
Date published: 2017-09-03
Rated 4 out of 5 by from For vulnerabilities, you see a popup on the screen. We do not have to look for it. It is pushed to us. Valuable Features:It's easy for us to see what's happening in the environment. It's very good to see the logs and the analytic stuff.Improvements to My Organization:We can see the vulnerabilities much easier with the product. You see a popup on the screen. We do not have to look for it. It is pushed to us.Room for Improvement:It is very expensive; very expensive.Stability Issues:The solution is very stable.Scalability Issues:I think it is scalable.Technical Support:We have used technical support. They are very good and very nice.Other Solutions Considered:We didn't evaluate any alternatives. We have yearly talks with the IBM consulting team. We look at the trends.Other Advice:When choosing a vendor, we look for a stable and trustworthy company. I think QRadar is the best solution you can get.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-06-23
Rated 4 out of 5 by from Contextual and threat-based incident management. Valuable Features:* Paradigm shift, security intelligence 2.0* Contextual-based incident management* Threat-based incident management* A single management console to handle all the data* Ease of use* Existing integration capabilities* Out-of-the-box reports* Parser developmentImprovements to My Organization:It has helped us in the reduction of VPN frauds via the active monitoring of various frauds.Room for Improvement:* There is a scope of improvement in the orchestration layer, such as the SecOps from RSA. RSA Security Analytics bundles their offering with their SecOps (a subset of Archer - Risk Governance tool). This gives them a competitive edge.* The reporting and dashboard capabilities require a bit of improvement in terms of fine tuning and bifurcation for the technical and management reports.Use of Solution:I have used this solution for four years.Stability Issues:There were no stability issues.Technical Support:I would give technical support a rating of 9/10.Initial Setup:The setup was straightforward and the deployment was easy.Cost and Licensing Advice:The pricing policy is a bit on the higher side. IBM offers discounts when applicable.Other Solutions Considered:We looked at other solutions such as RSA enVision and HPE ArcSight.Other Advice:Trust it, test it, and deploy it.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-04-30
  • y_2019, m_6, d_16, h_15
  • bvseo_bulk, prod_bvrr, vn_bulk_2.0.12
  • cp_1, bvpage1
  • co_hasreviews, tv_0, tr_18
  • loc_en_US, sid_4105533, prod, sort_[SortEntry(order=SUBMISSION_TIME, direction=DESCENDING), SortEntry(order=FEATURED, direction=DESCENDING)]
  • clientName_cdw