IBM Security QRadar SIEM v7.4.1 - Components (BYOL)
IBM Security QRadar SIEM v7.4.1 - Components (BYOL)
Product Overview
IBM QRadar SIEM empowers security analysts and security operations teams with the visibility, automation and insights needed to quickly detect anomalies and uncover advanced threats in real-time.
IBM® QRadar® components to scale a QRadar deployment, and to manage data collection and processing in distributed networks.
QRadar SIEM supported nodes:
Flow Collector - collects network flows from devices on your network including network taps, span ports, NetFlow and QRadar flow logs
Event Collector - collects event data from sources in AWS and securely transfers data to a QRadar Console on-premises or in the cloud, for threat detection and analysis
Data Node - add-on appliance to event and flow processors to increase storage capacity and improve search performance
Event Processor - processes events that are collected from one or more Event Collector components
Flow Processor - processes flows from one or more Flow Collector appliances
Event/Flow Processor - a single appliance that enables security event and flow data to be collected, processed and stored in a QRadar deployment in AWS
Data Gateway - only deployed as part of a QRadar On Cloud (QRoC) instance, enables data to be collected from data sources in AWS and then securely transfers data to a QRoC console in the IBM Cloud for threat detection and analysis.
Version
By
IBM SecurityCategories
Operating System
Linux/Unix, Amazon Linux RHEL-7.5
Delivery Methods