Sign in
Categories
Migration Mapping Assistant Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

IBM QRadar Security Intelligence Platform Console (BYOL)

IBM Security | QRadar Console v7.3.1 Patch 7 IF1

Linux/Unix, Red Hat Enterprise Linux RHEL-7.5 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

176 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Accounting

Most Powerful tool and easy to operate.

  • September 10, 2020
  • Review provided by G2

What do you like best?
A good SIEM tool, less complex. effective
What do you dislike?
Some of the features need to be improved.
What problems are you solving with the product? What benefits have you realized?
SIEM helped with security and detected and prioritized those threats accurately.
Recommendations to others considering the product:
Easy to operate and less complex.


    Computer & Network Security

IBM Qradar review

  • September 10, 2020
  • Review provided by G2

What do you like best?
Applications which give us the more visibility to analyse an incident.
What do you dislike?
Qradar does not allow us the third part integration.
What problems are you solving with the product? What benefits have you realized?
We can analyse an offense deeply.
Recommendations to others considering the product:
Nice tools for incident response.


    Meherzad J.

IBM QRadar, Advanced Security

  • September 09, 2020
  • Review provided by G2

What do you like best?
Available Templates for rules and building blocks, categorisation of domain and tenants and DSM Editor
What do you dislike?
GUI needs few user friendly moves like navigating back to original page and not the home page of offences, no support for huawei devices, overall complexity of the tool.
What problems are you solving with the product? What benefits have you realized?
Insider threats, rogue devices, identification of malicious content after integrated with end point manager. Qradar has been very effective in portraying overall security posture of my organization.
Recommendations to others considering the product:
QRadar is one the most state of the art SIRM Solution and IBM watson adds value to the real time threat identification. Also if utilised efficiently if clarifies security posture of your organisation


    Ali H.

Best SIEM

  • September 06, 2020
  • Review provided by G2

What do you like best?
Qradar give the bird eye of network .Recently I have intregrate Cloudflare WAF with Qradar which allow real time monitoring of web server.
What do you dislike?
Qrdar have some bugs which make trouble while integration log source.
What problems are you solving with the product? What benefits have you realized?
Web seever issue like internal server error 500 , file directory blocking malicious ip.


    Import and Export

Qradar Security information and event management - SIEM

  • September 03, 2020
  • Review verified by G2

What do you like best?
The flexibility and ease of deployment
Ability to quickly detect and prioritize potential threats. Mainly the ability to address internal dangers. Whether originating from a malicious or careless employee. This allows us to fix / Plug the hole / problem
What do you dislike?
Licence renewal Grace period. You do not get a view only access once license has expired.
What problems are you solving with the product? What benefits have you realized?
information and event management from multiple sources - Unix Servers, Routers and firewalls
Recommendations to others considering the product:
It is very helpful, When you can spend time to customise your reports and your dashboard. System Monitoring, Compliance Overview, Application overview, Network overview, Risk monitoring, System monitoring and Threat and security Monitoring as applicable.


    Karan S.

Easy to use SIEM tool

  • September 03, 2020
  • Review provided by G2

What do you like best?
The best thing about this tool is it's easy usability in terms of UI, Search queries, result display.
What do you dislike?
There's not really much to dislike except maybe the fact that it could be tiny bit slow sometimes. But that's not a recurring or major issue.
What problems are you solving with the product? What benefits have you realized?
I am using it to search for logs related to the security incidents in our environment. The quick search queries are very helpful.
Recommendations to others considering the product:
Go for it. It's easy to implement and use.


    Kevin H.

Unwieldly and Mostly Effective SIEM

  • September 02, 2020
  • Review provided by G2

What do you like best?
The ability to quickly pull up, manipulate, drill down, and examine log data, even if it is months old. Additionally, being able to look at both the normalized log data as well as the raw log output allows me to confirm exactly what the system is doing and brings a level of comfort to the entire process. It was an invaluable tool in quickly showing other IT administrators exactly where problems existed or where there were potential connectivity issues.
What do you dislike?
There is a LOT of tuning that you need to perform in order for the product to be proactive. There are numerous system rules, groups, and building blocks that will require not only tuning, but great documentation on YOUR part so that you and your team can properly understand the components of your systems that are being watched, analyzed, and alerted on.
What problems are you solving with the product? What benefits have you realized?
Centralized logging management is solved very nicely, with the system able to ingest data from most of our products. For those that QRadar was not able to support, writing a parser manually was relatively painless and allowed us to integrate our homegrown applications very nicely with all the other normalized log sources.
Recommendations to others considering the product:
Make sure that you really understand your infrastructure and are willing to deploy significant staffing resources at this product. For an organization with over 2000 employees and 45,000 endpoints, we had to dedicated pretty much a single person full-time in order to fully realize the usefulness of this product.


    Commercial Real Estate

Digital Enterprise Architect

  • September 02, 2020
  • Review provided by G2

What do you like best?
Good SIEM solution provide indepth view to network issues
What do you dislike?
Difficulty to get deployed with the sensors
What problems are you solving with the product? What benefits have you realized?
Netowrk insight view


    Information Technology and Services

A SIEM and much more

  • September 01, 2020
  • Review verified by G2

What do you like best?
One of the most complete SIEMs that allows integrations with multiple elements in a simple way.
What do you dislike?
The way to quote is complicated and can make the solution too expensive.
What problems are you solving with the product? What benefits have you realized?
It allows you to review the events and obtain the offenses in a simple way and have a total vision of what is happening on the network. In addition to allowing modeling of user behavior.
Recommendations to others considering the product:
Do not think that it will be a more expensive solution than the others, surely there is an architecture capable of being competitive.


    sachin a.

Good to have but not something which can be relied upon for 360 degree coverage

  • August 30, 2020
  • Review provided by G2

What do you like best?
Multiple in-built apps which can be downloaded for multiple tasks like integration of different tools(only what is supported by Qradar) , compliance reports etc.
What do you dislike?
Complexity in integration of new log sources.
Need to be very careful while running searches, if multiple personnel's are doing the search at the same time, then things get stuck up at times and ultimately it leads to cancellation of respective searches.
Complexity in report creation.
What problems are you solving with the product? What benefits have you realized?
Reliable to check on the data as per the integrated log sources as and when needed.
Rules work as they are expected to work ( fine-tuning has to be made on regular basis , based on the exceptions)
Recommendations to others considering the product:
Get it if you want to use it as a good data collection tool
Use it if you are looking for something from reporting,search purposes.
Will recommend to go with UEBA solutions for next level analytics as SIEM will only work on the rules and not on the user's behavior