Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

IBM QRadar Security Intelligence Platform Console (BYOL)

IBM Security | QRadar Console v7.3.1 Patch 7 IF1

Linux/Unix, Red Hat Enterprise Linux RHEL-7.5 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

189 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Kevin H.

Unwieldly and Mostly Effective SIEM

  • September 02, 2020
  • Review provided by G2

What do you like best?
The ability to quickly pull up, manipulate, drill down, and examine log data, even if it is months old. Additionally, being able to look at both the normalized log data as well as the raw log output allows me to confirm exactly what the system is doing and brings a level of comfort to the entire process. It was an invaluable tool in quickly showing other IT administrators exactly where problems existed or where there were potential connectivity issues.
What do you dislike?
There is a LOT of tuning that you need to perform in order for the product to be proactive. There are numerous system rules, groups, and building blocks that will require not only tuning, but great documentation on YOUR part so that you and your team can properly understand the components of your systems that are being watched, analyzed, and alerted on.
What problems are you solving with the product? What benefits have you realized?
Centralized logging management is solved very nicely, with the system able to ingest data from most of our products. For those that QRadar was not able to support, writing a parser manually was relatively painless and allowed us to integrate our homegrown applications very nicely with all the other normalized log sources.
Recommendations to others considering the product:
Make sure that you really understand your infrastructure and are willing to deploy significant staffing resources at this product. For an organization with over 2000 employees and 45,000 endpoints, we had to dedicated pretty much a single person full-time in order to fully realize the usefulness of this product.


    Commercial Real Estate

Digital Enterprise Architect

  • September 02, 2020
  • Review provided by G2

What do you like best?
Good SIEM solution provide indepth view to network issues
What do you dislike?
Difficulty to get deployed with the sensors
What problems are you solving with the product? What benefits have you realized?
Netowrk insight view


    Information Technology and Services

A SIEM and much more

  • September 01, 2020
  • Review verified by G2

What do you like best?
One of the most complete SIEMs that allows integrations with multiple elements in a simple way.
What do you dislike?
The way to quote is complicated and can make the solution too expensive.
What problems are you solving with the product? What benefits have you realized?
It allows you to review the events and obtain the offenses in a simple way and have a total vision of what is happening on the network. In addition to allowing modeling of user behavior.
Recommendations to others considering the product:
Do not think that it will be a more expensive solution than the others, surely there is an architecture capable of being competitive.


    sachin a.

Good to have but not something which can be relied upon for 360 degree coverage

  • August 30, 2020
  • Review provided by G2

What do you like best?
Multiple in-built apps which can be downloaded for multiple tasks like integration of different tools(only what is supported by Qradar) , compliance reports etc.
What do you dislike?
Complexity in integration of new log sources.
Need to be very careful while running searches, if multiple personnel's are doing the search at the same time, then things get stuck up at times and ultimately it leads to cancellation of respective searches.
Complexity in report creation.
What problems are you solving with the product? What benefits have you realized?
Reliable to check on the data as per the integrated log sources as and when needed.
Rules work as they are expected to work ( fine-tuning has to be made on regular basis , based on the exceptions)
Recommendations to others considering the product:
Get it if you want to use it as a good data collection tool
Use it if you are looking for something from reporting,search purposes.
Will recommend to go with UEBA solutions for next level analytics as SIEM will only work on the rules and not on the user's behavior


    Information Technology and Services

IBM Q-Radar

  • August 29, 2020
  • Review provided by G2

What do you like best?
Integration with Identity and Access Management Tools
It is easy to deploy than most other SIEMs.
What do you dislike?
Not User friendly than most of the other SIEMs I have used.
What problems are you solving with the product? What benefits have you realized?
Insider threats caused by internal employees.
User Behavior analytics.
Recommendations to others considering the product:
A solid SIEM solution to implement in enterprise companies.


    mousa b.

Qradar Review

  • August 24, 2020
  • Review provided by G2

What do you like best?
Incident Alerts need to be sorted in better way , reading logs from other system sometimes need a lot of parsing
What do you dislike?
Vulnerability Assessment need to be enhance
What problems are you solving with the product? What benefits have you realized?
centralized log management for all logs


    Financial Services

IBM QRadar Review

  • August 24, 2020
  • Review provided by G2

What do you like best?
Integration between different platforms like rapid7, etc. Flexibility in creating event rules.
What do you dislike?
A bit slow when pulling logs for the last 30 days
What problems are you solving with the product? What benefits have you realized?
Identifying security event triggers and sudden increase in bandwidth flow
Recommendations to others considering the product:
IBM Security QRadar is a good all in one security application. It will allow you to connect different security application and customize your own rule for a much more zero-in result.


    Banking

QRadar SIEM Review and Comparision

  • August 17, 2020
  • Review provided by G2

What do you like best?
QRadar App Exchange
Log Source Integration and Custom Content Extraction from raw event
QRadar Network Insight
ADE - Anomaly Detection Engine
What do you dislike?
No correlation Rule can be written if log sources integrated with different event processors
Support (Specially Indian support) is not much technical and not able to resolve issues on timely manner
What problems are you solving with the product? What benefits have you realized?
Traffic profiling and triggering alerts for abnormalities
Recommendations to others considering the product:
I have worked on multiple SIEM Tools and found QRadar SIEM is stable, flexible and have more features compared to other SIEM Tools I worked including RSA SA, Symantec SSIM, ArcSight, McAfee Nitro.


    lalit u.

Above average product

  • August 15, 2020
  • Review provided by G2

What do you like best?
Best in creating use cases. You need not to be a query master to create use case. Just need to have a logic. Hence, much user friendly.
What do you dislike?
Scaling, integration with other products is a bit difficult and for minor help IBM support keeps on pushing to take their professional services help(which comes at a cost).
What problems are you solving with the product? What benefits have you realized?
For creating use cases, integration of other security products. Fine tuning of ise cases etc.
It's user friendly and interactive web features.
Recommendations to others considering the product:
Professional services should be ease out for cusromers and a lot more competitive offerings should be there i.e. cost, assistance in scaling. Client issues should be taken up very seriously. IBM support quality should be enhanced.


    Information Services

Greater visibility of your network

  • August 15, 2020
  • Review provided by G2

What do you like best?
It can be integrate with most of the devices ( Routers, Servers, DB Servers, Critical Devices, Critical Applications etc.,), Its highly scalable and gives greater visibility also good in event management.
What do you dislike?
It's much complicated in implementation and usage
What problems are you solving with the product? What benefits have you realized?
With the help of Qradar proactively control the security events in our organization
Recommendations to others considering the product:
Do prepare the use cases and do a proof of concept at least a month then take a right decision