IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Tech lead for IBM QRadar implementation project
What do you like best about the product?
AQL, dashboard,report, alert, offensives
What do you dislike about the product?
Object management, it is difficult to rename an object.
Network packet capture cannot decrypt ssl traffic
Network packet capture cannot decrypt ssl traffic
What problems is the product solving and how is that benefiting you?
Security visibility
Recommendations to others considering the product:
Have a large number of DSMs
- Leave a Comment |
- Mark review as helpful
One of the best SIEM tool
What do you like best about the product?
It's almost a perfect product for the SIEM. It has many built in features to cover most of the things that you are always looking for in terms of security and log analysis.
What do you dislike about the product?
There are quite a few things that I thing would really be good to have;
- There should be a lightweight version of the application as the current one is quite hefty.
- Trial process should be improved, so users can have trial version easily.
- There should be a lightweight version of the application as the current one is quite hefty.
- Trial process should be improved, so users can have trial version easily.
What problems is the product solving and how is that benefiting you?
- Network Security
- Log analysis
- OTX
- Log analysis
- OTX
Recommendations to others considering the product:
Great product, highly recommended.
Good tool for security monitoring
What do you like best about the product?
QRadar has a lot of options, it provides a lot information so you can make a deeply investigation about the offenses generated. It does not demand high speed internet.
What do you dislike about the product?
Sometimes it could be very confusing for a naive person. It does not refresh automatically.
What problems is the product solving and how is that benefiting you?
Monitoring high severity offenses. It helps to escalate in a timely and proper manner.
Recommendations to others considering the product:
To pay a lot of attention during the Qradar training. Each day you can discover something new.
IBM Qradar review
What do you like best about the product?
QRadar is one of the best SIEMs around for large organisations dealing with huge amount of network traffic, although setting it up is a bot challenging but it makes up for it in long term durability
What do you dislike about the product?
Pricing for a single tenent is not worth it.
What problems is the product solving and how is that benefiting you?
I have set it up as a SIEM solution
BM QRadar is very good solution to assure integrity of log and prevent and detect attacks
What do you like best about the product?
Easily deployment,smart log prioritize,ease to manage logs
What do you dislike about the product?
Sometime use too more resources.Resource Need To be use Balenced.
What problems is the product solving and how is that benefiting you?
Easily priories high risk bugs the move to low level
Recommendations to others considering the product:
For log management and analysis it can help in real time.
Qradar compete good and provide valuable security.
What do you like best about the product?
Securing traffic that what make people believe people's data is safe
What do you dislike about the product?
Everything seems just perfect , more use of it will let us know what we dont like about it
What problems is the product solving and how is that benefiting you?
Null
Recommendations to others considering the product:
Move to infinity
siem products review
What do you like best about the product?
dashboards are well appreciated , and help at the first impact or level , Good for the native network flow analisys capability , Graphic User Interface is intuitive and good readale understanding .GUI , graphics data rappresentation.
QRadar has network traffic behavior analysis
and can be correlated across NetFlow and log
events. QRadar has Advisor using Watson to assist in threat intelligence and investigations.
Watson is an AI and still does very little for any customer out of the box—it
takes months to set up with few proof points. QRadar provides an integrated view of Log and
Event Data and provides flexibility and rich data visibility . no so much with the context.
QRadar has network traffic behavior analysis
and can be correlated across NetFlow and log
events. QRadar has Advisor using Watson to assist in threat intelligence and investigations.
Watson is an AI and still does very little for any customer out of the box—it
takes months to set up with few proof points. QRadar provides an integrated view of Log and
Event Data and provides flexibility and rich data visibility . no so much with the context.
What do you dislike about the product?
collections is technically limited to most popular methods , you have to trouble more with unstructured data collection or customize an unknown log format such as custom logs colelction. Solution do not scales quick with hw and costs vs performances
Qradar requires most cost in hardware to get
performance . It scales
horizontally that will cause management
load with large scale deployments.
In small environments around 1K EPS, QRadar
cannot scale within an organization. · QRadar can be expensive on storage .
QRadar search capabilities seems to be slow and do not stack up , little changes
over the last years
Qradar requires most cost in hardware to get
performance . It scales
horizontally that will cause management
load with large scale deployments.
In small environments around 1K EPS, QRadar
cannot scale within an organization. · QRadar can be expensive on storage .
QRadar search capabilities seems to be slow and do not stack up , little changes
over the last years
What problems is the product solving and how is that benefiting you?
building a simple SIEM in a let time . Simple and quick Net-flow collection . Simple license method compared to the competition
Recommendations to others considering the product:
medium level customers with High level customer in a simple enviroment
User friendly and easy to work in SOC team
What do you like best about the product?
Advance searching mechanism and alerts for unexpected behaviour
What do you dislike about the product?
Problem sometimes connecting to query server
What problems is the product solving and how is that benefiting you?
Unexpected behaviour of applications which will get the logs for alert for user attempts failure. Vulnerability scanning
Logs at one place
What do you like best about the product?
Tagging of log is the best thing which I feel in this app.
What do you dislike about the product?
When huge bunch of logs streaming. It becomes little slow.
What problems is the product solving and how is that benefiting you?
Log forensic
Great tool for an enterprise network.
What do you like best about the product?
It can hold and parse a large amount of data and it very quick.
What do you dislike about the product?
Sometimes parsing data is little low, so may be they have to improve on that.
What problems is the product solving and how is that benefiting you?
Well I do troubleshoot on daily basis with the issues we have. Its basically hard to explain as its scenario based.
Recommendations to others considering the product:
Nothing as such
showing 211 - 220