We performed a comparison between IBM Security QRadar and IBM SevOne Network Performance Management (NPM) based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."IBM QRadar Advisor with Watson is a stable solution."
"The most valuable features are log monitoring, easy-to-fix issues, and problem-solving."
"We can easily monitor many things using this tool."
"It helps us discover any threats with their alerts and tracking."
"When it comes to QRadar, they can do the correlation and not only in networks but also endpoints. This is one of the good features that we have noticed."
"Improved our organization's TCO."
"It comes with many rules disabled. You can tune them and modify them according to your enterprise needs and avoid false positives."
"The solution is flexible and easy to use."
"We have benefited mainly from the use of the dashboard interface. It makes the network visually interesting for other people who are not in the network. A lot of people are not network techies who understand streams in the network. Based on location, we have streams coming in and out. They can see visually when there is some problem. They don't need to understand all the network technology behind it to be able to understand if everything is working well or if there is a problem."
"It's given us the ability to create various real-time network performance reports and distribute them to any colleague who can access these reports immediately."
"With this tool it is interesting to show the info to the client and explain where the traffic is."
"Another useful feature is that SevOne gives you real-time insights into your network performance. It polls every five minutes. That is important for our customers because there are some network teams that are always monitoring their networks."
"The network data collection has been very flexible for us. It's been thorough in areas that were lacking. They have a team that I've worked with to add other pieces to it. So if it's missing something out of the box, they work with me to add it. I was able to collect that data. It's not perfect, but it's pretty thorough."
"In 90% of the cases, new devices are plug-and-play, so when a new version comes out then SevOne has support for it out of the box."
"It's a great solution for highlighting and discovering useful information regarding our network's elements."
"SevOne has rich API capabilities, giving us the flexibility to control what we collect and customize the collection, creation, and manipulation of now metrics as necessary."
"The IBM support can be better."
"The solution is expensive compared to other products."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix."
"The threat intelligence functionality can be better. In addition, it can have more monitoring capabilities."
"IBM technical support is always terrible."
"Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that."
"It needs more resilience and functionality."
"The user management features need to be improved. It would be nice if we had more granular control, or layers of control, out of the box."
"One area that requires a little bit of improvement is the topology of visualization and being able to map out connections, end-to-end. It's able to do that, but it's not as impressive as we would like it to be. We would like to understand the different interface types and the connection points better, through the visualization. Heatmaps also need further development."
"You need to plan integrations. That has been the biggest bug with SevOne so far. For the things that SevOne pulls directly, those are easy to understand, modify, and put into the database. For things that need to use the Universal Collector or xStats, you need to plan that stuff well in advance."
"The reporting of NMS is good, but it could be better."
"There are a lot of pain points. My main problem is that we don't have a high availability system. There are 20 peers. We're going to lose the end-of-life appliances that are old. If we lose a peer and it doesn't come back, we lose all that data. The reason we don't have high availability is because it's double the charge."
"We previously have had discussions on some reporting enhancements. So, we raised a feature request, which was delivered from SevOne."
"The method of searching for SIP and the way to create the groups."
"Would benefit with the addition of AI modules for proactive data insights."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
IBM Security QRadar is ranked 6th in Log Management with 198 reviews while IBM SevOne Network Performance Management (NPM) is ranked 31st in Log Management with 53 reviews. IBM Security QRadar is rated 8.0, while IBM SevOne Network Performance Management (NPM) is rated 8.4. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas IBM SevOne Network Performance Management (NPM) is most compared with Instana Infrastructure Monitoring, LogicMonitor, SolarWinds Network Device Monitor, Splunk Enterprise Security and Entuity. See our IBM Security QRadar vs. IBM SevOne Network Performance Management (NPM) report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.