IBM QRadar Review

We use it to create use cases and review offenses. One of the valuable features is its correlation engine.


What is most valuable?

  • User-friendly
  • Easy to deploy
  • Easy to create use cases
  • Easy to review an offense
  • Its correlation engine is one of the best

How has it helped my organization?

I usually work on the deployment and fine-tuning of this product. However, I have some operational experience as well. For instance, you can simply audit all the IT equipment in your environment, such as the firewall, the IPS, and the Active Directory (AD) server.

What needs improvement?

It should have built-in blocking capability.

For how long have I used the solution?

I have used this solution for four years.

What do I think about the stability of the solution?

On a scale of 100, it is 95% stable.

What do I think about the scalability of the solution?

I did experience some scalability issues in one organization.

How is customer service and technical support?

The technical support is excellent.

Which solutions did we use previously?

We were not using any other solution previously. This was my first solution. I am still working on it. I also have experience with McAfee Nitro and LogRhythm.

How was the initial setup?

The setup was straightforward.

What's my experience with pricing, setup cost, and licensing?

The pricing will definitely vary according to your EPS, but it is worth spending money on this product.

Which other solutions did I evaluate?

We looked at other solutions, such as McAfee Nitro and LogRhythm.

What other advice do I have?

Work on sizing as much as you can so you can avoid any issues after deployment. You should also fulfill hardware requirements for this product. Otherwise, you will not get its full functionality.

Disclosure: My company has a business relationship with this vendor other than being a customer: I am a vendor.
Add a Comment
Guest
Sign Up with Email