What is our primary use case?
We work with it in the banking sector. We had torrent limitations and big banks could join them. It has performed well. However, the limitation is not easy, so the product is not easy.
You cannot get the real value of the product unless you combine it with the other products from IBM, like BigFix, the full integration of Vulnerability Management, and so on.
How has it helped my organization?
The product is great. It does good correlation for events. It does good general analysis, and it has good apps as well.
What is most valuable?
- The artificial intelligence ease of integration; it has a good integration with the artificial intelligence engine of Watson.
- There is good collaboration between IBM Cloud and all IBM customers.
What needs improvement?
The implementation and configuration are not easy.
We would like to see user behavior analysis in the next release. IBM claims they have this feature, but I do not see it as mature as in Splunk.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
The stability of the solution is great.
What do I think about the scalability of the solution?
Technically, there are no scalability issues.
How is customer service and technical support?
Support is good. The technical engineers seem they know what they are doing. Though, the escalation response is bad. An escalation takes time, because the response time is not as fast as it should be.
How was the initial setup?
The implementation is complex.
What's my experience with pricing, setup cost, and licensing?
It is expensive. It is not a product that I can provide for SMBs. It is a program that I can only provide for really large enterprises.
Also, the maintenance costs are high.
What other advice do I have?
IBM needs to invest more into the collaboration with other vendors.
If you want to go to IBM, do not just go for QRadar. You need QRadar and all the products that surround QRadar, especially BigFix, because the product is ten times stronger with it.
Most important criteria when selecting a vendor:
- The technical features of the solution.
- The people in my region at the vendor.
- The perspective of the project manager on the customer side.
- Data involved and time of the implementation.
- The needs of the customer.
- The cost of the project.
- Training involved.