What is most valuable?
The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also, QRadar's event filtration and device integration are perfect.
Actually, we are looking for another product because a customer is demanding different products and they're not going with QRadar, hence we are trying to compare QRadar with other solutions like Securonix, Splunk, Exabeam, LogRhythm. Otherwise, all our customers are happy with QRadar.
I'm doing integrations and deployments for QRadar. So, in regards to integration and deployment, QRadar is very easy as compared to other products.
What needs improvement?
In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features.
For how long have I used the solution?
I have been working with IBM QRadar for the last four years.
What do I think about the stability of the solution?
QRadar is very stable in our deployment. I'm not aware of other customer deployments.
What do I think about the scalability of the solution?
IBM QRadar is scalable. We can scale it according to our requirements. We can scale it up, as per our requirement. We can increase the resources, we can increase the storage. We can do everything with QRadar.
How are customer service and technical support?
Their technical support is also good. During weekends they are only looking at the priority issues. That is difficult, because sometimes the critical log sources stop sending events to QRadar and in those cases we need support on an urgent basis, but they're not going to support it during weekend.
Which solution did I use previously and why did I switch?
We work with LogRhythm as well as QRadar, as well as NetIQ Sentinel, Azure Sentinel and others.
How was the initial setup?
The initial setup for QRadar is easy. It is easy to understand and easy to implement.
What's my experience with pricing, setup cost, and licensing?
As compared to LogRhythm, IBM QRadar's pricing is moderate.
What other advice do I have?
We recommend QRadar. It is a good product, a good solution.
Every customer should go with IBM QRadar.
On a scale of one to ten, I would give IBM QRadar a nine.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?
7.4.2 Fix Pack 2