IBM QRadar Review

Alerts us about events in our network environment and has superb functionality


What is our primary use case?

We are partners with IBM. We do simulations for our clients. Then we resolve the issue that they're facing using IBM QRadar.

How has it helped my organization?

We have integrated IBM QRadar with our firewall and some services that we use. When the logs are about to get full of SQL, IBM QRadar makes a notification. The admin knows that they're about to get full so he just goes and clears them out. That is when we usually use IBM QRadar. On our firewall, when the issue notifications are generated, we don't usually open the firewall but QRadar alerts us about what went down in our environment.

What is most valuable?

The most valuable feature of IBM QRadar is its slow control and even activation. I also like the post notifications on the screen.

What needs improvement?

The quoting and the dashboard session could be improved. It should be more user-friendly.

Otherwise, the overall functionality of IBM QRadar is superb. A better GUI and reporting both would be good additions to the product.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

IBM QRadar is very stable. It doesn't have many errors.

What do I think about the scalability of the solution?

IBM QRadar is easy to scale. We can integrate other devices if we want to. We could go to distributed architecture instead, but we like this product. It doesn't affect the environment. In our office, we have around 40 - 50 users, but our clients have more users on their networks. 

Our organization has staff in the software department that manages IBM QRadar for us. The security division just manages the login. Overall, only two to three staff are required for the management of IBM QRadar. They are more than enough to control the situation because most of it is easy. We definitely have plans to increase our current usage of the solution in the future.

How are customer service and technical support?

Technical support from IBM is not that good here in this region. It's quite helpful to have local support. They don't have much expertise in this product. 

We usually have to go to IBM to resolve the issues if we have them because the overall product is a bit complex. There are not many local resources here in this region with expertise in IBM QRadar.

How was the initial setup?

The initial setup is straightforward. It's very easy. I think anyone can install it within minutes. The deployment of IBM QRadar takes around 20 to 25 minutes if you have a good hard drive.

What about the implementation team?

We deployed IBM QRadar ourselves. We have technicians. We bill the client and do the installation on our own, along with other IBM products

What's my experience with pricing, setup cost, and licensing?

We do licensing on a yearly basis. It's for deployment. If the client wants more services, we support the license. There are no other costs for the product.

Which other solutions did I evaluate?

When I joined the company we were already partners with IBM. I didn't have much experience with other products.

What other advice do I have?

I would recommend IBM QRadar because of the security features and the organization. I can recommend the security. Security is nowadays an essential part of IBM QRadar. 

IBM QRadar is probably the best possible solution in the market. I would rate it an eight out of 10.

Disclosure: I work for the vendor.
Add a Comment
Guest

Sign Up with Email