IBM QRadar Review

A stable solution which allows a single system to be onboarded for all 200 existing customers for monitoring purposes.

What is our primary use case?

We are using the current version.

What is most valuable?

The solution supports MSSP models, which most service providers have. This means that a single system can be onboarded for all 200 existing customers for monitoring purposes. 

What needs improvement?

The implementation of the solution's technology needs to be simplified. It is overly complex. 

The integration also must be simplified. 

The licensing is also overly complex, as there is a need to buy the work load performance monitoring separately. These are the different modules we need to buy. 

IBM does not provide a combined, combo suitor solution which the customer can easily look at. The multiple functionalities are segmented and do not allow for an idea which is complete. It makes it difficult for us to do a realistic comparison with other products. I hope that others follow suit. 

For how long have I used the solution?

We have been using IBM QRadar for almost eight-and-a-half years. 

What do I think about the stability of the solution?

No doubt about it, the solution is extremely stable. 

What do I think about the scalability of the solution?

The solution needs to be redesigned to allow for scalability or for extending it to the existing one. There is a need to do long-term planning and migration from an existing to a new one and this cannot be easily accomplished. Storage cannot be added to the installation. One must completely migrate to the new storage to add additional terabytes. 

As such, the solution is not quite scalable. The scalability exists, but it requires migration. 

How are customer service and technical support?

We are very happy with the technical support. 

How was the initial setup?

The initial setup was extremely complex. 

What about the implementation team?

We made use of an integrator. 

What other advice do I have?

We have nearly two hundred customers making use of the solution.

We have direct contact with Ingram Micro or have a service partner relationship with it, but work directly with IBM as our ISP. 

We are a managed security service provider and wholesale customer of IBM QRadar

We buy a bulk license from IBM QRadar and host around 200 plus customers in a single integration so that all the customer events will be integrated in one solution. We are not integrators and do not resell their services.

As such, we don't buy the license or sell the tools to others. We will buy a license, inclusive of the services, host it with our private cloud and provide services to the end clients.

Our customer base of IBM users is limited. When it comes to a security operations center team, IBM will be looked to for providing security monitoring on an ongoing basis. We must see that it is working as it should be. 

I would recommend this solution to others. 

I rate IBM QRadar as an eight out of ten. 

Which deployment model are you using for this solution?

Private Cloud
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More IBM QRadar reviews from users
...who work at a Financial Services Firm
...who compared it with Splunk
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
533,285 professionals have used our research since 2012.
Add a Comment
ITCS user