IBM Security QRadar Initial Setup

Frank Eargle - PeerSpot reviewer
Information Security Engineer at Glasshouse Systems

The solution's initial setup is pretty difficult. I rate IBM Security QRadar a four or five out of ten for the ease of its initial setup.

View full review »
Anto Sebastin - PeerSpot reviewer
Technical Presales Engineer at Redington India Limited

I rate the ease of setup an eight out of ten.

View full review »
MUHAMMADNADEEM1 - PeerSpot reviewer
Deputy Director at Board Of Revenue

Our experience with the initial setup of QRadar was smooth because we opted for a managed security solution through our service providers. The installation itself took about one to two hours but integrating various sources, creating use cases, fine-tuning, and enabling logs could take up to two to three months. However, in our enterprise network deployment, we managed to accomplish it within six months.

View full review »
Buyer's Guide
IBM Security QRadar
March 2024
Learn what your peers think about IBM Security QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
KM
Head of Cyber security analysis at DNV Poland Sp. z o.o.

IBM did the setup. I called them to ask for UBA, and it was available the next day. They handled all the deployment and maintenance. 

View full review »
Artur Marzano - PeerSpot reviewer
Security Analyst at Localiza

IBM QRadar User Behavior Analytics was really easy to set up. There were no issues with setting it up.

View full review »
Lokesh Puthalapattu - PeerSpot reviewer
Senior Marketing Specialist II at Harman International

The initial setup of IBM QRadar User Behavior Analytics is straightforward. We only have to activate a few aspects. We directly installed our process characters, and an all-in-one setup with it to do the installation. The deployment took use 30 to 40 minutes. However, if you want to add components it will take more time.

View full review »
EM
Director of Incident Response at a retailer with 10,001+ employees

I didn't set it up. Probably part of the engineering team set it up.

View full review »
YE
Technical Analyst at a manufacturing company with 10,001+ employees

The ease of setup is based on the complexity of your environment and network architecture.

The initial setup is not complicated and should go smoothly if you set all predefined requirements prior to installing the solution.  

It took us two weeks to prepare all requirements and a few hours to deploy which included installing all resources. 

Documentation for the installation process is pretty straightforward. 

View full review »
Chetankumar Savalagimath - PeerSpot reviewer
Delivery Manager at a tech services company with 1,001-5,000 employees

It is straightforward. AWS has a feature called Marketplace in its environment. When we click it, we can load it directly. It doesn't take more than two to three days to completely deploy the infrastructure. 

View full review »
Artur Marzano - PeerSpot reviewer
Security Analyst at Localiza

Deployment-wise it's pretty easy already; it took us one hour to get QRadar running, and then a couple of days later, we had full deployment. We then began onboarding log sources — the process of onboarding log sources has been almost painless for 90% of our log sources, which are from different vendors and different tools, and within a month we had about 70% of all of our relevant security logs in qRadar, generating many interesting offenses on a daily basis. So that has been very positive.

We had little interaction with qRadar during the process of onboarding log sources — most log sources were automatically discovered, their events were mapped correctly and parsed to extract relevant fields. A few log sources required manual intervention or installation of content packs, and some of IBM's DSMs were a bit outdated, but these issues were rather quick to fix within qRadar itself.

View full review »
Mohamed Elprince - PeerSpot reviewer
SOC Manager at ALEXBANK

The initial setup is extremely easy and straightforward.

View full review »
MG
IT Security Administrator at Zitouna Bank

The solution is deployed on an on-premises model.

For the product's implementation, my company took two months. To implement all log sources, my company took somewhere between three to five months.

View full review »
James Riffenburg - PeerSpot reviewer
Principal Cybersecurity Consultant (Architecture, Engineering, Operations) CISO VCISO at a financial services firm with 10,001+ employees

The initial setup is in-between straightforward and complex. Any SIEM solution is complex, but compared to other products, it is the middle of the road. It's not as difficult or cumbersome, especially when you compare it to ArcSight being the most difficult where you require a whole team of people to really derive any value.

View full review »
DipeshBhawsar - PeerSpot reviewer
Archtect manager at Principal Global Limited

The initial setup is straightforward and simple. It's not very complex. 

We are using multiple features in QRadar. UVA is just one feature. We have overall 14 data nodes and we are almost 2,500 GB of data integrated with it and we are using multiple applications in QRadar. We have a nine-member team that manages the overall QRadar architecture, not only UBA.

View full review »
RR
Cyber Security Specialist at a tech vendor with 10,001+ employees

Compared to Sentinel, the initial setup is a bit complex. Depending upon whether you're going ahead with the cloud version or on-prem version, there is human involvement, however, normally everything is done by the platform engineer. I don't have to get my head into that part. Once everything is up and running, that is when we have to start working from our side. I'm sure it is more complex than a plug-and-play Sentinel, where connectors are easily available and just have to click, click and get things done.

The administration and maintenance would be two or three people depending upon the availability. I'm not very sure about troubleshooting. I'm coming at the solution from a user perspective. I'm more concerned with the rule fine-tuning and rule-building part. That kind of troubleshooting will be done with the platform team, which specializes in that. 

View full review »
QI
Manager SOC at a comms service provider with 10,001+ employees

It is not very difficult. I have done more than 10 deployments, and I have integrated and developed custom applications. I have also developed a Python-based script to support me with the things that IBM cannot support. I am using that script from the health check perspective. It gives me a high-level and low-level overview of QRadar with respect to the rules that have been triggered and the notifications that have been generated and how to tune them.

View full review »
ST
Cyber Security Services Operations Manager at a aerospace/defense firm with 501-1,000 employees

Installing QRadar is very simple. You insert a DVD, boot the system, and it runs the installation after asking you a few questions. It runs pretty much automatically, and then you're up and going. From an installation point of view, it is very easy.

The only thing that you have to get right before you do the installation is your architecture because it has event collectors, event processes, flow collectors, flow processes, and a number of other components. You need to understand where they should be placed. If you want more storage, then you need to place data nodes on the ends of the processes. All this is something that you need to have in mind when you design and deploy.

View full review »
Abbasi Poonawala - PeerSpot reviewer
Chief Enterprise Architect at a financial services firm with 10,001+ employees

For cloud deployment, you need to go for IBM Bluemix Cloud, and you can deploy easily on a private cloud. You create the stack and use the Bluemix Cloud formation template. If you have the IBM Bluemix Cloud subscription, you can deploy it easily within maybe half a day or one day. You can create all the resources by using the Bluemix Cloud formation template.

For deployment, you need a small team of two or three because it just needs the team to provision the resources on the IBM Bluemix Cloud. For support, we need a bigger team of around 10 plus people.

View full review »
it_user634773 - PeerSpot reviewer
Senior Security Analyst at The Hartford

Fifteen years ago it was very complex because of the linking of different flow collectors. Being processed together, upgrading them was painful. That part has improved greatly as you can just put the update process in the console and push Yes. That's a lot better.

View full review »
DL
Head of Cybersecurity at a computer software company with 51-200 employees

The product's deployment phase can be described as an average one.

I rate the deployment process of IBM Security QRadar a seven on a scale of one to ten, where one is difficult, and ten is easy.

The solution is deployed on an on-premises model.

View full review »
it_user1369023 - PeerSpot reviewer
Senior Manager Information Security at Conduent (formerly Xerox Services)

It was pretty straightforward. These are hardware appliances. So, you need to rack and stack them. If the rack space, cabling, and other things are already done, which would typically be the responsibility of a data center team, it essentially takes three to five days. But this is only the core deployment. The fine tuning on top of it would take extra time based on the environment and how complex it is.

View full review »
Ayoub Jaaouani - PeerSpot reviewer
Solutions Architectv at Smarttech247

The number of log sources significantly impacts deployment complexity. The process becomes more complicated for environments with 50 log sources compared to those with fewer sources (e.g., 20 or 10).

Each log source requires a connection to IBM, a task that can take several days or hours, depending on its complexity.

On average, the entire deployment process spans six to eight weeks.

View full review »
Du Hoac Kim - PeerSpot reviewer
Deputy Manager at sacombank

The initial setup was straightforward and took three to four months to deploy.

View full review »
MT
IT Solutions Product Manager at SMTSTECH

Its installation is very simple. You can install it and configure it very easily.

View full review »
it_user634899 - PeerSpot reviewer
Global Security Engineering and Operations Director at a wellness & fitness company with 10,001+ employees

I was involved in the initial setup. We are an advanced user of QRadar. While the initial setup was not hard for us, it is a lot more complex where we are right now. It works with integrating some of other IBM products into QRadar, and there's work that needs to be done there to make it seamless.

We were able to be operational in a matter of weeks or months, which is not a long time.

View full review »
EG
Senior Information Technology Security Officer at a financial services firm with 5,001-10,000 employees

Implementing IBM Security QRadar is not overly complex. 

View full review »
Bobby Sandeep - PeerSpot reviewer
Vice President - Technology & Managed Security Services at Valuepoint Systems

I rate the initial setup a seven out of ten, and it is deployed on-premises. The deployment took about four to six weeks, and we did it in-house.

View full review »
Yaw Agyare - PeerSpot reviewer
Managing Director at Volta River Authority

The initial setup is moderate, and it is neither easy nor difficult. However, it took approximately one week to complete the implementation.

View full review »
DB
Security Sales Consultant at Google, LLC

The initial setup is very easy. I think it's one of the easiest SIMs to use. 

View full review »
SJ
Senior Security Engineer at a tech services company with 1,001-5,000 employees

The initial setup for QRadar is easy. It is easy to understand and easy to implement.

View full review »
AK
Works

The initial setup is very simple for our customers due to the fact that the first step is a demo for a customer. We need about 5 to 15 working days to make this demo. We talk about making a core system. It's not difficult to make over the Qradar SIEM. After that, if the customer needs some special function for, for example, different parts of the organization, we can propose some separate parts of SIEM. That's about two or eight weeks away. 

In general, for a SIEM project, you are looking at a deployment time of about two til eight months. 

View full review »
RU
Senior Solutions Architect at a manufacturing company with 51-200 employees

Deployment of such solutions always takes time because these solutions are not simple. You should have the expertise and you should understand what is really needed for the business. We understand the real business need, and accordingly, we implement the policies.

View full review »
it_user632664 - PeerSpot reviewer
Information Security Analyst at Allegiance Air

The setup was very straightforward. The special services team gave us insight and helped out to resolve any issues.

View full review »
Khalid Majeed - PeerSpot reviewer
Cyber Security Consultant at Software Productivity Strategists, Inc. (SPS)

It is easy to implement. I'd rate the ease of implementation seven out of ten. 

The deployment only takes no more than a few hours. There are configurations and fine-tuning that have to happen after that, and everything could take about a week. 

View full review »
SD
IM Operations Manager at a tech services company with 1,001-5,000 employees

The initial setup of IBM Qradar is difficult, you need to know what you are doing to be able to complete the task. It is not easy.

We used three to four specialists to do the implementation depending on how many integration levels you're going to have. If you're managing the flows and going to be managing applications, logical access, patch management, vulnerability management then it can take more time and more people. It depends on the scale that you want to integrate. 

IBM Qradar doesn't come ready for plug and play, for your APIs, integration, and all the other elements you will need a person that knows how to do the IBM QRadar setup. From that perspective, you need to make sure that integration points to the license keys, for validation, and that can be a different challenge if it doesn't work.

View full review »
SD
IM Operations Manager at a tech services company with 1,001-5,000 employees

IBM QRadar Advisor with Watson's initial setup is not straightforward. You have to set up your network infrastructure, IP range, and firewalls, and make sure everything is secure. There's nothing easy about that.

View full review »
AK
Cyber Security Consultant at raf

The initial setup is complex because it is not managed properly.

Our implementation strategy is based on it being a distributed environment.

View full review »
PK
Solution Architect Cybersecurity at a tech services company with 501-1,000 employees

How complex the initial setup is completely depends on the customer's infrastructure. If there are lots of tools that need to be integrated, then the setup is going to be really complex. I wouldn't say that the initial setup is complex, it's more moderate than anything. 

Deployment took two to three weeks from beginning to end.

View full review »
YS
IT Specialist​ at IT Specialist LLC

For the most part, the initial setup is straightforward and I give it a seven out of ten. The initial deployment and configuration require one month, followed by an additional 11 months of implementing various use cases and processes that need to be automated.

View full review »
Farid Lalayev - PeerSpot reviewer
Cyber Security Student at Baku Higher Oil School

As I didn't set up or deploy IBM QRadar, I have no information on whether it was easy or complex to set up.

View full review »
Ertugrul Akbas - PeerSpot reviewer
Manager at ANET

The deployment of IBM QRadar User Behavior Analytics is very easy when compared to other machine learning solutions. The full deployment took approximately three weeks with less than 5,000 EPAs.

View full review »
DS
SOC Team Lead at a financial services firm with 1,001-5,000 employees

The installation was easy but this can depend on what appliances you want to install it on. If it is VMware, then the installation is easy, it took me 30 minutes.

View full review »
CM
Security Operations Manager at a comms service provider with 501-1,000 employees

The initial setup was not difficult or complex. It was very straightforward. A company should have too much trouble with the process.

The deployment process was very, very quick as well. There is a collector deployed on our network. We spun that out. You point your log sources at it, you point it at some IP addresses that IBM gives you, and it just works.

View full review »
AI
Chief Technology Officer at a tech services company with 51-200 employees

The initial setup is complex. Theory is one thing and practice is another. We had to go back and forth with IBM just to find the relevant versions with the relevant operating system to sit on the relevant virtual environment. Then we found a few bugs. We are in a production system in a very big organization so deployment was carried out in stages. It took about a month in total to get things working and to start collecting logs. We had help from IBM Azure.
Maintenance is required, you have to watch it, and work on it on a daily basis. 

View full review »
AM
Senior Cyber Security Expert at a security firm with 11-50 employees

It requires expertise. If you have the right personnel, you can manage. It wouldn't be easy for a client and admins to set it up without proper support or support from QRadar itself.

View full review »
HH
Senior IT Technical Support at a training & coaching company with 1,001-5,000 employees

The initial setup is very straightforward. It's not overly complex. It's quite easy.

The deployment takes time, definitely. You've got to prepare for your solution so that it's going to work in spanning all the other devices too. That doesn't mean it's a complex process, it just means it takes a bit.

View full review »
JN
Director of Information Security at a financial services firm with 501-1,000 employees

The initial setup is complex. It's just the nature of the CM tool.

View full review »
MM
Senior Manager, Security Architecture & Operation, Corporate Security at Omantel

The complexity and length of time required for the initial setup depend on the requirements. There are some out-of-the-box features that can be implemented right away, but some equipment is not supported directly, so you need to write a DSM (device support module).

Implementing a DSM takes some time, although it will depend on the log source. If the log source is fully compatible then it will be very quick. However, if it is not compatible then you will need to do some scripting and other work.

View full review »
ÖO
B.T. Güvenlik Yöneticisi at a energy/utilities company with 10,001+ employees

The initial setup for this solution is very easy. It is an image file, and we haven't had any difficulties in the setup. After installation, there are many things to do. Again, the difficult part is the configuration of the product.

The installation period was very short, at perhaps one or two weeks. The configuration takes six months or more.

View full review »
VP
Manager-Cloud Security Operations at a retailer with 10,001+ employees

The initial setup was straightforward. It was not complex or difficult. It is not complicated.

View full review »
it_user634836 - PeerSpot reviewer
IT Director at MyEyeDr.

I was involved as far as picking and approving the solution. I was not involved in the installation.

View full review »
it_user632775 - PeerSpot reviewer
Sr. Security Architect at American Airlines

I was not involved in the initial setup.

View full review »
it_user634848 - PeerSpot reviewer
Security Operation Manager at a transportation company with 10,001+ employees

I wasn't directly involved in the initial implementation. I wouldn't say it's complex, but I mean just by enabling different data sources, you can go crazy with it and enabling them all in one shot is just too much.

Taking your time is probably a better approach so, that way, things operate smoothly and you can fine-tune things as you start seeing the network activity.

View full review »
it_user489405 - PeerSpot reviewer
Security Consultant at a tech services company with 11-50 employees

The initial setup was very easy. Integrating the infrastructure configuration is the biggest problem for any SIEM project.

View full review »
it_user631671 - PeerSpot reviewer
Information Security Analyst at a media company with 1,001-5,000 employees

The setup was a mixture of both, i.e., simple and complex.

It was complex because I had never dealt with it before. I had never set up a system like that. At the end, it got better.

View full review »
willie.Na. - PeerSpot reviewer
System Engineer at Trans Business Machines Ltd

The initial setup is straightforward, it's just a download and it installs. It's a matter of configuring a few parameters in terms of tweaking the thresholds that you want the app to fire in on. Installing takes a few seconds, but in terms of letting it land so that you can tweak it and tune the various metrics, takes about a week. 

View full review »
JR
Cybersecurity Business Development Manager at a comms service provider with 10,001+ employees

The installation is complex.

View full review »
DD
Head of IT Security, Governance and Compliance at a consumer goods company with 10,001+ employees

The initial set was very easy for us because we just bought what we were looking for, and not the entire infrastructure.

View full review »
RO
Information Security Specialist at a comms service provider with 501-1,000 employees

I didn't handle the initial setup. It was handled before I arrived at the organization.

View full review »
it_user398799 - PeerSpot reviewer
Sr. Security Analyst with 1,001-5,000 employees

The initial setup is straightforward.

View full review »
it_user634794 - PeerSpot reviewer
Director of Cyber Security at a insurance company with 10,001+ employees

Initial setup was pretty straightforward. It's a complex solution, but it was straightforward for a large environment.

View full review »
it_user545001 - PeerSpot reviewer
Security Operations Center Manager at a financial services firm with 1,001-5,000 employees

I was not involved in the initial setup.

View full review »
it_user631740 - PeerSpot reviewer
Security Manager at a pharma/biotech company with 1,001-5,000 employees

We got the basic functionality working, which is not difficult. It's getting the full value out of the solution, which is harder.

View full review »
UzairKhan - PeerSpot reviewer
Business General Manager at Mutex Systems

The initial setup is not very complex. My team has hands-on experience with the product, which is perhaps why they do not complain about its complexity.

The distributor helped us a lot, which is something that we appreciate.

View full review »
VK
AVP - Cyber Secuirty at Cloud4C Services

The initial setup was extremely complex. 

View full review »
SG
Vice President at a financial services firm with 10,001+ employees

The complexity of the initial setup is intermediate. It is neither straightforward nor complex but somewhere in the middle. A person with experience working in a security operation center and who is experienced with correlation rules and use cases can directly configure into the solution. 

View full review »
SS
Information Security Manager at a tech services company with 1,001-5,000 employees

The initial setup of QRadar is not complex because we have done it before and we are used to the development. It is getting easier all the time.

View full review »
AI
Chief Technology Officer at a tech services company with 51-200 employees

The initial setup for this solution is complex. There are many different components, and only the IBM technicians have the permission, or credentials, to modify the system online. As a customer, I cannot go in and install it myself. Rather, I am dependent on the IBM professionals.

View full review »
it_user641277 - PeerSpot reviewer
Information Security Analyst at a transportation company with 5,001-10,000 employees

Setting up the equipment and installing it across the network is pretty easy. It is similar to installing a Linux server.

View full review »
MI
Certified AIX I.T Manager at a financial services firm with 10,001+ employees

QRadar is very easy to install, and I can do it myself. The time period will depend on the organization itself, since it depends on the environment and the number of servers and endpoints. 

View full review »
JT
IT Security Analyst at a manufacturing company with 10,001+ employees

In some cases, the system or the hardware do not meet the requirements to install one flow collector. Or the menu is not displayed. The menu has 10 options. If the CPU and memory are not enough, the menu shows only five or six options. But this information is not mentioned in the installation process. But it is not complex because the installation is very clear as long as we are meeting all the requirements for the CPU, memory, or the space.

The solution takes maybe four months because we have a lot of integrations.

View full review »
MA
Information Security Manager at a comms service provider with 1,001-5,000 employees

It was straightforward, but we had to do some customization. 

View full review »
PL
Network Security Engineer at a wellness & fitness company with 10,001+ employees

It was a whole different product when we installed it.

View full review »
it_user246402 - PeerSpot reviewer
Sr SIEM Consultant at a tech services company with 51-200 employees

The initial setup was straightforward.

View full review »
JT
Solution Architect at Ostec

The setup is a bit complex. I'd rate it two out of five in terms of ease of deployment. It took us a week to get everything up and running. 

We had two engineers working on deployment and maintenance. 

View full review »
Kamal Abdelrahman - PeerSpot reviewer
Country Manager at Magarah

We manage the installation of the solution. It is not something difficult, it is reasonable. It is not that easy for anyone to do, it needs a technical team.

View full review »
OS
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services

The initial setup was complex, and it took six months. 

View full review »
WP
Vulnerability Manager at a tech services company with 51-200 employees

The setup was very straightforward. It's basically, "next, next, and next”, and then you are finished.

View full review »
it_user639687 - PeerSpot reviewer
Cybersecurity Expert at a financial services firm with 10,001+ employees

Initial setup was straightforward, but as with all SIEMs, out-of-the-box configuration presents minimal value from a security standpoint. Furthermore, good analysis on where to put collectors is essential, especially when it comes to QFlows.

View full review »
PP
Management Executive at a security firm with 11-50 employees

The initial setup can be difficult if you don't have a good understanding of the product, for us, it's not too difficult. 

To do a small deployment takes us about two weeks.

When we did the deployment for one of our clients recently it took us four engineers from our side and four engineers from the outside to deploy it within two weeks. 

View full review »
SP
Senior Security Engineer at a wholesaler/distributor with 10,001+ employees

The initial setup was straightforward.

View full review »
JB
Deputy General Manager at a comms service provider with 5,001-10,000 employees

The installation is complex. There is some overloading that happens, this could be simplified and made easier by allowing all key features on the first level dashboard to be viewed.

View full review »
Md Saiful Hyder - PeerSpot reviewer
AGM, Enterprise Solutions at Omgea Exim Ltd

The initial setup is not complex at all. It's very straightforward.

Since it is coming with a predefined image, anybody can actually deploy this on a VM or ia physical appliance. The deployment is flexible.

A control installation takes four to five hours to initialize the console. After that, deployment is dependant on the customer requirements. However, simply initializing the appliance takes two to four hours depending on the allocated resources, therefore, it's quite quick.

View full review »
AS
Co-owner and CEO at Data Security Solutions

It usually happens within two or three hours, but it also depends on the preparation. If good homework is done, then the initial setup is totally flawless. It is ready very soon. We then try it and wait for maybe a couple of days more. After that, we start fine-tuning, and then we do advanced installations.

For us, such projects usually don't start without any experience with technology and the concepts. When you are buying it, you need to know all the information systems, create a list of tasks and priorities, and understand the use case better. 

View full review »
FC
Ingénieur d'étude R&D at DOGA

The initial setup was not complex at all. It's pretty straightforward and simple. We didn't face any real issues during the deployment process.

View full review »
it_user1379427 - PeerSpot reviewer
Application Security Architect at Bank Al Habib Limited

The initial setup was really easy, it was really straightforward. I got it done in one day.

View full review »
JK
Lead Security Infrastructure Engineer at a financial services firm with 5,001-10,000 employees

It is incredibly easy to deploy. All the appliances are flexible in the roles that they serve and are all managed the in the same way. Adding log sources is very straightforward, along with device updates, etc., which are all centrally managed.

View full review »
WP
Vulnerability Manager at a tech services company with 51-200 employees

The setup was very straightforward. It's basically, "next, next, type in machine details and next”, then you are finished.

View full review »
it_user634800 - PeerSpot reviewer
Security Consultant at Dimension Data

We implemented the solution from the scratch with our customers. We have a lot of implementations that they can check.

The setup was very complex. We have integration with a customer service desk and a lot of customization. It's the best thing that we can create our own app and adapt it to QRadar.

We attended the IBM master class to help us with an SDK to develop our own apps. Some of our customers are banks and they have a lot of things to do. Sometimes the features they need are not in QRadar, so we have to customize the solution a little bit for them.

View full review »
it_user642180 - PeerSpot reviewer
Director SOC at a tech services company with 51-200 employees

The initial configuration is simple; the maturation of the application is complex. Not because of the application of QRadar, but because they include many factors, such as the identification of critical assets and how we can secure them, with the application.

View full review »
JJ
Managed Security Product at a comms service provider with 1,001-5,000 employees

The initial setup is at an intermediate, medium level. It's not that straightforward, but not that complex either. The only thing is that their licensing model is a bit complex because they charge for a couple of components like EPS and NetFlow, so that kind of licensing charging is a bit tricky. But all in all, it's a medium, not that complex.

I think it was set up within a month. But use-case finalization and other configurations took another month. It's kind of a two to three month project to move to production completely.

View full review »
BK
Program Manager at a tech services company

Choosing the cloud platform gives a significant advantage in terms of the setup. I have been deploying the same solution across enterprise organizations from day one, and previously it used to take a month for implementation. Now, I think that it has been reduced to two weeks.

The challenge with the old model is that you normally need to work with the hardware vendors to ensure the right patches or data is available. We used to install the physical hardware, but with the cloud version, you can just start your service and add devices. You can start populating and getting reports on alerts and such in a week's time.

The implementation team is about three or four members. It has not yet grown to an operational stage because we are still implementing the solution. 

View full review »
WP
Vulnerability Manager at a tech services company with 51-200 employees

The setup is straightforward. The last one I did took me about three days. It only takes half an hour to set up QRadar, but getting the other systems to talk with QRadar, to forward syslogs, is what took the additional time, because I didn't have all the login information. If you've got all the relevant information, it shouldn't take you more than a day to set it up.

View full review »
it_user632703 - PeerSpot reviewer
Senior security analyst at a financial services firm with 1,001-5,000 employees

The setup wasn't too complex. It was pretty straightforward. Basically, it's pretty much out of the box. You don't have to configure it much for your environment. It's built for many different types of companies. Once you start getting in all of your different log sources and using those custom parsers I mentioned, basically you've got to start looking at, What's white noise? What's not white noise? That's really what takes up a lot of your time, as to scaling it for your environment. The setup itself isn't very difficult.

View full review »
it_user632781 - PeerSpot reviewer
Cyber Security Manager at a energy/utilities company with 1,001-5,000 employees

The setup is very complex; it's not like somebody can walk in and build it. It requires many years of experience to manage and maintain it. You need to have at least an experienced and dedicated team, in order to maintain the environment that we have. It's nothing like a click-and-done type; it requires a lot of care and feeding to manage the environment.

View full review »
NB
IT Security and Business Development Manager at a tech services company with 51-200 employees

The initial setup is fine. The moment we send the packets for an update it's easy but then there are challenges for the users. We have actually changed the hardware, so it got updated. We have to check if the problems are due to the hardware or due to the software.

The initial setup normally will take a day. it depends on the number of users. We have 300 users on the system which took around ten days. 

We require five to ten staff members for deployment and maintenance. 

View full review »
it_user393954 - PeerSpot reviewer
Application Infrastructure innovation at a financial services firm with 1,001-5,000 employees

I was involved in the initial setup. Well, IBM did it, since it was a managed service. It was pretty straightforward.

View full review »
Ashok Kumar Biswas - PeerSpot reviewer
System Engineer (Cybersecurity) at Omgea Exim Ltd

I rate the initial setup a ten out of ten. It is deployed on-premises and takes about two to three days to deploy the full environment readiness. But the device integration, rules screening and log onboarding take too long, about three to four months. The deployment was completed in-house.

View full review »
Ahmed Hossam - PeerSpot reviewer
SOC Analyst Tier 2 at IP Protocol INC

The initial setup was difficult the first time, but it got easier after that.

View full review »
PD
Assistant Engineer at Harel Mallac Technologies Ltd

The initial installation was straightforward, we were able to have it running in half a day.

View full review »
JW
Solution Security Architect at PT. Sinergy Informasi Pratama

The initial setup is complex if the data set is large. It really depends on that. We provide maintenance services to our clients so that if they have any trouble, we assist with troubleshooting.

View full review »
MD
Cybersecurity Engineer Consultant at a tech services company with 501-1,000 employees

It is very easy to deploy. It is not a user-friendly way to deploy, but for IT guys who have the skills of Linux servers, etc., it is easy.

View full review »
MH
Network and Security Technical Team Leader at a wholesaler/distributor with 201-500 employees

The implementation is complex.

View full review »
SU
Team Lead - Information Security at a computer software company with 10,001+ employees

The deployment was easy. It wasn't overly complex.

It took me around six months to do the implementation. 

View full review »
RP
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees

The installation was a little difficult and could be made easier.

View full review »
GO
Marketing Director at a aerospace/defense firm with 1-10 employees

The initial setup was very complex.

We are planning to take at least one year for the complete setup. Deployment went fast, between six and three hours.

View full review »
it_user163854 - PeerSpot reviewer
Security Solution Architect with 1,001-5,000 employees

Simple:

  • Boot VM off ISO image.
  • Install license
  • Point logs at it
  • Done

Occasionally the documentation did not reflect what was happening so did need to access tech support a few times.

View full review »
SW
Cyber Security Consultant at Gulf Business Machines

The initial setup is not complex at all. It's quite straightforward. If a company implements this solution, they shouldn't have any issues with the setup process at the outset.

How long it takes to deploy depends on the size of the environment and the company. If it's a small enterprise, it can be done basically in a week or so. It's all about not just the department, however. It's all about collecting the log sources to integrate into it. That is where the process takes time. If the log sources are put together, things become much easier to handle. It's quicker and easier to define the rules, correlations, and reporting. The most time spent at the outset is in collecting the log sources and getting the log sources to send the data to.

The deployment process doesn't need many people. It depends on the deployment structure at first. If it treats a distributed architecture, of course, you need a couple of guys to be on board. However, then it's not only about deploying the solution, it's all about integrating the solution with different products or different platforms. That is where the time goes in. It's not a one-person job. Right from the application database, metro securities, and different controls that are in place, they all need to be integrated into the center. If we're talking about an enterprise, the team in an enterprise is equally responsible for waiting for those things to integrate.

View full review »
DP
Chief Technical Officer at IT Specialist LLC

The initial setup is really straightforward. IBM QRadar User Behavior Analytics is very easy to deploy. Usually, if someone has already installed QRadar SIEM, then deploying User Behavior Analytics takes two to three hours.

View full review »
SO
Deputy General Manager - Network Security at a tech services company with 201-500 employees

The initial setup was neither straightforward nor too complex. It did take some effort to implement, but it was manageable. We did not see any issues implementing it. We actually completed it in three to six months. When we initially implemented it we used some fresh use cases and observed the performance but these were all completed in three to six months. The initial deployment took hardly one week.

View full review »
NM
Solution Manager at ZZTL

The initial setup is not straightforward but of medium complexity. It's not simple but not so complex. It usually takes two to three weeks to deploy. 

View full review »
AF
Cyber Security Specialist at AEC

The initial set up was a bit hectic the first time because, it's not about the QRadar application itself, it's about defining or configuring the data sources or the traffic sources to QRadar. We are going to use a small file through literally all of the traffic sources. We found it was difficult to merge with QRadar due to different IPs, different sources delaying the process and just technical issues. It's not an issue with the QRadar solution itself.

View full review »
Kamal Abdelrahman - PeerSpot reviewer
Country Manager at Magarah

The implementation was not easy and was not difficult, it was in the middle.

The full implementation can take approximately two to three months.

View full review »
TG
Sr. Information Security Analyst at a insurance company with 51-200 employees

The third-party vendor manages the system

View full review »
BB
Enterprise Architect, CISSP at a tech services company with 1,001-5,000 employees

The initial setup is really straightforward. It's a bonus point of this solution.

View full review »
it_user970365 - PeerSpot reviewer
Cybersecurity Practice Lead at a tech services company with 201-500 employees

It's straightforward. We just had to connect it to our servers, to our security solutions, and that was it. Everything was already communicating.

We are just a small company, so the deployment did not take that long, about a month to a month-and-a-half. It didn't involve too much downtime since we're just monitoring a few servers and a couple of security tools.

View full review »
TM
Senior Cybersecurity Consultant at CIA Botswana

The initial setup was easy. It usually takes around three months or so. In terms of the implementation strategy, once we get the correct events sorted, the strategy is to connect enough events sources so that they give you an efficient solution. 

We require five to ten people for setup and maintenance. 

View full review »
it_user634860 - PeerSpot reviewer
Cyber Security Engineer

I was involved in the initial setup. It was straightforward and not complex.

View full review »
it_user634830 - PeerSpot reviewer
Group CIO at a tech services company with 501-1,000 employees

The setup was a bit complex. But as a project team, we pulled it through. It was complex because you need to understand the product and they need to understand our business requirements, as all of this is in the setup. So, it's not a straightforward payoff by just putting us off way there.

View full review »
it_user285759 - PeerSpot reviewer
Security Consultant at a tech services company with 11-50 employees

The setup is complex, i.e., for the first setup. SIEM is not easy so as to enable logs without any performance issues and the deployment advisor is the key for the project.

View full review »
it_user140676 - PeerSpot reviewer
Information Security Consultant at a tech services company with 51-200 employees
The initial setup of QRadar is straightforward. From the installation perspective, IBM provides one ISO file that can be used to install any of the QRadar components, with the activation key deciding which components to install. From the deployment perspective, QRadar has the ability to automatically detect many log sources sending logs. The out-of-the-box dashboards, searches, reports, and correlation rules allows QRadar to start displaying intelligence and insight on devices, network statistics, authentication, and many more, and to start alerting on offenses and policy violations automatically. Coupling this with the automatically detected log sources, a demonstration of QRadar can only take a few hours from the installation, to automatically detecting a log source such as firewall logs, to getting alerts on excessive firewall denies, port scans, etc. View full review »
MB
Information Security Leader at a computer software company with 1,001-5,000 employees

The initial setup was quite straightforward.

We had the complete deployment and it was up and running in half a day.

View full review »
it_user632760 - PeerSpot reviewer
Lead Developer

We were involved in the setup in terms of sending the information back and forth to QRadar. Other than that, I did not take part in the installation.

View full review »
it_user643884 - PeerSpot reviewer
Senior System Administrator at a tech services company with 11-50 employees

The setup was really straightforward. You simply need to put your ISO image in the hypervisor, follow the on-screen instructions and you have it running in one hour.

View full review »
RR
IT Security Manager at a tech services company with 201-500 employees

The initial setup was complex.

View full review »
OK
Analyst at a tech services company with 501-1,000 employees

I believe the initial setup was straightforward but I was not here for the setup, although I did not get any complaints.

View full review »
JS
Cybersecurity Architecture and Technology Lead at Appxone

It was straightforward

View full review »
OU
Technical Consultant at activedge

The initial setup wasn't straightforward. The setup is situation specific.

The deployment for us took about 3 months.

View full review »
DA
Senior Server Security Engineer

The initial setup was complex. When it comes to the deployment, you can get it done in a day but if you want to fine-tune it can take a very long time. This isn't only for QRadar, but this applies to most solutions. 

It takes two or three people to deploy this product but if you want to do custom configuration then you need each and every part's expert. You need a network expert, forensic expert, and system expert. If you want an advanced system configuration you need many more people. If you only want to integrate this solution in your organization then two or three people is more than enough for the deployment.

View full review »
SO
Member at CIFAL Argentina

I was not involved in the initial setup.

View full review »
it_user634779 - PeerSpot reviewer
Security Intelligence at a tech services company with 10,001+ employees

I was involved in the setup; it was pretty straightforward. Once you understand the overall architecture, it is pretty much easy to install and work upon.

View full review »
BT
Assistant IT Manager at a insurance company with 1,001-5,000 employees

The initial setup and deployment are very easy. I think it took us about a month to implement this solution. We have a team of two, one manager and one technical, to deploy, manage, and maintain this solution.

View full review »
LY
Partner at a tech services company with 1-10 employees

Always the sizing on any BPM project is challenging, as with any BPM tool.

View full review »
LD
Technical Presales at a tech services company with 1,001-5,000 employees

The initial setup is very easy and takes just one day.

View full review »
OO
Cyber threat Intelligence Manager at CyberLab Africa

The installation is not very difficult, I did not have any problems.

View full review »
MK
Practice Head at a tech services company with 51-200 employees

The initial setup is very easy.

View full review »
LB
Security Engineer at a tech services company with 11-50 employees

The setup is really very easy. It takes a few hours. The integration, orchestrating all the components to send logs to, etc., is very, very complicated. In the last setup we did for our customer, it took us four months to integrate. The setup, on the other hand, took only half a day.

View full review »
AB
IT Manager at a comms service provider with 1,001-5,000 employees

The setup was straightforward and the deployment was easy.

View full review »
MH
Team Lead & Principal Software Engineer at a tech services company with 51-200 employees

I didn't find it to be complex. I think IBM QRadar has a more user-friendly GUI that helps your team work easily within it. Deployment for an all in one will take four to five hours but can vary depending on environment size.

View full review »
JM
CEO at a tech services company with 11-50 employees

The initial setup is easy.

View full review »
AK
Security Analyst at a tech services company with 51-200 employees

The initial setup is quite straitforward and not so difficult. 

View full review »
AC
General manager at a tech services company with 201-500 employees

The initial setup is complex and the deployment takes approximately three months.

View full review »
it_user984276 - PeerSpot reviewer
Senior Analyst at a tech services company with 201-500 employees

There was some complexity in the initial setup due to bandwidth issues.

The implementation took two to three days.

View full review »
RM
Senior Field Manager at a tech services company

The initial setup was straightforward. The deployment time depends on each customer. We have customers who have different infrastructures and their deployments are quite different. If we rack and stack it, around two, three days, maximum a week, but configuration and optimization take up to somewhere between six months and one year.

View full review »
DC
Security Solutions Architect at Micro Strategies

It is a pain to set up; basically it is not that easy.

View full review »
it_user197457 - PeerSpot reviewer
IT Security Manager at a tech services company

The setup was straightforward and not complex.

View full review »
OO
Founder at a university with 11-50 employees

It is an easy tool for me, so the initial setup was easy for me, but it might not be easy for everyone. If you compare it with Kibana, QRadar is easier to implement.

The implementation strategy was to follow the users, collect the logs, and then implement QRadar.

View full review »
VB
Principal Security Architect at a computer software company with 10,001+ employees

The setup is comparatively easy, it's not that tough. But if you look at the current situation with COVID-19, people or organizations are not looking at how easy the cost of the innovation is. People want a plug and play option. 

It's like if you go to the market you buy a car, you get the key, just sit in the car and drive it out. With traditional companies like IBM, you have to use all the hardware, you have to use all the software, and the setup can take one month, two months, three months depends on or the scope. Nowadays consumers are looking for a souped-up car. They expect the tool to be operational maximum within a week's time or 15 days. That is what is missing in the QRadar.

The time it takes to deploy depends on the project scope. The order of planning can take a month to three months.

You will need three people to set it up. It can get quite expensive in retrospect. I prefer to have a plug and play service

View full review »
DS
Works at a tech services company with 11-50 employees

The initial setup is straightforward. It's very easy. I think anyone can install it within minutes. The deployment of IBM QRadar takes around 20 to 25 minutes if you have a good hard drive.

View full review »
it_user795519 - PeerSpot reviewer
Senior Security Engineer at dig8labs

The initial setup was very straightforward. I didn't have to do anything once I installed it and configured it. It was very simple. Other solutions I have worked on, such as McAfee and LogRhythm, are a bit complex. This one is very easy to install and configure.

The deployment takes one to two months, max. The implementation strategy is totally dependent on the number of EPS, the requirements, and the types of log sources. We collect this information and then create our strategy.

I have been an engineer in many firms. I have deployed it by myself. One expert can deploy it. If there are 100,000 EPS you'll need more resources. If you have 5,000 to 10,000 EPS, one person can do it.

View full review »
it_user575124 - PeerSpot reviewer
Sr. Security Engineer at a tech services company with 11-50 employees

The setup was straightforward.

View full review »
YC
Security Consultant at a tech services company with 11-50 employees

We require eight staff members for the maintenance. 

View full review »
OO
Founder at a university with 11-50 employees

The initial setup is straightforward. We had no problems.

It took approximately a month to deploy.

View full review »
it_user610512 - PeerSpot reviewer
Technical Security Specialist at a tech services company with 51-200 employees

The initial setup is very easy, just like when you install an operating system, and then you do the configuration needed for your environment.

View full review »
GC
Queretaro at a tech services company with 1-10 employees

You need someone with the proper skills to complete the setup. The complexity of it depends on the features that you are looking for, and it can become very complex. The deployment can take between 16 and 20 days, depending on what needs to be configured.

It's a process to deploy, but once you have it configured it's easy to operate.

View full review »
MA
General Manager at New System Engineering

The initial setup of this solution is not complex.

Deployment normally takes between one and three months.

View full review »
it_user934623 - PeerSpot reviewer
Senior Information Security Analyst at a financial services firm with 501-1,000 employees

The initial setup wasn't exactly straightforward but the vendor who set it up for was helpful. It was very straightforward with their help. The deployment took two months. 

We require two admins for maintenance. 

View full review »
it_user640416 - PeerSpot reviewer
Assistant Manager-Information Security at a transportation company with 1,001-5,000 employees

The setup was straightforward.

View full review »
OF
Professional Services at a tech services company with 51-200 employees

The initial setup is pretty straightforward.  We had several logs to integrate so it took a week and perhaps a few days.

View full review »
SH
Pre-Sale Consultant (Technical) at a tech services company with 51-200 employees

The initial setup was easy and it took one day to install it.

View full review »
Buyer's Guide
IBM Security QRadar
March 2024
Learn what your peers think about IBM Security QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.