IBM Resilient is not difficult to install as it is based on a simple image that can be installed with just a few clicks for license setup. If you are deploying it on-premises, you just need a VM for deployment. Once it is set up, you can access the web interface from your system and proceed with license deployment and configuration. However, customizing it to meet your specific needs can be time-consuming as it is a mature product that requires careful consideration.

Installing IBM Resilient on-premises is not difficult; it is quite straightforward. You can get it up and running in a day. However, building custom playbooks and network setups might take a bit longer, maybe around a week. But generally, you can have it fully operational within a reasonable timeframe. The installation is made easier by the frequent release of integration apps, with updates every two weeks. IBM Resilient can be deployed on-premises but is also flexible enough to be used in the cloud. It is available on Microsoft Azure, AWS, and Google Cloud, making it adaptable to various cloud providers. This flexibility allows organizations to monitor both hybrid and public cloud environments, and you can even tap into IBM's cloud services if needed. 

The solution is deployed on the cloud and on-premises.

The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex.

The installation and configuration phases of IBM Resilient were started a year ago in my company.

It is quite easy to install the product.

I was involved in the deployment process of the solution. It took approximately seven months for it to be in production. We collected information from various entities before using analytics to build the DevOps. Additionally, we integrated it with the required product during the installation. I believe it was fixed later, so it took around a month or so to be in production. The maintenance of the solution is not difficult. So, sometimes you may need to contact someone who knows IR or DevOps.

A SIEM solution has two sides, security information and event management, and in SIEM, implementing the system isn't an issue. However, to get visibility, you must onboard your platforms, so the complexity level for that varies.

Depending on the vendor, a SIEM solution usually has pre-built normalization or passes, but many small customizations will be needed. Onboarding, particularly getting the visibilities, is not a big deal, but you'll face some challenges with the implementation because of the lack of deployment experts. In my part of the world, it's tough to find top-level experts because the experts typically leave and go to other parts of the world. It's a real challenge to retain people in this space. If you're careful and able to manage that challenge, it would be easy to onboard the platforms and implement a SIEM product.

For the SOAR side, the same problem exists, but with a higher level of intensity because SOAR is new to security operations. It's the latest development, so implementing it is a massive challenge because it requires a lot of expertise and experience in different areas of IT operations. SIEM implementation is easier to manage than SOAR implementation.

Implementation would be more straightforward if you have initial awareness or get good training from an experienced team. However, training newbies in the field will be challenging because the newcomers only have product knowledge. Newbies won't know the exact requirements of the IT world or have enough IT experience, so the deployment task should be entrusted to experienced people.

It isn't easy to give a generic or worldwide applicable rating for IBM Resilient because it has a lot of customizations and integrations. Still, based on my experience, I found the initial setup challenging, so it's a five out of ten.

Six months passed, and the implementation for IBM Resilient is still incomplete. It's ongoing, but if you include the time it took to source hardware and other steps, it's more than six months. It's been challenging to gather resources and source hardware because my country is facing a terrible financial crisis. The environment is difficult right now, affecting my rating of IBM Resilient setup-wise, but it's a good product.

The product's initial setup phase was a bit difficult, but my company received all the support we needed from IBM. During the initial setup phase, my company faced some unexpected challenges during the process within our environment. There will be some issues or problems during the product's installation phase.

The solution can be deployed in around 40 days.

The deployment process was carried out with the help of two people in our company.

The initial setup of IBM Resilient is somewhat difficult, particularly in complex environments, as it involves multiple components. It took one day to deploy.

The tool’s setup is easy. I would rate the solution’s setup a seven out of ten. The deployment took six months to complete. Our deployment team consisted of three engineers.

The initial setup is straightforward.

It's simple to install and doesn't take very long to deploy.

The initial setup is not straightforward or simple. It's quite complex. It can be difficult. The whole deployment, as well as the configuration, takes some work.

The deployment itself took about two months in total. 

We've had issues with the setup process. We have Palo Alto, and for some reason, there isn't good compatibility.

That said, for the most part, the installation is fairly straightforward. It's not too complex.

We have five team members capable of handling implementations.

The installation is straightforward, but customization requires an understanding of programming as well as CTI integration. For implementation, I had a team of two engineers.

The initial setup was straightforward. It took us a month to deploy.

The solution isn't hard to set up if you have a good understanding of IBM QRadar. It's also easy to integrate with it. Deployment takes about one hour. The configuration is a bit more complex; you'll need to understand how the unit works. Configuration usually takes about three days, but it can take up to one month. It depends on the network.

Typically, you just need one person to handle the deployment process, but it depends on the network. We have a team of ten people who handle the maintenance. They work on all of the solutions, not just Resilient.