2017-03-30T06:20:00Z

What advice do you have for others considering IBM QRadar?


If you were talking to someone whose organization is considering IBM QRadar, what would you say?

How would you rate it and why? Any other tips or advice?

Guest
3636 Answers

author avatar
Top 5LeaderboardReal User

If you absolutely positively have to catch the bad guys, and you have a heterogeneous environment QRadar is a great choice.

2019-12-05T02:59:00Z
author avatar
Top 20Real User

This is a good solution, but I am familiar with the capabilities of the other products and IBM needs to make some improvements. I would rate this solution a seven out of ten.

2019-06-16T07:23:00Z
author avatar
Real User

There are many good products and solutions on the market, but for implementation and maintenance, I can say that the most important thing is local support. We do not have any issues with this product, and we have seen the benefits of it. It is easily configured and installed, and we have a local team to support it. It does have issues in terms of user experience, however. I would rate this solution an eight out of ten.

2019-06-13T12:36:00Z
author avatar
Top 20Real User

The first advice I give my customers before buying SIEM is: "You should understand the solution well before starting the implementation." If they don't understand the solution, they will never be able to use it correctly. This is the first piece. The second point is that they will resist the change made to the setup installation. If they look for the solution, QRadar ATM is the best. I would rate this solution as nine out of ten. I think there is no perfect product; maybe there will never be a perfect product. When I started to learn IBM QRadar, it was complicated to me in the beginning, because we did the installation for the customer. It is complicated, and the meaning and training were not very clear.

2019-06-13T12:36:00Z
author avatar
Top 5Real User

I would recommend this product. It is very simple to install, and not a complicated solution. IBM supplies regular software updates. I would rate this solution an eight out of ten.

2019-06-06T08:18:00Z
author avatar
Real User

This kind of solution is essential. The communication network functions very well. On a scale of one to 10, ten being the best, I would give this product a rating of nine.

2019-04-29T07:11:00Z
author avatar
Top 10Real User

The solution functions very well. It is amazing but there are some bugs with it. The unknown bugs can just come up with the adaptor with the data stored in Qradar. On a scale from one to 10, ten being the best, I would rate this product an eight out of 10.

2019-04-29T07:11:00Z
author avatar
Top 20Real User

I would rate this product eight out of ten.

2019-04-17T08:37:00Z
author avatar
Top 5LeaderboardConsultant

I think this product adds significant value to organizations seeking a scalable, security integration tool. It does a great job of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities. It's a good solution On a scale of 1 - 10, 10 being the best, I give this product a rating of 9.

2019-04-17T08:37:00Z
author avatar
Real User

I would rate this solution eight and a half out of ten.

2019-04-17T08:37:00Z
author avatar
Top 20Consultant

I would recommend IBM QRadar because of the security features and the organization. I can recommend the security. Security is nowadays an essential part of IBM QRadar. IBM QRadar is probably the best possible solution in the market. I would rate it an eight out of 10.

2019-04-11T06:16:00Z
author avatar
Top 20Reseller

QRadar, as a product, might be very straightforward, but to fully understand the product you would need to go for the QRadar training. IBM's training for QRadar is very expensive but it really helps you use the product to its full potential. Before I went to the training, I only used about ten percent of its capability. I would recommend going for the training on the product. In terms of the number of users, it's not users logging in every day and doing stuff on QRadar. It's a handful of people from the team monitoring QRadar. We could be managing, for example, 50 or 70 customers through one dashboard and about ten people would be monitoring it. The users have a specific role. The amount of staff required for deployment or maintenance depends on the type of update or patch that's being deployed. For deployment of a new patch it, it could take anything from an hour to about ten hours. It depends on the patch, how big the patch is, and if you've gone through a testing phase or not. So there are multiple dependencies on how long it would take. An average, for me, would be three hours to do certain deployments. Currently it's being used quite widely. The only downfall of this product would be its price. I wouldn't recommend it for a small company. For larger companies I know it's being widely used.

2019-03-31T09:41:00Z
author avatar
Top 20Real User

Overall, it's much better than other products. In terms of increasing its usage, I have suggested to my organization that it tell customers to use it, its capacity and capabilities, with other tools like Watson.

2019-03-28T08:19:00Z
author avatar
Top 20Real User

I would advise someone considering this solution to write down your use cases and evaluate them with the vendor. Evaluate the best solution based on your use cases because you are the ones who are going to use it. The vendor will try and implement and leave you with your problems. If the solution meets your requirements and solves most of your problems, you're good to go. QRadar is the best solution we have. The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not always straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference. I would rate it an eight out of ten.

2019-03-28T08:19:00Z
author avatar
Top 5LeaderboardReseller

I would rate it an eight out of ten. Not a ten because the configuration part of it should be easier. They tried to integrate everything together to be all in one, but it's not easy to configure.

2019-03-10T16:43:00Z
author avatar
Real User

I would advise someone considering this solution to evaluate several solutions, compare them, and if there is an option for customization check with the solution provider, and then go for it. I would rate it a seven out of ten. It's a good solution, we've used it for a long time, but then there are a few issues with security.

2019-03-06T07:41:00Z
author avatar
Top 20Real User

My advice is to take your time. It depends on your network, on what you want to gather information from. Make sure that the networking and the cybersecurity teams are working towards a common goal. The solution is very much worth it. You can gather all the information that you need as long as you know first what you need. This solution is mainly for the Security Operations Center, so there are just three or four users. But it's one of the key tools for us to identify threats and attacks. The users are security operations analysts and threat hunters. In our case, deployment and maintenance requires just a few people. They are the network administrators and our cybersecurity engineers. At the moment we have no plans to increase usage. If the company grows, usage should grow as well. The company is growing but, as of the moment, we are planning for expansion. That's why the solutions that we carry are already built for expansion for the next three to five years. I would rate QRadar at eight out of ten. It's not perfect and the big issues would be the price and it that it takes some time to understand it. But so far, it's one of the best solutions out there.

2019-03-06T07:40:00Z
author avatar
Consultant

I would rate it an eight out of ten.

2019-02-26T08:25:00Z
author avatar
Reseller

I would rate it an eight out of ten. Not a ten because of the complex interface.

2019-02-25T08:45:00Z
author avatar
Top 10Real User

I would rate this solution a six out of ten.

2019-02-07T12:28:00Z
author avatar
Reseller

I would rate it an eight out of ten.

2019-02-03T08:35:00Z
author avatar
Real User

If you are a medium to large size enterprise, you can surely consider IBM as one of the major contenders for your selection. If you are a small enterprise, QRadar may be too much for you, it may be too complex. When deciding on a solution, we always consider: * Cost-benefit * Shelf-life of the solution * Security of the solution

2018-10-29T15:46:00Z
author avatar
Consultant

There are new things that are coming up in QRadar, such as AI to IBM Watson. This is going to create a huge impact in these types of solutions, because we don't have an artificial intelligence coming in. There are other tools that have artificial intelligence, but IBM QRadar getting integrated with artificial intelligence is the next step. It should be noted that the QRadar type products are actually changing their strategy. they will move on to the next stage that is called "Threat Hunting." Instead of waiting for some attack to happen and getting an alert, the new solutions will try to find out those suspicious activities in your network or environment and resolve it before it creates havoc.

2018-10-04T17:27:00Z
author avatar
Vendor

I highly recommend this product.

2018-08-30T10:51:00Z
author avatar
Reseller

I would rate it a seven out of 10. I have had some challenges integrating this solution. Each organization is looking for security. If you have a SIEM tool, you can integrate it with all of your security devices, and get all your security logs. This console gives you the entire view, which makes life easier and allows you to take precautionary measures. People who handle only four or five security devices spread across the globe should go with this SIEM tool.

2018-07-22T08:31:00Z
author avatar
Real User

Do your research before implementing it, because it is tough to implement. Most important criteria when selecting a vendor: support. I say this to every vendor. It is not always about pricing, which is nice when we start, but when the crap hits the fan. I want the vendor to be there with me.

2018-06-30T07:18:00Z
author avatar
Real User

The most important criteria when selecting a vendor: stability. The security space is tough. Unlike a lot of other spaces, IBM will not be bought anytime soon as a 100 year-old company.

2018-06-29T07:18:00Z
author avatar
Reseller

Most important criteria when selecting a vendor: Our customers need a cross of different units which make up a better solution for them.

2018-06-28T07:18:00Z
author avatar
Real User

Research, and don’t be afraid to do a few PoCs. Also, make sure you have a team for the tool. Most solutions require a team, so if you cannot apply a team towards the tool then hopefully you can use one of the managed SIEM options.

2018-06-28T06:31:00Z
author avatar
Real User

Understand how your analysts need to use SIEM to execute use cases. This platform can collect and normalize data better than just about anything (if you want it to), but it will not be useful if it is not presented in a useful way.

2018-06-26T12:31:00Z
author avatar
Top 20Real User

Ensure you have the functional skills on BPM and the technical skills on IBM BPM. We used to be IBM partners, but are not anymore. Now, we are Red Hat partners.

2018-06-26T12:31:00Z
author avatar
Consultant

Overall, I love this product.

2018-06-12T12:14:00Z
author avatar
Consultant

Think scalability and make sure your product can be integrate into QRadar.

2018-06-11T06:45:00Z
author avatar
Real User

IBM needs to invest more into the collaboration with other vendors. If you want to go to IBM, do not just go for QRadar. You need QRadar and all the products that surround QRadar, especially BigFix, because the product is ten times stronger with it. Most important criteria when selecting a vendor: * The technical features of the solution. * The people in my region at the vendor. * The perspective of the project manager on the customer side. * Data involved and time of the implementation. * The needs of the customer. * The cost of the project. * Training involved.

2018-06-03T09:17:00Z
author avatar
Top 20Reseller

Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked up. I haven’t heard about a lot of problems from other people using the product. When we only have four hours to respond, an hour can make a difference in waiting for support.

2017-04-05T06:02:00Z
author avatar
Top 5LeaderboardConsultant

QRadar also supports UBA which is a fantastic feature to detect user's malicious activities.

2017-03-30T06:20:00Z
Learn what your peers think about IBM QRadar. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
441,672 professionals have used our research since 2012.