Q1 Labs | QRadar Overview

Support | Contact Us

Overview QRadar Log Manager QRadar SIEM QRadar Risk Manager Network Activity Monitors Application Activity Monitors Virtual Activity Monitors High Availability Supported Devices

Overview Log Management Threat Detection Risk Assessment Configuration Auditing Vulnerability Prioritization Compliance Automation

Overview Government Agencies Financial Institutions Healthcare Providers Energy & Utility Companies Retail Organizations Educational Institutions Q1 Labs Customers

Overview Technical Assistance Consulting Services Planning & Implementation Services Training Services Product Updates Qmmunity

Overview Analyst Reports Brochures White Papers Case Studies Media Center Upcoming Webinars Blog

Overview Strategic OEM and Alliance Partners Q1-Alliance Partners

About Q1 Labs Management Team Global Q1 Labs Continuing Business Within IBM Press Room Live Events Awards Careers Newsletter Signup

ITWeb

» Products: IT Security Intelligence

Products: IT Security Intelligence

QRadar®, Q1 Labs' Security Intelligence Platform, delivers an intelligent, integrated and automated security solution that provides complete, 360° security intelligence across your entire network, no matter how large or small.

A family of IT security intelligence products built on a common architecture:

The QRadar Security Intelligence Platform provides a unified architecture for collecting, storing, analyzing and querying log, threat, vulnerability and risk related data. As a result, operators, analysts and auditors using any of the modules of the Security Intelligence Platform benefit from:

Unified collection, aggregation and analysis architecture for application logs, security events, vulnerability data, IAM data, configuration files and network flow telemetry
A common platform for all searching, filtering, rule writing, and reporting functions
A single user interface for all log management, risk modeling, vulnerability prioritization, incident detection and impact analysis tasks

Architecture designed to scale:

QRadar's flexible architecture allows organizations to scale their security intelligence infrastructure with seamlessly integrated appliances accessible through a single user interface, called "One Console Security". This highly integrated, architecturally elegant approach improves operational efficiencies and helps network security teams better protect their organization's IT assets from a growing landscape of Cyber-war and Cyber-crime driven threats.

QRadar SIEM:

QRadar SIEM provides an integrated network security solution that converges typically siloed network and security information into a single, cohesive system. QRadar SIEM's unique approach enables organizations to deliver an unparalleled set of network security intelligence services, including:

Log management
Threat/Fraud management
Compliance management
Security Event and Information Management
User Activity Monitoring
Application Monitoring

QRadar Log Manager:

QRadar Log Manager provides a comprehensive, turnkey log management solution for organizations of all sizes. Log management has emerged as a required part of delivering security best practices and meeting specific auditing and reporting requirements of government regulations, including:

Payment Card Industry Data Security Standards (PCI DSS)
GCSX Code of Connection (CoCo)
Garante
FSA
Sarbanes-Oxley (SOX),
Health Insurance Portability and Accountability Act (HIPAA),
North American Electric Reliability Corp. (NERC),
Federal Energy Regulatory Commission (FERC),
Federal Information Security Management Act (FISMA)

QRadar Log Manager can also be easily upgraded via a software license key to the full-featured QRadar SIEM, meaning you won't have to worry about losing of data or purchasing & installing additional hardware.

QRadar Risk Manager:

QRadar Risk Manager provides organizations with a comprehensive IT security intelligence solution, allowing them to get not only the forensics of the "during" and "after" an attack, but also enabling them to answer the "What if?" ahead of time, thereby minimizing the risk on their networks, their operations and ultimately protect their organizations' brand and intellectual property.

QRadar Risk Manager leverages and extends the value of a SIEM deployment to greatly improve your organization's ability to automate risk management functions in mission critical areas including network and security configuration, threat modeling and simulation, compliance management and vulnerability assessment.

High Availability solution that delivers continuous network security monitoring:

QRadar's security information and event management (SIEM) solution is purposely built to integrate log management with SIEM, delivering massive log management scale without any compromise on SIEM "Intelligence". QRadars' easy-to-deploy high availability (HA) appliances provide fully automated failover and disk synchronization for high availability of data collection and analysis capabilities without the need for third-party fault management products. With QRadar's HA solution, high availability for data storage, analysis and user interfaces is achieved through easy-to-deploy and manage appliances.

Network Activity Collectors:

QRadar's Network Activity Collectors offer a cost-effective solution for gathering the most sophisticated and actionable network intelligence (flow data) available from your network. Network Actvity "QFlow" Collectors provide Layer 7 analysis as well as aggregation of other flow sources including JFlow, NetFlow, SFlow, and Packeteer's Flow Data Records, delivering an unmatched level of IT security intelligence for the most complete collection of activity possible.

Virtual Activity Collectors:

Like QRadar's Network Activity Collectors, QRadar's Virtual Activity Collectors offer a cost-effective solution for gathering the most sophisticated and actionable network activity data available from your network including Layer 7 analysis and aggregation of external flow sources but also, by providing unique visibility into the activity within your virtual environment.

	"QRadar had enough features and functionality - right out-of-the-box - to provide us with immediate value in the areas of compliance and security . . . In my 30 years working with network vendors, Q1 Labs' service is unmatched." Ron Porritt Information Security Engineer Gordon Food Service

	"Given these product and company strengths, Q1 Labs is clearly differentiated and one of the leaders in the development of solutions needed by customers demanding more operational, IT, and security capabilities from next-generation security management systems." Jon Oltsik Senior Analyst Enterprise Strategy Group

	"I was already impressed with QRadar as a product, but the enhanced capabilities of QRadar 6.2 take an already superior SIEM solution to another level. With the release of QRadar 6.2, Q1 Labs has provided its customers with a rare blend of ease-of-use, flexibility, and automation." William McGlasson Information Security Administrator SELCO Community Credit Union

	"Q1 Labs' customers say they like its simplicity . . . Q1 Labs' marketing and partnership strategy gets it in the door, but we also hear from customers that they like its features (the company's QRadar blends anomaly detection, application details, and ESIM) enough to select it after bake-offs against substantially more expensive products." Nick Selby Director of Research, Enterprise Security The 451 Group

	"Q1 Labs is growing rapidly. The company provides QRadar as an all-in-one solution for smaller environments, or horizontally scaled in larger environments with specialized event collection, processing and console appliances. A distinguishing characteristic of the technology is the collection and processing of NetFlow data to provide network and application behavior analyses." Gartner 2010 Critical Capabilities for SIEM

	"Q1 Labs' QRadar is a well-rounded security information and event management platform that became our "go-to product" for validating most of our findings. It earned this status for two primary reasons. First it offers the most amount of functional flexibility. And, second it provides the most effective correlation rule set right out of the box. The Q1 Labs' product simply offered the greatest amount of visibility into our environment with the least amount of headache." Gregg Shipley Network World

QRadar has helped more than 1,600 organizations around the globe face the current and emerging threat and compliance mandate landscape by offering the most intelligent, integrated and automated security management solution in the industry.

Intelligent:

With more data under surveillance and advanced analytic techniques than any security intelligence solution on the market, QRadar detects threats that others miss; providing unparalleled visibility into network and application activity that others cannot.

Integrated:

Uniquely correlating information from security logs, network flow analysis, the application layer, IAM solutions, user activity and asset-based vulnerability management and assessment in one, comprehensive solution.

Automated:

Simple to deploy and manage, QRadar automates security and network device discovery as well as policy functions. QRadar's appliance-based architecture and embedded database removes the crushing complexity and costs that cripple the deployment and ongoing support of traditional SIEM and log management solutions.

North America

Europe

South America

Africa & Middle East

Asia & Pacific

A family of IT security intelligence products built on a common architecture:

Architecture designed to scale:

QRadar SIEM:

QRadar Log Manager:

QRadar Risk Manager:

High Availability solution that delivers continuous network security monitoring:

Network Activity Collectors:

Virtual Activity Collectors:

Intelligent:

Integrated:

Automated:

Analyst Reports

Case Studies

White Paper

Webinar

Data Sheet

IBM Solutions