QRadar Log Manager - Log Management System

Support | Contact Us

Overview QRadar Log Manager QRadar SIEM QRadar Risk Manager Network Activity Monitors Application Activity Monitors Virtual Activity Monitors High Availability Supported Devices

Overview Log Management Threat Detection Risk Assessment Configuration Auditing Vulnerability Prioritization Compliance Automation

Overview Government Agencies Financial Institutions Healthcare Providers Energy & Utility Companies Retail Organizations Educational Institutions Q1 Labs Customers

Overview Technical Assistance Consulting Services Planning & Implementation Services Training Services Product Updates Qmmunity

Overview Analyst Reports Brochures White Papers Case Studies Media Center Upcoming Webinars Blog

Overview Strategic OEM and Alliance Partners Q1-Alliance Partners

About Q1 Labs Management Team Global Q1 Labs Continuing Business Within IBM Press Room Live Events Awards Careers Newsletter Signup

ITWeb

» Products: IT Security Intelligence » QRadar Log Manager

QRadar Log Manager

QRadar Log Manager is a comprehensive solution for organizations that are looking to implement a distributed event log manager to collect, archive, and analyze network and security event logs.

Log management has emerged as a required part of an organization's ability to deliver security best practices and meet specific auditing and reporting requirements of various government regulations, including:

Payment Card Industry Data Security Standard (PCI DSS)
North American Electric Reliability Corporation (NERC)
Health Insurance Portability and Accountability Act (HIPAA)
Sarbanes-Oxley (SOX), and Federal Information Security Management Act (FISMA)

QRadar Log Manager provides numerous advantages over other log management solutions, including:

Easy Deployment:

Simple and easy-to-use, providing a secure and efficient event log manager solution

Distributed log collection and archival

Scales to support any size enterprise network

Policy-driven event log manager correlation:

Hundreds of useful, out-of-the box correlation rules provide immediate value to users

Effective reporting and compliance auditing:

Compliance-driven report templates meet specific regulatory reporting and auditing requirements

Reliable and tamper-proof log storage:

Supports extensive log file integrity checks, including NIST Log Management Standard SHA-x (1-256) hashing for tamper-proof log archives

Simple upgrade to full QRadar SIEM:

A fully scalable appliance family, QRadar Log Manager can also be easily upgraded via a software license key to Q1 Labs' highly acclaimed QRadar SIEM solution - providing users with a seamless migration path to full SIEM capabilities - as an organization's requirements change and a more comprehensive threat and compliance management system is needed

QRadar Log Manager Appliance:

The QRadar Log Manager appliance is an enterprise-class event log manager appliance that combines ease of deployment with a robust and scalable log management solution. QRadar Log Manager leverages QRadar's core correlation capabilities to provide best in class compliance and policy driven analysis and alerting as well as unparalleled ease of use for monitoring log activity in real time and historically. In addition, QRadar's Log Manager can be upgraded to full SIEM capabilities for enhanced work flow through a simple license key, leveraging your existing appliance investments.

QRadar Log Manager Event Processor:

The QRadar Log Manager architecture supports an easy to deploy scalable model through the use of Processor Appliances, such as the QRadar 1605 and QRadar 1624 that provide 6.5 or 16 Terabytes of dedicated secure storage for logs and performs real time correlation of logs up to 20,000 events per second.

QRadar Event Collector:

The Event Collector provides continuous event logging capabilities when network connectivity is either unreliable, temporarily compromised due to bandwidth constraints or many remote, distributed locations require monitoring. Event Collectors simply collect event logs and forward them to an event processor or all-in-one appliance for correlation, analysis and long term storage. Also designed to collect event logs in distributed locations with relatively low event volumes (such as retail stores and bank branches), they provide a more economical approach than deploying many event processors. Events can even be forwarded according to a defined schedule, providing even greater control. Event Collectors appliances are available in both hardware and software configurations under the 15XX family designation.

QRadar has helped more than 1,600 organizations around the globe face the current and emerging threat and compliance mandate landscape by offering the most intelligent, integrated and automated security management solution in the industry.

Intelligent:

With more data under surveillance and advanced analytic techniques than any security intelligence solution on the market, QRadar detects threats that others miss; providing unparalleled visibility into network and application activity that others cannot.

Integrated:

Uniquely correlating information from security logs, network flow analysis, the application layer, IAM solutions, user activity and asset-based vulnerability management and assessment in one, comprehensive solution.

Automated:

Simple to deploy and manage, QRadar automates security and network device discovery as well as policy functions. QRadar's appliance-based architecture and embedded database removes the crushing complexity and costs that cripple the deployment and ongoing support of traditional SIEM and log management solutions.

North America

Europe

South America

Africa & Middle East

Asia & Pacific