Collect the depth of data needed to fully understand the threats you face:

There are many data sources deployed in today's networks that provide network activity data. Routers, switches and other devices support vendor specific flow formats such as NetFlow, JFlow and SFlow.

This level of information is useful in creating a general understanding of the conversations occurring on a network but it does not provide the deep network intelligence that layer 7 application data offers - and the ability to collect layer 7 application data is a critical capability that QRadar's QFlow and VFlow collectors deliver.

Network activity Intelligence beyond simple log collection:

QFlow and VFlow collectors are specifically designed to collect layer 7 application data, which means you can capture contextual intelligence of activity traveling across your network, enabling you to detect threats in the network that aren't or can't be seen by other security devices or sources. In addition, these intelligent collectors offer network self-discovery capabilities that build and maintain an accurate history of all assets on the network to help you better understand and prioritize activity on your network. 

QRadar's network activity collection and analysis provides comprehensive security capabilities beyond simple log collection, resulting in an improved ability to detect and remediate threats, enforce network policies and minimize risk to mission critical IT systems.

• Detect information leakage through approved or policy violating protocols
• Monitor and understand bandwidth contention in key areas of the network
• Detect Bots and other surreptitious threats across your entire network
• Visualize and understand anomalies in network behavior and application usage