Qradar ibm partner_enablement_220212_final
-
date post
19-Oct-2014 -
Category
Technology
-
view
1.661 -
download
2
description
Transcript of Qradar ibm partner_enablement_220212_final
QRadar Overview
Business Partner Enablement
2
Q1 Labs Corporate Overview
� Largest independent SIEM vendor, founded in 2001
� Corporate headquarters in Waltham, MA with development offices in New Brunswick, Canada, and Belfast, Ireland
� Privately held organization with approximately 250 employees
� Consistent market leader based on vision and ability to execute
� More than 1800 customers worldwide
� Customers across many different industries - including healthcare, energy, retail, financial, government, education, and communications
� Well established business and channel partners in North America and EMEA
Rep
resen
tati
ve
Cu
sto
mers
A global provider of high-value, next-generation SIEM, Log Management,
Network Activity Monitoring and Risk Management technologies - built on
the industry’s leading Security Intelligence platform
3
2011 Gartner SIEM Magic Quadrant (MQ)
4
Fully Integrated Security Intelligence
• Turnkey log management
• SME to Enterprise
• Upgradeable to enterprise SIEM
• Integrated log, threat, risk & compliance mgmt.
• Sophisticated event analytics
• Asset profiling and flow analytics
• Offense management and workflow
• Predictive threat modeling & simulation
• Scalable configuration monitoring and audit
• Advanced threat visualization and impact analysis
• Network analytics
• Behavior and anomaly detection
• Fully integrated with SIEM
• Layer 7 application monitoring
• Content capture
• Physical and virtual environments
SIEM
Log Management
Risk Management
Network Activity & Anomaly Detection
Network and Application
Visibility
5
One Console Security
• Integrated log, cyber
threat, risk and compliance
management
• Sophisticated event
analytics
• Asset profiling and flow
analytics
Threat Management
• Industry Leading Log
Management
• Out of the box
Compliance reports
• Upgradeable to
enterprise SIEM
Log Management
• Predictive threat modeling & simulation
• Real time policy monitoring
• Scalable configuration monitoring and
audit
• Advanced threat visualization and
impact analysis
SecurityRisk
Management
• Layer 7 application
monitoring
• Content capture
• Network Analysis
Network, User and
Application
Management
6
Solving Customer Challenges with Total Security Intelligence
7
Total Visibility: Product Portfolio, Services and Research
8
Intelligent:
Context & Correlation Drive Deepest Insight
9
#1 in Compliance, the leading driver for SIEM
Three primary use cases:1.) Compliance2.) Threat Mgmt3.) General Deployment (mix of both)
10
QRadar Dashboard – Summary Information
with drilldown capability
11
Offense Manger – Inbuilt Alert and
Incident Manager
The incident created automatically populates with additional relevant information such as physical and logical addresses thereby reducing the time required to remediate.
12
Correlation Rules – Inbuilt Rules will monitor
for key activities.
Correlation rules can be tuned and
thresholds adjusted as required
13
Log Activity – Examine activities across log
sources.
Filters/searches available to examine realtime and historical logs
Results are displayed in easy to understand format
Example: Failed Login to Database
14
Network Activity – Examine network behaviour for
policy/compliance breaches as well as threats
Various standards
reference the need to
monitor network services
e.g. PCI
15
Asset Profiles – Link between log, network,
user and vulnerability data
Shows logical,
physical network detail
as well as machine
name and current
logged-in user
16
Reporting – 100’s of inbuilt reports covering generic
as well as compliancy initiatives
17
Top Reasons Customers Choose Q1 Labs
1. Most intelligent, integrated and automated solution
2. Most sophisticated threat analytics and compliance automation
3. Rapid time to value, with low staffing requirements
4. Easily scales as deployments and security data grow
5. Established market leadership with excellent support
6. Easy to do business with, backed by best channel relationships
7. IBM’s unmatched security expertise and breadth of integrated capabilities
End