Qradar ibm partner_enablement_220212_final


Published on

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Qradar ibm partner_enablement_220212_final

  1. 1. QRadar OverviewBusiness Partner Enablement
  2. 2. Q1 Labs Corporate Overview A global provider of high-value, next-generation SIEM, Log Management, Network Activity Monitoring and Risk Management technologies - built on the industry’s leading Security Intelligence platform Largest independent SIEM vendor, founded in 2001 Corporate headquarters in Waltham, MA with development offices in New Brunswick, Canada, and Belfast, Ireland Privately held organization with approximately 250 employees Consistent market leader based on vision and ability to execute More than 1800 customers worldwide Customers across many different industries - including healthcare, energy, retail, financial, government, education, and communications Well established business and channel partners in North America and EMEARepresentative Customers 2
  3. 3. 2011 Gartner SIEM Magic Quadrant (MQ) 3
  4. 4. Fully Integrated Security Intelligence • Turnkey log management Log • SME to EnterpriseManagement • Upgradeable to enterprise SIEM • Integrated log, threat, risk & compliance mgmt. • Sophisticated event analytics SIEM • Asset profiling and flow analytics • Offense management and workflow • Predictive threat modeling & simulation Risk • Scalable configuration monitoring and auditManagement • Advanced threat visualization and impact analysis Network • Network analytics Activity & • Behavior and anomaly detection Anomaly • Fully integrated with SIEM DetectionNetwork and • Layer 7 application monitoringApplication • Content capture Visibility • Physical and virtual environments 4
  5. 5. One Console Security Network, Security Log Threat User and Risk Management Management Application Management Management • Industry Leading Log • Integrated log, cyber • Layer 7 application• Predictive threat modeling & simulation Management threat, risk and compliance monitoring• Real time policy monitoring • Out of the box management • Content capture• Scalable configuration monitoring and Compliance reports • Sophisticated event • Network Analysis audit • Upgradeable to analytics• Advanced threat visualization and enterprise SIEM • Asset profiling and flow impact analysis analytics 5
  6. 6. Solving Customer Challenges with TotalSecurity Intelligence 6
  7. 7. Total Visibility: Product Portfolio, Services and Research 7
  8. 8. Intelligent:Context & Correlation Drive Deepest Insight 8
  9. 9. #1 in Compliance, the leading driver for SIEM Three primary use cases: 1.) Compliance 2.) Threat Mgmt 3.) General Deployment (mix of both) 9
  10. 10. QRadar Dashboard – Summary Information with drilldown capability 10
  11. 11. Offense Manger – Inbuilt Alert and Incident Manager The incident created automatically populates with additional relevant information such as physical and logical addresses thereby reducing the time required to remediate. 11
  12. 12. Correlation Rules – Inbuilt Rules will monitor for key activities. Correlation rules can be tuned and thresholds adjusted as required 12
  13. 13. Log Activity – Examine activities across log sources. Filters/searches available to examine realtime and historical logsResults aredisplayed in easy tounderstand formatExample: FailedLogin to Database 13
  14. 14. Network Activity – Examine network behaviour for policy/compliance breaches as well as threatsVarious standardsreference the need tomonitor network servicese.g. PCI 14
  15. 15. Asset Profiles – Link between log, network, user and vulnerability dataShows logical,physical network detailas well as machinename and currentlogged-in user 15
  16. 16. Reporting – 100’s of inbuilt reports covering generic as well as compliancy initiatives 16
  17. 17. Top Reasons Customers Choose Q1 Labs1. Most intelligent, integrated and automated solution2. Most sophisticated threat analytics and compliance automation3. Rapid time to value, with low staffing requirements4. Easily scales as deployments and security data grow5. Established market leadership with excellent support6. Easy to do business with, backed by best channel relationships7. IBM’s unmatched security expertise and breadth of integrated capabilities 17
  18. 18. End