Michael Gähwiler, Senior Bus. Development Mgr.
IBM QRadar on Cloud:
Quickly add threat protection and compliance reporting without capital expenses
For organizations seeking to simplify their operations and even treat network security costs as a series of monthly operating expenses rather than any capital investments, IBM QRadar on Cloud provides a managed environment for the deployment and maintenance of IBM QRadar Security Intelligence. The solution offers an alternative to traditional on-premise deployments using cloud technology to collect, analyze and store an organization’s core log source and netflow security data using a protected data gateway connection. IBM QRadar on Cloud is configured as a highly available solution protecting your organization against hardware failures. It also benefits from the IBM XForce Threat Intelligence data feed to provide the latest insights into newly discovered threats and attacks. Clients can spend 100% of their available time monitoring the environment, investigated suspicious incidents and building knowledge about normal vs. abnormal activities. Different from a managed SIEM environment, IBM QRadar on Cloud still relies on an organization’s in-house staff to perform threat monitoring, vulnerability management, risk analyses and data breach remediation services. Many organizations are uncomfortable taking the complete leap to cloud-based security, and so QRadar on Cloud provides a stepping-stone in the process, where all the acquisition and management services for the infrastructure are performed by IBM Security experts. What this delivers is rapid time-to-value for deploying and configuring a leadership security intelligence capability, and 24x7 infrastructure maintenance services to upgrade all software to the latest available releases, apply all fix packs and critical patches, and respond to client change requests. IBM QRadar on Cloud is a flexible solution that can deploy as either a true Software as a Service (SaaS) offering or combine with hybrid cloud environments to improve visibility into cloud-based applications. And as with QRadar on-premise deployments, you can avoid a rip-and-replace scenario or a situation where security teams are dealing with multiple point solution products looking at different data sets and wondering if it's all part of the same attack.
Clients can start with basic log management and compliance reporting and add more capabilities and services over time, as their team grows. Simpler, competitive solutions lack the ability to add vulnerability management and user behavioral analytics (UBA) modules and end-up being dead-end investments that fall over when a real cyber attack occurs. IBM can also offer a wide range of complementary threat monitoring services through our Global Security Services team to cover either essential or advanced use cases or separately assist with emergency response services to help remediate confirmed network breaches. IBM QRadar on Cloud is the logical first-step to utilizing cloud computing dynamics for network security purposes. It helps organizations begin at the beginning, and gradually build their comfort factors with outsourcing more and more security data collection, analysis and reporting capabilities. • Collects and correlates up to 80,000 events per second from all network log source devices to detect malicious behavrioal patterns.
•Collects and analyzes up to 300K network flows per minute to understand which assets have been involved in a connection and for how long.
Helps address any lack of in-house skills and resources to deploy and manage an on-premise SIEM solution in days rather than months.
Infrastructure monitored 24x7 by trusted IBM service professionals with immediate application of critical patches ensuring the software is always up-to-date.
Make temporary or permanent adjustments to monthly license capacities to adjust for seasonal changes or long-term business growth.
Add optional threat monitoring services for even more professional protection.
Cut Costs and Add Flexibility
Organizations who are budget challenged or struggling to find and hire appropriate resources can address their immediate security and compliance reporting needs with IBM QRadar on Cloud. The SaaS licensing model converts large, upfront capital expenses on hardware and professional services engagements, to a more simplified monthly service fee, that can easily be upgraded to address evolving needs. IBM QRadar on Cloud customers have the option to migrate to a fuller managed security services solution using even more IBM resources schooled in the latest methods of cybercrime and newly emerging attack methodologies. For example, IBM’s X-Force Exchange can help alert clients to developing situations within their industry or across regional divides using a real time and collaborative threat intelligence website. Also, 24x7 threat monitoring services are available.