 |
||||||||||||||
|
||||||||||||||
|
QRADAR
- NETWORK BEHAVIOR ANOMALY DETECTION, REPORTING & RESOLUTION
|
QRADAR, by Q1 Labs, is a view-based network security solution that undertakes real-time analysis of network flows and models behavior. This allows the product to identify abnormal activity such as worms, trojans, port scans or denial-of-service attacks without the need for specific signature files and provides a clear view of activity inside and outside the network.
This allows organizations to instantly identify misuse, determine all aspects of an attack, and take immediate corrective action before significant damage can occur. QRADAR significantly reduces false positives associated with other security technologies and provides extensive correlation, and response and forensic capabilities for preventing internal and external intrusions.
QRADAR™ modular design makes it simple to install, configure, and use. Because QRADAR doesn’t require extensive training and there are no complicated logs to decipher, administrators can begin to realize the benefits immediately.
QRADAR provides greater manageability, automation, and ease of use in monitoring misuse and threats to an enterprise environment. Designed to monitor traffic from a wide variety of multi-dimensional projections and graphs, QRADAR allows the user to instantly identify malicious activity and determine all aspects of the attack. It allows an organization to take immediate, action to contain the threat before significant damage can occur.
QRADAR implements seamlessly with other security technologies, allowing you to better leverage existing security products, and to have multiple levels of network security management. With QRADAR, you can incorporate IDS data within the context of the management console. This provides for seamless security monitoring using multiple sources, enabling a more flexible and scalable web-based interface.
View-based solution – QRADAR classifies data flows into thousands of components to view data quickly and easily.
Centralized interface – View the network from a central screen and manage your security program from QRADAR’s management console. QRADAR integrates with multiple security data sources and visualizes security data to more effectively manage threats and misuse.
Effective correlation and analysis tools – Intuitive design and quick drill-down allow for detailed analysis and effective security decisions with the right data.
With QRADAR’s intuitive view, a user can drill down from a high level view of activity on the network all the way down to an individual IP address.
Hierarchical multi-user access – QRADAR was designed for multiple users. Responsibility for monitoring the network can be shared.
Complete audit trail of total network activity – Ensure your firewalls are doing what they are supposed to. QRADAR provides a critical line of defense for traffic that has passed through the firewall and the IDS without triggering an alert.
Adjustable alerts – Adjust alert levels to fit existing security management processes and procedures.
Constant updates not needed – Since QRADAR is based on network behaviors, signature updates are not needed. Modifications can be made immediately.
Scalability – QRADAR's modular design provides enterprise class scalability.
User activity monitoring – Routinely monitor and report on identified suspicious users.
|
