IBM Security QRadar Core Appliance XX24 V7.2.5

Product ID: 5725-I51
Status: Available

Contents
Description IBM Product Life Cycle Additional Information

Description:

IBM Security QRadar V7.2 5 family enhancements

IBM Security QRadar SIEM V7.2.5

  • Extends the MSSP Multi-tenancy support to SIEM components of the Security Intelligence Platform.
  • Provides correlation support for historical event and flow data.
  • Provides the ability to specify multiple LDAP repositories for authentication.
  • Extends existing LDAP integration to support group-based authorization capabilities.
  • Supports authenticated bind for LDAP integration.
  • Provides the ability to add, remove, and manage deployment from a non-java based user interface.
  • Reports on assets based on custom asset search criteria.
  • Enhanced reporting supports page number definition and customization and definition of header and footer message for document classification.
  • Provides the ability to share groups of reports among QRadar users.
  • Provides patch management enhancement that helps minimize patch failure by evaluating success of patches based on current system state.
  • Provides patch management with the ability for users to rollback a patch should it fail due to an error.

IBM Security QRadar Vulnerability Manager V7.2.5

  • Overlapping IP and domain support to allow vulnerabilities to be tracked uniquely from hosts with overlapping IP addresses
  • Click and Try functionality that allows organizations the ability to try QRadar Vulnerability Manager for 30 days prior to purchasing
  • Vulnerability purging to keep vulnerability data files organized and efficient
  • Usability enhancements for system administration improvements

IBM Security QRadar Risk Manager V7.2.5

  • Managing risk policies across multiple networks on a single system
  • Device configuration collection and processing performance improvements
  • Improved device status dashboard with easy issue identification

IBM Security QRadar Incident Forensics V7.2.5

  • Pre-built summary analysis to jumpstart forensics data exploration
  • Enhanced management integration with QRadar SIEM

IBM Security QRadar Packet Capture V7.2.5

  • Improved packet retrieval performance

IBM Security QRadar Incident Forensics Standalone V7.2

  • Integrated console with the Incident Forensics module allowing for a more streamlined deployment with IBM Security QRadar Packet Capture Data Node V7.2.5

IBM Security QRadar Packet Capture Data Node V7.2.5

  • Extends the storage capacity of your PCAP Appliance without foregoing any of the performance
  • Offers the same in-line compression feature available in QRadar Packet Capture, allowing for approximately 10 times improvement in virtual storage on the same hardware.

IBM Security QRadar Packet Capture Software V7.2.5

  • Offers the flexibility to deploy packet capture solution on commodity hardware to meet lower end packet capture requirements
  • Offers the same in-line compression feature available in QRadar Packet Capture appliance, allowing for approximately 10 times improvement in virtual storage on the same hardware

IBM Security QRadar V7.2.4 family of products provides a security intelligence platform that integrates disparate functions including SIEM, log management, configuration monitoring, network behavior anomaly detection, risk management, vulnerability management, network vulnerability scanning, full packet capture and network forensics into a comprehensive intelligence solution.

IBM Security QRadar V7.2.4 delivers enhanced features:

  • QRadar QFlow Collector component provides improved Gbps QFlow collection and processing.
  • Enables security information to be retrieved and updated from third-party systems with the Offense API.
  • Enhanced threat intelligence feed provides hourly update of threat intelligence with additional context and categorization data.
  • Flow burst handling helps ensure that data loss is minimized during very high bursts of network flow data.
  • Improved big data integration enables more easily configurable data forwarding profiles.
  • IBM Security QRadar Data Node enhancements enable historic data to be stored separately, helping deliver historic searches and analytics without impacting real-time security operations.
  • Contains crossover cable high availability user interface configuration designed to simplify high available setup.
  • Supports silent installation, enabling full automation of QRadar installs in public and private clouds and enterprise networks.

IBM Security QRadar Vulnerability Manager V7.2.4 capabilities include:

  • Patch compliance dashboards.
  • Improved external web application scanning from hosted external scanner.
  • Usability enhancements in scan results, reports, and vulnerability details making it easier for users to navigate through a scan result, and understand how QRadar Vulnerability Manager checks for a specific vulnerability, and provides improved reporting options.
  • Support for Center for Internet Security (CIS) benchmark scanning.

IBM Security QRadar Risk Manager V7.2.4 capabilities include:

  • Risk dashboard visualization, including gauges, risk posture change, and aggregated risk views.
  • Support for Palo Alto Networks' security devices.
  • CIS benchmarking capabilities for Microsoft Windows and Red Hat, which requires QRadar Vulnerability Manager.

IBM Security QRadar Incident Forensics V7.2.4 capabilities include:

  • Native Packet Capture (PCAP) and Data Import Facility.
  • Native decryption of network data.
  • In-line PCAP data compression for optimizing retention without impacting performance.

Refer to the Description section for details on enhanced capabilities.

IBM Security QRadar V7.2 and V7.2.2 Passport Advantage part numbers are available for System z

QRadar products are designed to provide significant business value to not only the distributed platform customers but also to IBM System z customers. IBM System z customers also need a comprehensive security intelligence solution to help them comply with regulations and gain full visibility and actionable insight to help protect their networks and IT assets from a wide range of advanced threats.

You can use Passport Advantage part numbers to order IBM Security QRadar products for IBM System z. Order these part numbers when there is an intention to use QRadar to help meet your compliance and security requirements within a System z environment. The functional operation and features within these products remain unchanged. These part numbers provide materially identical supply and authorization as other part numbers previously announced. This ordering information is in addition to the existing Passport Advantage numbers previously announced.

IBM Security QRadar Core Appliance XX28-C is designed to support organizations that have specific FIPS 140-2 Level 2 opacity and tamper proof requirements for security standards, while helping protect their networks with IBM Security QRadar SIEM or IBM Security QRadar Log Manager.

QRadar Core Appliance XX28-C also addresses the organization's requirement that the appliance hardware is to be manufactured by vendors in specifically approved countries. QRadar Core Appliance XX28-C is manufactured and supported in North America to meet this requirement.

QRadar Core Appliance XX28-C can be used where the existing IBM QRadar XX28 G2 appliances are used and is fully compatible with these appliances. It can be used in existing deployments if needed, or used within new deployments that require a higher level of security standards.

QRadar Core Appliance XX28-C is designed to conform with the opacity and tamper proof requirements set forth in the National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) 140-2 Level 2 standard.

QRadar Core Appliance XX28-C is preloaded with the QRadar SIEM V7.2.4 and QRadar Log Manager V7.2.4. It is used to provide the QRadar SIEM and QRadar Log Manager appliance products for the following IBM Security QRadar appliances:

  • IBM Security QRadar Event Processor 1628
  • IBM Security QRadar Flow Processor 1728
  • IBM Security QRadar Combined Event and Flow Processor 1828
  • IBM Security QRadar All-in-One or Console 3128

Note: These appliances are currently available for purchase, shipment, and support within the United States only.

IBM Security QRadar Packet Capture Data Node Core Appliance XX28-C lets organizations extend the storage capacity of the IBM Security QRadar Packet Capture Core Appliance XX28-C while addressing their requirement that the appliance hardware is to be manufactured by vendors in specifically approved countries. QRadar Packet Capture Data Node Core Appliance XX28-C is manufactured and supported in North America to meet this requirement. The appliance is preloaded with QRadar Packet Capture Data Node V7.2.5 software.

QRadar Packet Capture Data Node Core Appliance XX28-C can be used where the existing IBM QRadar XX28 G2 appliances are used and it is fully compatible with these appliances. Organizations can use it in existing deployments, if needed, or used within new deployments that require a higher level of security standards.

Note: These appliances are currently available for purchase, shipment, and support within the United States only.

The IBM QRadar Security Intelligence portfolio provides you with the capability to monitor and manage your security posture. It helps empower organizations to anticipate, detect, and investigate security threats. QRadar Network Insights appliance complements this function by delivering deeper threat visibility and greater security context by analyzing network packet data in real-time. It gathers unprecedented network and file metadata and performs content analysis to immediately detect embedded malware and other attack techniques.

QRadar Network Insights appliance connects to a network to reconstruct sessions in real-time, gathers high-value indicators, and performs metadata and content analysis. This rich security context is then forwarded to QRadar Sense Analytics platform to inform security analysts, help qualify security risks, and fuel additional security incident detection analyses.

The data and visibility supplied by QRadar Network Insights appliance can be used to help detect and address threats at every stage, from the detection of phishing e-mails and malware, to lateral movement and data exfiltration. The analysis performed by the QRadar Network Insights appliance works closely with the forensics analysis performed using QRadar Incident Forensics by helping teams detect, reconstruct and assess the source and scope of threat activity. The information and analyses, supplied by the QRadar Network Insights appliance, enable QRadar Sense Analytics to provide broader visibility than it could with log or traditional flow data, ultimately helping to strengthen your organization's security posture.
 
Program Number

  • IBM Security QRadar Core Appliance XX24 V7.2.5 (5725-I51)
Highlights:

The IBM Security QRadar V7.2.5 family of products includes:

  • IBM Security QRadar SIEM V7.2.5
  • IBM Security QRadar Log Manager V7.2.5
  • IBM Security QRadar Risk Manager V7.2.5
  • IBM Security QRadar Vulnerability Manager V7.2.5
  • IBM Security QRadar Incident Forensics V7.2.5
    • IBM Security QRadar Incident Forensics
    • IBM Security QRadar Incident Forensics Standalone
    • IBM Security QRadar Packet Capture
    • IBM Security QRadar Packet Capture Data Node
  • IBM Security QRadar Incident Forensics Software V7.2.5
    • IBM Security QRadar Incident Forensics Software
    • IBM Security QRadar Incident Forensics Standalone Software
    • IBM Security QRadar Packet Capture Software
  • IBM Security QRadar Incident Forensics Virtual V7.2.5
    • IBM Security QRadar Incident Forensics Virtual
    • IBM Security QRadar Incident Forensics Standalone Virtual Appliance

IBM Security QRadar Packet Capture Data Node Core Appliance XX28-C offers a Packet Capture Data Node hardware appliance that can be used to extend the storage capacity of the IBM Security QRadar Packet Capture Core Appliance XX28-C and includes the following:

  • It is manufactured in North America.
  • It can be used as an appliance to be ordered together with the QRadar Packet Capture Data Node Software Pack.
  • It is fully compatible with the existing IBM QRadar XX28 G2 appliances.
  • It extends the storage capacity of your packet capture (PCAP) Appliance without foregoing any of the performance.
  • It offers the same market differentiating in-line compression feature available in QRadar Packet Capture, allowing for approximately 10 times improvement in virtual storage on the same hardware.

IBM Security QRadar Core Appliance XX28-C offers a hardware appliance that can be used in place of the existing IBM Security QRadar XX28 G2 appliances and includes the following benefits:

  • It is designed to provide National Institute of Standards and Technology (NIST) Federal Information Processing Standards 140-2 Level 2 (FIPS 140-2 Level 2) ready hardware.
  • It is manufactured in North America.
  • It can be used as a core appliance to be ordered together with a Software Pack for any QRadar XX28 G2 appliance product, for example, IBM Security QRadar SIEM All-in-One 3128, IBM Security QRadar Event Processor 1628, and IBM Security QRadar Flow Processor 1728.
  • It is fully compatible with the existing QRadar XX28 G2 appliances.

The IBM QRadar Security Intelligence portfolio expands with the high-performance IBM QRadar Network Insights appliance to provide deeper analysis of network flows, extending the detection capabilities of QRadar Sense xnalytics.

IBM Product Life Cycle:

Program NumberVRMAnnounced AvailableMarketing Withdrawn Service Discontinued
5725-I5107.02.05 2015-05-262015-05-29 --
5725-I5107.02.04 2014-11-252014-11-25 --
5725-I5107.02.02 2014-04-222014-04-25 --
5725-I5107.02.00 2013-07-222013-08-12 --
5725-I5107.01.00 2013-01-082013-01-11 -2020-07-31
Additional Information:
Short Title: IBM Security QRadar Core Appliance XX24 V7.2.5
Offering Type: Software
Offering Subtype: Program Product
Content Revision Date: 20170121
Document Identifier: 000000344291
Brand Codes: BND00 BND70 BX500
Applicable Countries:
United States

Share this page

Digg Linked In

Contact IBM

Considering a purchase?