Feedback


IBM Security QRadar Core Appliance XX24 V7.2.5

Product ID: 5725-I51
Status: Available

Contents
Description IBM Product Life Cycle Additional Information

Description:

IBM Security QRadar V7.2 5 family enhancements

IBM Security QRadar SIEM V7.2.5

  • Extends the MSSP Multi-tenancy support to SIEM components of the Security Intelligence Platform.

  • Provides correlation support for historical event and flow data.

  • Provides the ability to specify multiple LDAP repositories for authentication.

  • Extends existing LDAP integration to support group-based authorization capabilities.

  • Supports authenticated bind for LDAP integration.

  • Provides the ability to add, remove, and manage deployment from a non-java based user interface.

  • Reports on assets based on custom asset search criteria.

  • Enhanced reporting supports page number definition and customization and definition of header and footer message for document classification.

  • Provides the ability to share groups of reports among QRadar users.

  • Provides patch management enhancement that helps minimize patch failure by evaluating success of patches based on current system state.

  • Provides patch management with the ability for users to rollback a patch should it fail due to an error.

IBM Security QRadar Vulnerability Manager V7.2.5

  • Overlapping IP and domain support to allow vulnerabilities to be tracked uniquely from hosts with overlapping IP addresses

  • Click and Try functionality that allows organizations the ability to try QRadar Vulnerability Manager for 30 days prior to purchasing

  • Vulnerability purging to keep vulnerability data files organized and efficient

  • Usability enhancements for system administration improvements

IBM Security QRadar Risk Manager V7.2.5

  • Managing risk policies across multiple networks on a single system

  • Device configuration collection and processing performance improvements

  • Improved device status dashboard with easy issue identification

IBM Security QRadar Incident Forensics V7.2.5

  • Pre-built summary analysis to jumpstart forensics data exploration

  • Enhanced management integration with QRadar SIEM

IBM Security QRadar Packet Capture V7.2.5

  • Improved packet retrieval performance

IBM Security QRadar Incident Forensics Standalone V7.2

  • Integrated console with the Incident Forensics module allowing for a more streamlined deployment with IBM Security QRadar Packet Capture Data Node V7.2.5

IBM Security QRadar Packet Capture Data Node V7.2.5

  • Extends the storage capacity of your PCAP Appliance without foregoing any of the performance

  • Offers the same in-line compression feature available in QRadar Packet Capture, allowing for approximately 10 times improvement in virtual storage on the same hardware.

IBM Security QRadar Packet Capture Software V7.2.5

  • Offers the flexibility to deploy packet capture solution on commodity hardware to meet lower end packet capture requirements

  • Offers the same in-line compression feature available in QRadar Packet Capture appliance, allowing for approximately 10 times improvement in virtual storage on the same hardware

IBM Security QRadar V7.2.4

IBM Security QRadar V7.2.4 family of products provides a security intelligence platform that integrates disparate functions including SIEM, log management, configuration monitoring, network behavior anomaly detection, risk management, vulnerability management, network vulnerability scanning, full packet capture and network forensics into a comprehensive intelligence solution.

IBM Security QRadar V7.2.4 delivers enhanced features:

  • QRadar QFlow Collector component provides improved Gbps QFlow collection and processing.

  • Enables security information to be retrieved and updated from third-party systems with the Offense API.

  • Enhanced threat intelligence feed provides hourly update of threat intelligence with additional context and categorization data.

  • Flow burst handling helps ensure that data loss is minimized during very high bursts of network flow data.

  • Improved big data integration enables more easily configurable data forwarding profiles.

  • IBM Security QRadar Data Node enhancements enable historic data to be stored separately, helping deliver historic searches and analytics without impacting real-time security operations.

  • Contains crossover cable high availability user interface configuration designed to simplify high available setup.

  • Supports silent installation, enabling full automation of QRadar installs in public and private clouds and enterprise networks.

IBM Security QRadar Vulnerability Manager V7.2.4 capabilities include:

  • Patch compliance dashboards.

  • Improved external web application scanning from hosted external scanner.

  • Usability enhancements in scan results, reports, and vulnerability details making it easier for users to navigate through a scan result, and understand how QRadar Vulnerability Manager checks for a specific vulnerability, and provides improved reporting options.

  • Support for Center for Internet Security (CIS) benchmark scanning.

IBM Security QRadar Risk Manager V7.2.4 capabilities include:

  • Risk dashboard visualization, including gauges, risk posture change, and aggregated risk views.

  • Support for Palo Alto Networks' security devices.

  • CIS benchmarking capabilities for Microsoft Windows and Red Hat, which requires QRadar Vulnerability Manager.

IBM Security QRadar Incident Forensics V7.2.4 capabilities include:

  • Native Packet Capture (PCAP) and Data Import Facility.

  • Native decryption of network data.

  • In-line PCAP data compression for optimizing retention without impacting performance.

Refer to the Description section for details on enhanced capabilities.

IBM Security QRadar V7.2 and V7.2.2 Passport Advantage part numbers are available for System z

QRadar products are designed to provide significant business value to not only the distributed platform customers but also to IBM System z customers. IBM System z customers also need a comprehensive security intelligence solution to help them comply with regulations and gain full visibility and actionable insight to help protect their networks and IT assets from a wide range of advanced threats.

You can use Passport Advantage part numbers to order IBM Security QRadar products for IBM System z. Order these part numbers when there is an intention to use QRadar to help meet your compliance and security requirements within a System z environment. The functional operation and features within these products remain unchanged. These part numbers provide materially identical supply and authorization as other part numbers previously announced. This ordering information is in addition to the existing Passport Advantage numbers previously announced.

IBM Security QRadar Core Appliance XX28-C

IBM Security QRadar Core Appliance XX28-C is designed to support organizations that have specific FIPS 140-2 Level 2 opacity and tamper proof requirements for security standards, while helping protect their networks with IBM Security QRadar SIEM or IBM Security QRadar Log Manager.

QRadar Core Appliance XX28-C also addresses the organization's requirement that the appliance hardware is to be manufactured by vendors in specifically approved countries. QRadar Core Appliance XX28-C is manufactured and supported in North America to meet this requirement.

QRadar Core Appliance XX28-C can be used where the existing IBM QRadar XX28 G2 appliances are used and is fully compatible with these appliances. It can be used in existing deployments if needed, or used within new deployments that require a higher level of security standards.

QRadar Core Appliance XX28-C is designed to conform with the opacity and tamper proof requirements set forth in the National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) 140-2 Level 2 standard.

QRadar Core Appliance XX28-C is preloaded with the QRadar SIEM V7.2.4 and QRadar Log Manager V7.2.4. It is used to provide the QRadar SIEM and QRadar Log Manager appliance products for the following IBM Security QRadar appliances:

  • IBM Security QRadar Event Processor 1628
  • IBM Security QRadar Flow Processor 1728
  • IBM Security QRadar Combined Event and Flow Processor 1828
  • IBM Security QRadar All-in-One or Console 3128

Note: These appliances are currently available for purchase, shipment, and support within the United States only.
 
Program Number

  • IBM Security QRadar Core Appliance XX05 V7.2.5 (5725-I50)
  • IBM Security QRadar Core Appliance XX24 V7.2.5 (5725-I51)
  • IBM Security QRadar SIEM All-in One 31XX V7.2.5 (5725-I52)
  • IBM Security QRadar Event Capacity Pack Increase V7.2.5 (5725-I53)
  • IBM Security QRadar Flow Capacity Pack Increase V7.2.5 (5725-I54)
  • IBM Security QRadar Core Appliance 21XX V7.2.5 (5725-I59)
  • IBM Security QRadar QFlow Collector 1201 V7.2.5 (5725-I60)
  • IBM Security QRadar QFlow Collector 1202 V7.2.5 (5725-I61)
  • IBM Security QRadar QFlow Collector 1301 V7.2.5 (5725-I62)
  • IBM Security QRadar QFlow Collector 1310-SR V7.2.5 (5725-I63)
  • IBM Security QRadar QFlow Collector 1310-LR V7.2.5 (5725-I64)
  • IBM Security QRadar SIEM All-in-One 21XX V7.2.5 (5725-I65)
  • IBM Security QRadar SIEM Console 31XX V7.2.5 (5725-I66)
  • IBM Security QRadar SIEM Event Processor 16XX V7.2.5 (5725-I67)
  • IBM Security QRadar SIEM Flow Processor 17XX V7.2.5 (5725-I68)
  • IBM Security QRadar SIEM Event/Flow Processor 18XX V7.2.5 (5725-I69)
  • IBM Security QRadar Log Mgr All-in-One 21XX V7.2.5 (5725-I70)
  • IBM Security QRadar Log Mgr All-in-One 31XX V7.2.5 (5725-I71)
  • IBM Security QRadar Log Manager Console 31XX V7.2.5 (5725-I72)
  • IBM Security QRadar Log Manager Event Processor 16XX V7.2.5 (5725-I73)
  • IBM Security QRadar Risk Manager V7.2.5 (5725-I74)
  • IBM Security QRadar SIEM All-in-One Software 21XX V7.2.5 (5725-I76)
  • IBM Security QRadar SIEM All-in-One Software 31XX V7.2.5 (5725-I77)
  • IBM Security QRadar SIEM Console Software 31XX V7.2.5 (5725-I78)
  • IBM Security QRadar SIEM Event Processor Software 16XX V7.2.5 (5725-I79)
  • IBM Security QRadar SIEM Flow Processor Software 17XX V7.2.5 (5725-I80)
  • IBM Security QRadar SIEM Event/Flow Processor Software 18XX V7.2.5 (5725-I81)
  • IBM Security QRadar QFlow Collector Software 12XX V7.2.5 (5725-I82)
  • IBM Security QRadar SIEM All-in-One Virtual 3190 V7.2.5 (5725-I83)
  • IBM Security QRadar SIEM Console Virtual 3190 V7.2.5 (5725-I84)
  • IBM Security QRadar SIEM Event Processor Virtual 1690 V7.2.5 (5725-I85)
  • IBM Security QRadar SIEM Flow Processor Virtual 1790 V7.2.5 (5725-I86)
  • IBM Security QRadar Log Manager All in One Virtual 3190 V7.2.5 (5725-I87)
  • IBM Security QRadar Log Manager Console Virtual 3190 V7.2.5 (5725-I88)
  • IBM Security QRadar VFlow Collector V7.2.5 (5725-I89)
  • IBM Security QRadar Virtual Event Capacity Pack Increase V7.2.5 (5725-I90)
  • IBM Security QRadar Log Source Capacity Pack Increase V7.2.5 (5725-I91)
  • IBM Security QRadar Deployment Upgrade V7.2.5 (5725-I92)
  • IBM Security QRadar Network Anomaly Detection Capacity Increase V7.2.2 (5725-I95)
  • IBM Security X-Force IP Reputation Intelligence Subscription V7.2.5 (5725-I96)
  • IBM Security QRadar Network Anomaly Detection V7.2.2 (5725-J70)
  • IBM Security QRadar Risk Manager Add On Configuration Source V7.2.5 (5725-J88)
  • IBM Security QRadar Log Manager Event Processor Virtual 3190 V7.2.5 (5725-J93)
  • IBM Security QRadar Event Collector 1501 V7.2.5 (5725-J94)
  • IBM Security QRadar Event Collector Virtual 1590 V7.2.5 (5725-J95)
  • IBM Security QRadar Virtual Flow Capacity Pack Increase V7.2.5 (5725-K27)
  • IBM Security QRadar Log Manager All-in-One Software 21XX V7.2.5 (5725-K72)
  • IBM Security QRadar Log Manager All-in-One Software 31XX V7.2.5 (5725-K73)
  • IBM Security QRadar Log Manager Console Software 31XX V7.2.5 (5725-K74)
  • IBM Security QRadar Log Manager Event Processor Software 16XX V7.2.5 (5725-K75)
  • IBM Security QRadar Event Capacity Pack Increase for Service V7.2 (5725-K44)
  • IBM Security QRadar Flow Capacity Pack Increase for Service V7.2 (5725-K45)
  • IBM Security QRadar Event Collector Software 15XX V7.2 (5725-L33)
  • IBM Security QRadar SIEM All-in-One 21XX LT V7.2.5 (5725-M05)
  • IBM Security QRadar SIEM All-in-One 21XX LT FF V7.2.5 (5725-M06)
  • IBM Security QRadar SIEM All-in-One Software 21XX LT V7.2.5 (5725-M07)
  • IBM Security QRadar SIEM All-in-one Software 21XX LT FF V7.2.5 (5725-M08)
  • IBM Security QRadar Risk Manager Software V7.2.5 (5725-M09)
  • IBM Security QRadar Risk Manager Virtual V7.2.5 (5725-M10)
  • IBM Security QRadar Vulnerability Manager Standalone V7.2.5 (5725-M11)
  • IBM Security QRadar Vulnerability Manager Standalone Software V7.2.5 (5725-M12)
  • IBM Security QRadar Vulnerability Manager Standalone Virtual V7.2.5 (5725-M13)
  • IBM Security QRadar Vulnerability Manager Add On V7.2.5 (5725-M14)
  • IBM Security QRadar Vulnerability Manager V7.2.5 (5725-M15)
  • IBM Security QRadar Vulnerability Manager Software V7.2.5 (5725-M16)
  • IBM Security QRadar Vulnerability Manager Virtual V7.2.5 (5725-M17)
  • IBM Security QRadar Vulnerability Manager V7.2.5 (5725-M18)
  • IBM Security QRadar Incident Forensics Core Appliance V7.2.5 (5725-Q40)
  • IBM Security QRadar Incident Forensics V7.2.5 (5725-Q41)
  • IBM Security QRadar Incident Forensics Software V7.2.5 (5725-Q42)
  • IBM Security QRadar Incident Forensics Virtual V7.2.5 (5725-Q43)
  • IBM Security QRadar Core Appliance XX05 G2 V7.2.5 (5725-Q59)
  • IBM Security QRadar Core Appliance XX28 G2 V7.2.5 (5725-Q60)
  • IBM Security QRadar Core Appliance 21XX G2 V7.2.5 (5725-Q61)
  • IBM Security QRadar QFLOW Collector 1201 G2 V7.2.5 (5725-Q62)
  • IBM Security QRadar QFLOW Collector 1202 G2 V7.2.5 (5725-Q92)
  • IBM Security QRadar QFLOW Collector 1301 G2 V7.2.5 (5725-Q63)
  • IBM Security QRadar QFLOW Collector 1310-SR G2 V7.2.5 (5725-Q64)
  • IBM Security QRadar QFLOW Collector 1310-LR G2 V7.2.5 (5725-Q65)
  • IBM Security QRadar Event Collector 1501 G2 V7.2.5 (5725-Q66)
  • IBM Security QRadar Data Node V7.2.5 (5725-Q86)
  • IBM Security QRadar Data Node Software V7.2.5 (5725-Q87)
  • IBM Security QRadar Data Node Virtual V7.2.5 (5725-Q91)
  • IBM Security QRadar Software Appliance OS Entitlement V7.2.5 (5725-R93)
  • IBM Security QRadar Event Collector 1501 G2 FF V7.2.5 (5725-T23)
  • IBM Security QRadar Core Appliance XX28-C V7.2.5 (5725-U34)
  • IBM Security QRadar Packet Capture Data Node Core Appliance XX28 V1.0.0 (5725-V96)
  • IBM Security QRadar Packet Capture Core Appliance XX28-C V1.0.0 (5725-U77)
  • IBM Security QRadar Incident Forensics Core Appliance XX28-C (5725-U78)
Highlights:

The enhanced IB M Security QRadar V7.2.5 family of products includes:

  • IBM Security QRadar SIEM V7.2.5

  • IBM Security QRadar Log Manager V7.2.5

  • IBM Security QRadar Risk Manager V7.2.5

  • IBM Security QRadar Vulnerability Manager V7.2.5

  • IBM Security QRadar Incident Forensics V7.2.5
    • IBM Security QRadar Incident Forensics
    • IBM Security QRadar Incident Forensics Standalone
    • IBM Security QRadar Packet Capture
    • IBM Security QRadar Packet Capture Data Node

  • IBM Security QRadar Incident Forensics Software V7.2.5
    • IBM Security QRadar Incident Forensics Software
    • IBM Security QRadar Incident Forensics Standalone Software
    • IBM Security QRadar Packet Capture Software

  • IBM Security QRadar Incident Forensics Virtual V7.2.5
    • IBM Security QRadar Incident Forensics Virtual
    • IBM Security QRadar Incident Forensics Standalone Virtual Appliance

IBM Security QRadar Core Appliance XX28-C offers a hardware appliance that can be used in place of the existing IBM Security QRadar XX28 G2 appliances.

QRadar Core Appliance XX28-C includes the following benefits:

  • It is designed to provide National Institute of Standards and Technology (NIST) Federal Information Processing Standards 140-2 Level 2 (FIPS 140-2 Level 2) ready hardware.

  • It is manufactured in North America.

  • It can be used as a core appliance to be ordered together with a Software Pack for any QRadar XX28 G2 appliance product, for example, IBM Security QRadar SIEM All-in-One 3128, IBM Security QRadar Event Processor 1628, and IBM Security QRadar Flow Processor 1728.

  • It is fully compatible with the existing QRadar XX28 G2 appliances.
IBM Product Life Cycle:

Program NumberVRMAnnounced AvailableMarketing Withdrawn Service Discontinued
5725-I5107.02.05 2015-05-262015-05-29 --
5725-I5107.02.04 2014-11-252014-11-25 --
5725-I5107.02.02 2014-04-222014-04-25 --
5725-I5107.02.00 2013-07-222013-08-12 --
5725-I5107.01.00 2013-01-082013-01-11 -2020-07-31
Additional Information:
Short Title: IBM Security QRadar Core Appliance XX24 V7.2.5
Offering Type: Software
Offering Subtype: Program Product
Content Revision Date: 20150526
Document Identifier: 000000344291
Brand Codes: BND00 BND70 BX500
Applicable Countries:
United States