QRadar products family consists of the following variations
QRadar SIEM (Security Information and Event Management) is a network security management platform that provides situational awareness and compliance support.
- QVM – QRadar Vulnerability Manager
QVM (QRadar Vulnerability Manager) is a scanning platform based on QRadar that is used to identify, manage, and prioritize the vulnerabilities on your network assets. It provides additional tab inside console, where it can be activated, although it can have also additional appliance added to deployment, where resides QVM processor.
- QRM – QRadar Risk Manager
QRM (QRadar Risk Manager) appliance delivers a fully integrated risk management, vulnerability prioritization, and automated configuration solution that is integrated into the QRadar platform. QRadar Risk Manager enables tightly integrated features in QRadar SIEM that enhance incident management, log and network activity searches, threat visualization, and reports.
- QRIF – QRadar Risk Incident Forensic
QRIF ( QRadar Risk Incident Forensic) allows you to retrace the step-by-step actions of a potential attacker and quickly and easily conduct an in-depth forensics investigation of suspected malicious network security incidents. It reduces the time it takes security teams to investigate QRadar offense records, in many cases from days to hours – or even minutes. It can also help you remediate a network security breach and prevent it from happening again
- QPCAP – QRadar PCAP device
QPCAP ( QRadar Packet Capture) is a network traffic capture and search application. The QRadar Packet Capture appliance has only one capture port (DNA0) and you can install either a 10G or 1G SFP transceiver.
- QNI – QRadar Network Insights
QNI ( QRadar Network Insights) is an appliance which can provide detailed analysis of network flows to extend the threat detection capabilities of IBM Security QRadar. QRadar Network Insights analyzes network data in real-time to uncover an attacker’s footprints and expose hidden security threats in many scenarios before they can damage your organization, including: phishing e-mails, malware, data exfiltration, lateral movement, DNS and other application abuse, and compliance gaps.