It helps us discover any threats with their alerts and tracking.
QNI is the most valuable feature.
I would like for them to lower the price.
One to three years.
The system is quite stable, so far we haven't had any problems. Although the initial supply of the appliance was a bit faulty, the processor kept on failing. We were within the warranty so they supplied new ones. After loading logs, the system is very stable and nothing to worry about.
It's very scalable. There are currently five users. We may still onboard more users depending on the requirements and their departmental level.
We do plan to increase usage.
Their support is excellent, they are available when we need them. I'm satisfied so far.
The initial setup wasn't exactly straightforward but the vendor who set it up for was helpful. It was very straightforward with their help. The deployment took two months.
We require two admins for maintenance.
We used our own people and the certified IBM vendor for the implementation. We had a very good experience with them.
We do licenses once a year.
We also looked at LogRhythm.
I would advise someone considering this solution to write down your use cases and evaluate them with the vendor. Evaluate the best solution based on your use cases because you are the ones who are going to use it. The vendor will try and implement and leave you with your problems.
If the solution meets your requirements and solves most of your problems, you're good to go. QRadar is the best solution we have. The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not always straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference.
I would rate it an eight out of ten.