IBM Security QRadar is security information and event management (SIEM) Software.
N/A
RackFoundry Total Security Management (discontinued)
Score 1.4 out of 10
N/A
RackFoundry was a firewall solution with VPN, SIEM, automated vulnerability scanning and log management features scaled for SME’s. It has been discontinued and is no longer available.
N/A
Pricing
IBM Security QRadar SIEM
RackFoundry Total Security Management (discontinued)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Security QRadar SIEM
RackFoundry Total Security Management (discontinued)
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
IBM Security QRadar SIEM
RackFoundry Total Security Management (discontinued)
Features
IBM Security QRadar SIEM
RackFoundry Total Security Management (discontinued)
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
IBM Security QRadar SIEM
8.5
Ratings
9% above category average
RackFoundry Total Security Management (discontinued)
1.0
Ratings
154% below category average
Centralized event and log data collection
9.90 Ratings
1.00 Ratings
Correlation
8.60 Ratings
1.00 Ratings
Event and log normalization/management
9.50 Ratings
1.00 Ratings
Deployment flexibility
7.80 Ratings
1.00 Ratings
Integration with Identity and Access Management Tools
8.90 Ratings
1.00 Ratings
Custom dashboards and workspaces
7.50 Ratings
1.00 Ratings
Host and network-based intrusion detection
9.70 Ratings
1.00 Ratings
Data integration/API management
9.00 Ratings
00 Ratings
Behavioral analytics and baselining
7.60 Ratings
00 Ratings
Rules-based and algorithmic detection thresholds
8.00 Ratings
00 Ratings
Response orchestration and automation
7.70 Ratings
00 Ratings
Reporting and compliance management
7.90 Ratings
00 Ratings
Incident indexing/searching
8.90 Ratings
00 Ratings
User Ratings
IBM Security QRadar SIEM
RackFoundry Total Security Management (discontinued)
RackFoundry Total Security Management (discontinued)
Likelihood to Recommend
QRadar is very well suited on environments where there are not multiple tenants or domains, we do have success on this kind of scenario. IBM Security QRadar SIEM is less appropriate for environments with multiple tenants, specially when each tenant represent a different End Costumer (such as for MSSP companies), those environments require a high amount of rules and building blocks replications, since each tenant will have its own "BB definitions", servers, rules exception, etc. Also, some information, such as EPS count or EPS dropped are generated by QRadar's own log sources, which takes place on default domain, therefore users associated with different domain can not have access to those logs, even when the information is related to other domain's environment. For example, even if Event Collector 1 is associated to Domain A, the log informing its dropped EPS is generated by System notification, log source that must be associated to Default domain.
I would not recommend RackFoundry to any company whatsoever. At first it seems like a viable solution for the cost. Offering SOC monitoring, implementation and deployment all-in-one seems like a great deal. However it all falls apart when push comes to shoves. As it currently stands we are just over a year into our deployment. All we have to show for it is a fancy web app that does not display any information. In the year that this deployment has been ongoing it has taken us a few months just to get the virtual appliance installed. Then it was another few months of back and forth until we finally got credentials. Then when I finally logged in we began the process of deploying agents and began collecting data. Shortly afterward things began to stall to where they are now. We faced major issues with the web app, scans were not running, assets were not reporting in and data and reports were not being generated. After doing some more research and googling I realized that we were not alone with these issues. Countless other reports from companies who have had similar issues to ours. Each time I ask when the issues were going to be resolved, I got the same answer every time: "The next release should fix the issues you have been experiencing", only for the next release to come, and the issues remain.
Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.
While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.
IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.
With the arrival of IBM Security QRadar SIEM at our company, we have a better vision of all the security needs that may arise, it is a very safe software to use that prevents threats from damaging our IT environment, it is impossible to change it for another software.
As a grade I give 8 as QRadar is not easy to learn. It requires some time to master it. It also needs a team of people actively working on the product. Once you learn to use it the software works very well and it is easy to correlate and understand detected threats. It only takes time to learn how to use it well and configure it properly.
Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
Initial patience is required to learn how to use the product, and it takes a dedicated team to use it. One person is not enough, and it's not enough to just set it up and check it once in a while. It has to be used daily and kept under control to be used effectively
I would always recommend Splunk over IBM Security QRadar SIEM unless you're trying to save money or only onboarding and normalizing well known data sources. IBM Security QRadar SIEM doesn't seem to handle RBA and complicated, chaining correlation rules very effectively and if I had to write a custom add-on for custom data, I found it easier to do so in Splunk.
Well I have experience with the big names: SecureWorks, IBM and Splunk. Individually their logging tools are much better than RackFoundry's Total Security Management. This is great for large corporations and urban cities, however not so great for municipalities, mid size businesses and companies who fluctuate between 1-7 members on their IT staff. Why? Because it takes too much of their resources and integration with other products gets a little rough as you will need to configure your preferences to theirs. When a company has stability it is great to have a name brand product, however renewals and upgrade costs can be taxing to an organization.
