Skip to main content

Enhanced Cyber Resilience

Threat Detection with

IBM FlashSystem

Safeguarded Copy

and IBM QRadar

The focus of this document is to demonstrate an early threat detection by using IBM® QRadar® and the Safeguarded Copy feature that is available as part of IBM FlashSystem® and IBM SAN Volume Controller. Such early detection protects and quickly recovers the data if a cyberattack occurs.

This document describes integrating IBM FlashSystem audit logs with IBM QRadar, and the configuration steps for IBM FlashSystem and IBM QRadar. It also explains how to use the IBM QRadar’s device support module (DSM) editor to normalize events and assign IBM QRadar identifier (QID) map to the events.

Post IBM QRadar configuration, we review configuring Safeguarded Copy on the application volumes by using volume groups and applying Safeguarded backup polices on the volume group. Finally, we demonstrate the use of orchestration software IBM Copy Services Manager to start a recovery, restore operations for data restoration on online volumes, and start a backup of data volumes.

The information requested on the right. It will help us to create better materials in the future to support your needs.

I don't want to provide any input at this time, but let me download the publication anyway.  

Enhanced Cyber Resilience

Threat Detection with

IBM FlashSystem

Safeguarded Copy

and IBM QRadar

The focus of this document is to demonstrate an early threat detection by using IBM® QRadar® and the Safeguarded Copy feature that is available as part of IBM FlashSystem® and IBM SAN Volume Controller. Such early detection protects and quickly recovers the data if a cyberattack occurs.

This document describes integrating IBM FlashSystem audit logs with IBM QRadar, and the configuration steps for IBM FlashSystem and IBM QRadar. It also explains how to use the IBM QRadar’s device support module (DSM) editor to normalize events and assign IBM QRadar identifier (QID) map to the events.

Post IBM QRadar configuration, we review configuring Safeguarded Copy on the application volumes by using volume groups and applying Safeguarded backup polices on the volume group. Finally, we demonstrate the use of orchestration software IBM Copy Services Manager to start a recovery, restore operations for data restoration on online volumes, and start a backup of data volumes.

The information requested on the right. It will help us to create better materials in the future to support your needs.

I don't want to provide any input at this time, but let me download the publication anyway.  

Already have an IBM account? Log in

Business Contact Information

1. Contact information

Phone
Open menu
We use phone in order to reach you for account related matters or, with your permission, to contact you related to other products and services.

2. Additional information