Security requirements

IBM Security QRadar® Suite Software runs on a Red Hat® OpenShift® Container Platform restricted security context constraints (SCC). The IBM Security QRadar Suite Software operator is scoped to the namespace.

Security context constraints

IBM Security QRadar Suite Software runs on a Red Hat OpenShift Container Platform restricted security context constraint (SCC). Microservices run with an arbitrary user and cannot run as root or with escalated privileges.

The security context definition for IBM Security QRadar Suite Software containers sets the following fields:

privileged: false
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
runAsNonRoot: true

For more information about SCCs and container security context, see the Red Hat OpenShift Container Platform documentation.

Operator scope

The IBM Security QRadar Suite Software operator is scoped to the namespace. When the IBM Cloud Pak® is installed in a specific namespace on the cluster mode, only one instance of QRadar Suite Software (Threat Management) can be installed in each namespace. An IBM Security QRadar Suite Software deployment owns only the instances in that namespace.

A single instance of IBM Cloud Pak Foundational Services is installed in the ibm-common-services namespace if it is not already installed on the cluster.

Ensure that any existing installation meets the minimum system requirements.

You can also install multiple instances of QRadar Suite Software in different namespaces in a cluster. For more information about installing multiple instances of QRadar Suite Software, see Planning for an environment with multiple IBM Cloud Paks or multiple instances of QRadar Suite Software.