IBM Security Network IPS (GX)
The IBM® Security Network IPS (GX) DSM for IBM Security QRadar® collects LEEF-based events from IBM Security Network IPS appliances by using the syslog protocol.
|DSM||Security Network IPS (GX)|
|RPM file name||DSM-IBMSecurityNetworkIPS-QRadar_version-Build_number.noarch.rpm|
|Supported versions||v4.6 and later (UDP)
v4.6.2 and later (TCP)
|QRadar recorded events||
Security alerts (including IPS and SNORT)
IPS events (Including security, connection, user defined, and OpenSignature policy events)
- If automatic updates are not enabled, download and install the most recent version of the IBM Security Network IPS (GX) RPMs from the IBM Support Website onto your QRadar Console.
- For each instance of IBM Security Network IPS (GX), configure your IBM Security Network IPS (GX) appliance to enable communication with QRadar.
- If QRadar does not automatically discover the log source, create a log source for each instance of IBM Security Network IPS (GX) on your network.