QRadar Network Visibility content extension
You can get at-a-glance insights into the network traffic in your environment by using the set of IBM® QRadar® Pulse dashboards provided by the IBM Security QRadar Network Visibility content extension. These visualizations enhance the data in network activity to provide readily available metrics that align with various MITRE ATT&CK categories.
QRadar Network Visibility includes the following dashboards:
| Dashboards | Description |
|---|---|
| Overview | Use the Overview dashboard to gain insights into activity across the entire network, focusing on metrics that uncover unusual behavior. For a threat hunting workflow, use the Overview dashboard as the starting point. |
| Application/Protocol Details | Use the Application/Protocol Details dashboard to drill into a specific application or protocol of interest and identify suspicious or atypical behavior. |
| IP Details | Use the IP Details dashboard to drill into a specific IPv4 address, highlighting metrics that might indicate attacks that are associated with this address. |
QRadar Network Visibility dashboards use the data that is contained in flows from external flow sources such as IPFIX and NetFlow. It leverages deep insights that are uncovered by QRadar Network Insights and X-Force®. After the extension is installed, you can be further customize it by modifying the dashboard parameters or editing the dashboard components to best suit your environment.