QRadar public servers

To provide you with the most current security information, IBM® QRadar® requires access to a number of public servers.

Public servers

Table 1. Public servers that QRadar must access. This table lists descriptions for the IP addresses or hostnames that QRadar accesses. https://www.ibm.com/support/pages/node/6244622
IP address or hostname Description
194.153.113.31 IBM QRadar Vulnerability Manager DMZ scanner
Important: The IBM QRadar Vulnerability Manager scanner is end of life (EOL) in 7.5.0 Update Package 6, and is no longer supported in any version of IBM QRadar. For more information, see QRadar Vulnerability Manager: End of service product notification (https://www.ibm.com/support/pages/node/6853425).
194.153.113.32 QRadar Vulnerability Manager DMZ scanner
Important: The IBM QRadar Vulnerability Manager scanner is end of life (EOL) in 7.5.0 Update Package 6, and is no longer supported in any version of IBM QRadar. For more information, see QRadar Vulnerability Manager: End of service product notification (https://www.ibm.com/support/pages/node/6853425).
auto-update.qradar.ibmcloud.com/ QRadar auto-update servers.

For more information about auto-update servers, see QRadar: Important auto update server changes for administrators (https://www.ibm.com/support/pages/node/6244622).

update.xforce-security.com X-Force® Threat Feed update server
license.xforce-security.com X-Force Threat Feed licensing server