QRadar Risk Manager and QRadar Vulnerability Manager

Enhance your network security by integrating IBM® QRadar® Risk Manager with IBM QRadar Vulnerability Manager. Data sources, such as scan data, enable QRadar Risk Manager to identify security, policy, and compliance risks in your network and calculate the probability of risk exploitation.

QRadar Vulnerability Manager and QRadar Risk Manager are combined into one offering and both are enabled through a single base license.

Add a QRadar Risk Manager 700 appliance to get the following capabilities:
  • Compliance assessment
  • Risk policies that are based on vulnerability data and risk scores that help you quickly identify high-risk vulnerabilities.
  • Visibility into potential exploit paths from potential threats and untrusted networks through the network topology view.

  • Risk policy-based filtering.
  • Topology visualization
  • False positives reduction in vulnerability assessments.
  • Visibility into what vulnerabilities are blocked by firewalls and Intrusion Prevention Systems (IPS).

QRadar Risk Manager appliance

Install QRadar Risk Manager separately on a QRadar Risk Manager 700 appliance.

You must install IBM QRadar Console before you set up and configure the QRadar Risk Manager appliance. It is a good practice to install QRadar and QRadar Risk Manager on the same network switch.

You require only one QRadar Risk Manager appliance per deployment.

The following diagram shows a deployment that has a scanner and QRadar Risk Manager.

Figure 1. Scanning deployment with Risk Manager
Risk Manager deployment
Use Risk Manager to complete the following tasks:
  • Centralized risk management.
  • View and filter your network topology
  • Import and compare device configurations
  • View connections between network devices.
  • Search firewall rules.
  • View existing rules and the event count for triggered rules.
  • Search devices and paths
  • Query network connections
  • Simulate the possible outcomes of updating device configurations.
  • Monitor and audit your network to ensure compliance.
  • Simulate threats or attacks against a virtual model.
  • Search for vulnerabilities.