Security enhancements

Stronger security capabilities in IBM® QRadar® 7.4.0 include modifying the inactivity timeout for user accounts.

More secure operating system

QRadar 7.4.0 runs on Red Hat® Enterprise Linux® version 7.6. The update to RHEL V7.6 is necessary to continue receiving security updates from Red Hat Enterprise Linux.

Reverse tunnel initiation

The SSH tunnel between two managed hosts can now be initiated from the remote host instead of the local host. For example, you have a connection from an Event Processor in a secure environment to an Event Collector that is outside of the secure environment. You also have a firewall rule that prevents you from having a host outside the secure environment connect to a host in the secure environment. In QRadar 7.4.0, you can switch which host creates the tunnel so that the connection is established from the Event Processor by selecting the Remote Tunnel Initiation checkbox for the Event Collector.

New information Learn more about reverse tunnel initiation...

Secure email server

Send email to distribute alerts, reports, notifications, and event messages to mail servers that require authentication.

You can configure an email server for your entire QRadar deployment, or multiple email servers.

New information Learn more about configuring Secure email server...