Installations and deployments

w Depending on the product that you install and whether you upgrade IBM QRadar or install a new system, the Vulnerabilities tab might not be displayed.

You access IBM Security QRadar Vulnerability Manager by using the Vulnerabilities tab:

  • If you install QRadar SIEM, the Vulnerabilities tab is enabled by default with a temporary license key.
  • If you install QRadar Log Manager, the Vulnerabilities tab is not enabled. You can purchase the license for QRadar Vulnerability Manager separately and enable it by using a license key.

For more information about upgrading, see the IBM QRadar Upgrade Guide.

QRadar Vulnerability Manager license

To use QRadar Vulnerability Manager after an installation or upgrade, you must upload and allocate a valid license key. For more information, see the Administration Guide. The license for QRadar Vulnerability Manager license is applied and processed in real time to QRadar Vulnerability Manager scanned assets that have at least one IP address. The QRadar Vulnerability Manager scan must fall within the configured retention time for the IP address of the asset.

  1. From the Admin tab, click the Asset Profiler Configuration
  2. Find the Asset IP Retention (In Days) row to edit the asset IP retention value.
  3. Change the retention value or check that it is suitable for your needs. The default asset IP retention value is 120 days.

QRadar Vulnerability Manager and QRadar Risk Manager licenses

IBM QRadar Vulnerability Manager and IBM QRadar Risk Manager are combined into one offering and both are enabled through a single base license. The combined offering provides an integrated network scanning and vulnerability management workflow. With the base license, you are entitled to use QRadar Vulnerability Manager to view vulnerability dashboards, vulnerabilities detected by third-party scanners, QRadar Vulnerability Manager filters, and QRadar Vulnerability Manager reports. You can integrate QRadar Risk Manager with up to 50 standard configuration sources. If you are entitled to either QRadar Vulnerability Manager or QRadar Risk Manager, you are automatically entitled to the base license allowance for the other product. You require extra licenses to integrate with more than 50 configuration sources.

Important: The IBM QRadar Vulnerability Manager scanner is end of life (EOL) in 7.5.0 Update Package 6, and is no longer supported in any version of IBM QRadar. If you upgrade to QRadar 7.5.0 Update Package 6, you cannot scan assets with the base license. For more information, see QRadar Vulnerability Manager: End of service product notification (https://www.ibm.com/support/pages/node/6853425).