QRadar on Cloud overview
In an environment where security requirements are dynamic, IBM® QRadar® on Cloud provides both the security monitoring that you need, and the flexibility to modify your monitoring activities as your requirements change.
With QRadar on Cloud, you can protect your network and meet compliance monitoring and reporting requirements, with reduced total cost of ownership. Other than a data gateway appliance, which is used to connect to QRadar, you do not need to install any extra hardware on your premises.
You get the benefit of all of the QRadar capabilities without investing in the hardware and software of an on-premises QRadar deployment. IBM security professionals manage the infrastructure, while your security analysts perform the threat detection and management tasks.
For more information about the capabilities of QRadar on Cloud, see "Capabilities in your security intelligence product" in the IBM QRadar SIEM Administration Guide.
Gateway appliance
Download and install the enabling software on your gateway appliance to collect flow and event data from all of the log sources that are supported in your on-premises or cloud deployment.
The enabling software forwards the collected events and flow data through a secure VPN tunnel to QRadar running in the IBM cloud, where the data is stored and managed.
Log on to the QRadar console from a web browser to manage all your security and threat management tasks, just as you would with QRadar deployed on your premises.
The following image shows devices on your network that send information to your gateway appliance. The gateway appliance then communicates with an instance of QRadar that is running in the IBM cloud.
EPS and FPM limits
Events per second | Flows per minute |
---|---|
0 | 600,000 |
1,000 | 540,000 |
2,000 | 480,000 |
3,000 | 420,000 |
4,000 | 360,000 |
5,000 | 300,000 |
6,000 | 240,000 |
7,000 | 180,000 |
8,000 | 120,000 |
9,000 | 60,000 |
10,000 - 17,000 | 0 |