Tuesday, 10 January 2012 11:00 2505No Commentshttp%3A%2F%2Fblog.q1labs.com%2F2012%2F01%2F10%2Fsuccess-at-scale-a-q1-labs-hallmark%2FSuccess+at+Scale%3A+A+Q1+Labs+Hallmark2012-01-10+16%3A00%3A36Michael+Applebaumhttp%3A%2F%2Fblog.q1labs.com%2F%3Fp%3D2505

Posted by Michael Applebaum in Critical Infrastructure, Security Intelligence

Following their widespread adoption, SIEM and log management solutions have become a staple of many organizations’ security and compliance practices.  They are relied on to protect against countless security and compliance risks.  But there’s a big difference between monitoring the network of a midsize business and those of Fortune 500 organizations.  Q1 Labs not only delivers economical solutions for the former, but also scalable and resilient solutions for the latter.

This is no small feat when you’re talking about a magnitude of well over 100,000 events per second, all correlated in real-time – a volume many Q1 Labs customers are achieving with the QRadar Security Intelligence Platform.  Run out the math and you find this is billions of events per day.  How exactly does QRadar enable success at scale?

Let’s scratch the surface of QRadar’s keys to success:

• Scalability. QRadar’s distributed, federated database architecture allows it to monitor, correlate and store the highest data volumes in real time, without filtering out data or skipping correlation, as some other products do.
• Search Performance. High-performance indexing and search provides incredibly fast access to enterprise networking and security data. Applying Internet search engine technology, QRadar tames big data.
• Customization Ability. Although QRadar ships with thousands of out-of-the-box rules, report templates and dashboards, it is also highly customizable, meeting the needs of multi-divisional and multi-national organizations.
• Expansion and Upgrade Ability. The distributed appliance approach allows an organization to start with a small, mid-sized or large deployment, and add new processing capacity or functional capabilities on the fly.  The architecture and size of a QRadar deployment can grow organically and don’t face major constraints.
• High Availability. Q1 Labs provides a turnkey solution for high availability, taking the guesswork, risk and complexity out of HA, so customers can focus on their security operations, not IT infrastructure.

These capabilities are further explained and a series of customer case studies are presented in a new Q1 Labs brochure on “Success at Scale.” As a sneak preview, consider the following portrait of a Fortune 5 energy company:

Business Challenge: This company needed to ensure compliance with PCI-DSS, NERC and numerous regulations in other countries. At the same time, it needed to monitor and analyze an average of 2 billion logs daily to protect itself from numerous security threats.

Q1 Labs Solution: The business addressed its regulatory compliance and security needs by deploying QRadar SIEM and QRadar QFlow using 30 appliances globally. By correlating events, network activity (flows), asset information and configuration data, the solution intelligently identifies 25-50 high priority offenses out of 2 billion daily events, utilizing 40 TB of aggregate storage. It serves 100 security users across four groups, while protecting 10,000 network devices, 10,000 servers and 80,000 user endpoints. Major technologies protected by QRadar include products by Oracle, SAP, Cisco and Juniper. The customer also uses QRadar to monitor 6 million card swipes per day for PCI compliance and ensures the security of SCADA systems for NERC compliance.

Read the brochure today to gain insight on more of the world’s largest and most successful Security Intelligence deployments.