DATASHEET
QRadar VFlow Delivering Cost Effective Visibility in Virtual Environments
Application Layer visibility and content awareness for all corners of your virtual infrastructure.
Define, Implement, and Protect Virtual Servers The use o virtualized servers is now becoming common in IT inrastructures across businesses businesses o all sizes and industry. Since its conception, virtualization technologies technologies have successully moved rom the lab, to test environments environments,, to ull production. There are many benefts o virtualization including improved use o networked systems, cost reduction, and simplifed management. Virtualization however creates additional additional challenges when implementing strong security controls, such as being able to monitor trac traversing virtual virt ual environments, that cannot be collec ted rom traditional monitoring technologies technologies..
Visibility is Key to Securing Any Network, Including Virtual Environments Common wisdom, as with any new technology, is that organizations should continue ollowing existing IT security best practices, including log management and security inormation and event
QRadar®® VFlow provides advanced QRadar
management (SIEM), and leverage new technologies that are ocused on solving specifc security
Security Intelligence Intelligence in virtual
challenges introduced by virtualization. For virtualized companies, QRadar ® VFlow provides advanced
environmentss by providing application environment
security intelligence in virtual environment environmentss by providing application layer visibility o all vir tual
layer visibility visib ility of all virtual vi rtual network tra ffic.
network tra c. By adding QRadar VFlow to the QRadar Security Intell igence Platorm it provides organizations with an easy to use, cost eective, security intelligence solution. The result—greatly
- Improved Layer 7 visibility
improved security o the virtual network.
- Cost effective - Efficient virtual network net work monitori ng
Q1Labs.com
QRadar VFlow Delivering Cost Effective Visibility in Virtual Environments
Features and Benefits Specific to QRadar VFlow: Improved visibility QRadar VFlow provides layer 7 visibility or VMware ESX and ESxi vir tual environments; enables the profling o over 900 applications out-o-the-box Cost effective QRadar VFlow runs as virtual host sotware on the virtual server, not requiring additional hardware; Can analyze port mirrored tra c or a physical network switch which helps
Technical Specifications
bridge the gap between the physical and virtual realm Efficient virtual network monitor ing QRadar VFlow provides network and application visibility in both existing and emerging
•
virtual networks QRadar VFlow is one o many modules that can be leveraged by the QRadar Security Intelligence Platorm.
ESX 3/5 and ESXi 3.5 •
Requires at least 512 MB RAM
•
Provides collection of up to
Benefts o adding QRadar VFlow to QRadar Security Intelligence Platorm include:
10,000 Flows per Minute (FPM) •
Centralized command and control console
Requires VMware
Provides collection of up to 4 virtual interfaces
Integrated log management, security inormation and event management (SIEM), Risk Management and network and application visibility in a single console improves IT operati onal eciency.
Network, security, application, & identity awareness Converged monitoring o network events, security events, network and application ow data, virtual network activity, vulnerability data, and identity inormation greatly improves ability to detect threats. Q1 Labs 890 Winter Street, Suite 230 Advanced threat and security incident detection By incorporating new analytics techniques, like behavior analysis, and broader intelligence, QRadar helps
Waltham, MA 02451 USA 1.781.250.5800, in
[email protected]
reduces alse positives and detect threats that other security solutions miss. Copyright 2011 Q1 Labs, Inc. All rights reserved. Q1 Labs, the Q1 Labs Compliance-driven reporting capabilities
logo, Total Security Intelligence, and
A comprehensive library o security reports enables the delivery o IT best practices which support
QRadar are trademarks or registered
compliance initiatives.
trademarks o Q1 Labs, Inc. All other company or product names mentioned may be trademarks, registered trademarks, or
Scalable distributed log collection and archival
service marks o their respective hold-
QRadar’s distributed appliance architecture scales to provide event and ow log management in any
ers. The specifcations and inormation
enterprise network.
contained herein are subject to change without notice.
Cost effective security management solution
DSQRVF0711
Built upon three pillars o intelligence, integration and automation, QRadar provides a solution that is cost eective to acquire, deploy, and maintain.
Q1Labs.com
2
