|
|
|
Q1 Labs to Announce QRadar 5.0
By: Paul F. Roberts
2005-07-25
Article Rating: / 0
There are 0 user comments on this IT Infrastructure story.
Network anomaly detection vendor Q1 Labs is getting into the security incident management game with QRadar 5.0.Network anomaly detection vendor Q1 Labs Inc. is getting into the security incident management game with the latest version of its QRadar product, QRadar 5.0.
The new release, set to be announced next week, adds features for collecting, correlating and analyzing data from vulnerability scanners, firewalls and IDS (intrusion detection system) sensors to existing QRadar network anomaly detection technology. The product gives administrators a detailed picture of network security events, said Q1 Labs officials.
QRadar can be deployed as an all-in-one appliance that collects and archives data feeds from different products and provides a management interface for the product. Multiple QRadar collector appliances can be deployed on large networks, with different boxes acting as dedicated collectors and a single QRadar Management Server used to manage the system.
Previous versions of QRadar could flag some events, such as alerts from Cisco Systems Inc. and Check Point Software Technologies Ltd. firewalls, and some security appliances. With Version 5.0, Q1 Labs has increased the number of security events that QRadar recognizes and introduced Judicial System Logic, a relational security engine that can tease specific threats out of correlated security events, vulnerability data and traffic flows, officials said.
For example, the product can flag the appearance of a new service on a machine that was the target of an earlier attack as evidence of compromise.
Asset profiles are combined with security event data to allow QRadar 5.0 to identify business assets that are at risk of or under attack and prioritize response and built-in remediation features.
At CTC Communications Corp., an integrated communications provider in Waltham, Mass., an earlier version of QRadar spotted anomalous behavior caused by a worm infection that was passing unnoticed through the corporate firewall, said Keith Cancel, manager of information systems and network security at CTC.
However, the new version of QRadar has limitations. It only supports feeds from a few products out of the box, such as the open-source Nessus vulnerability scanner and products from nCircle Network Security Inc.
Cancel is excited about the product and the new SIM (security incident management) features that come with Version 5.0, which CTC hasnt yet deployed. "Youre going to be able to get intelligence from diff devices and correlate that with network behavior and anomaly tracking—and thats where the gold is."
QRadar 5.0 is available immediately and is priced starting at $29,000.
 Check out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.
|
|
�������x}r㶲s\@♵M"f-�r,83uT��I)!)J
7]hɗdĶD
th4���I">41p3ݩ3I]"I{��(7S��92p!j9%G�jY��)a]̱]�����y(,�Q � tjGt0]2x�Դ;s:&gves/cߨ�:`&`1Z!qF٤XC#�: rסyG`nZN<�Q܇CѺ�8�QQ��w,sxH��G�H��*�'�x8սi/DeO��d_I�M"h4"j�>vn=w2`V~�|!�k`TCw-}~@�c�M-G ؓ�-CUl�v�y!rs�#�g�ݻ�HcH%�;qؓ:Iuhl�D`iRi13�L�5LÑcPp,ǃ)J�T+Q3#}jZ�3uk-3G@ؾ!�#���3Eu��L_FBԿ$f�
0�b�Bu
O,Ӈ�;) ۱ȭB ¿{k׳�߀�ݸ�{��g�E-}NX�o�~�c> �C
xz`:v�xtTa_�dY��f42ۼM�ٰn�5Xj�E9,KUezh,^ߛй-Ӟ=89np?�sjT/� �?
?t�h;XCb�y]
Z�}|vNzu~N�ox�9vy/g@o&1�`r�LTTKBpd"���PcbCG,/B�.oVqW-jASC T�$0L"�J�1~̢J�:5gsKnw[:>;nN}1�fPeM�~(!3hE+��4Zuܜ4o9nڗMtI}"+|rf����p3�ZZr�`Ck'^�SQ�&�چa#U*Ū~Ff9}jI�o]}8:o�$7cYn׳9�0o-Yn]H.)T|Y|ěa0̱n>�@|sH`6dʩ�$|Ǻ�z�N���Rl�jZm&T��#d��Li�|]̻Z��h-@ho�*K��Lr5&@Sk~�$M�5ņ]�)!exFSۤ%/^(PE!P샖_.��
jFTwQQ��Q#w�=^6_��"ʥ��e�p1S{�.Ӱt�1?:
Zo͉*]X^uejZll-~龂Ksq}n5IsোV8m�ǫ�g�",�$��ꨦ騕Kt�~~"ܯ�ËJUU��_1p�-~~2dLm�,��5,L�HYA^݇gA`�:)~ҧ!>ҡ9�m'!|Бd��mx=Z.33ЍI��Xn`vt��h�Qp{4�ڭ�,%_�bH}x�S껵V��=H:}mP`�9��ImLJ.??6� ;
G`p��&;�xk
=`D+wC�@b�L{��TE}�vAC@X��' >)�@}�9\P��lmN7-}`Z`1 ���JKm@i0x�z�dQJ
4$@�!��-i]�R@A�z6W?��-�8�,rr4����ޑ�vZOZ"'9Xt{B#�;}X|(�τ=*%�nqR%a 934YIjL=?�j1!U�G�,D`v9J,L��.�Y
ϴ�6�jԍe�}PӪ
|:IoBk42
�0s��Һ<�LkH��-|' M�LcF��3p�Eql)�0�cϹ`���m'ȓcQ2G�l�a�}�&� /|�`0'�6�95mX0NLcB"+H5L6�ЃiА4XĹǦ笳Z&�ɩ�SN`cܒN86̜07ÚL ~D�g�艉m>`�4fs)wdm˴o)�XЛv39n(!+h�WY� ��2cdRUy�rt+[Y3nR>�=M)O)�X�ScX`D��>DL)^HIRЙj!@�9z٧l�)�?ΖuV�kͲG{_�No6�y4�m���{g�@x�� dlK/,:�+c:K�_ji��hH*6�@\X1,#��%Σ�?0�Z�T6;6Ϟ#}nvP
jrA5 )Kb��5E+sXjgܲ��&���P
����`�*�`b\0
N`Nc�y9�xA[{f�l.n:�
1�8yy4�%2N�?AP�t
@I�5}�끆7�_ƅ/c%�|o2rl\�:|ꚺ8/-�'uaGlHs9�e"@0m�"=A`iNR}�
ȴ^oZu?twұj�)ՅI�,䧒TT
�~$�[�b"�ud\6˰@e9�ִ�&3r,˹&�zfdݞ0�R´g�9&�'zI4(%�$�o秺�J
ؑGaŅ^{X�*#؊��k��o` 12l�3u�&/�zr:آR�7Ϗ9(gd%d��)NER�
rL
qjh%U-�r��f~~{ ��ߥ�wF#}y�>w'7ZcpI
^^�L}6݂�/�rϙ�,�|pqZE�L�[v�O`��cV av5 1;���=U�J!�<�ihw\rR+}�G̫�%+v�r̃4�]#@$/4}cv~
9�(kU8�Γu�Oa?&GJ�l��Ȃu�!W�MUm�~t�zf��y�@L� G�z�x��ؽ�L�HuҘ�NH��Y璚T9I� �h��5�[SG3GŕR�
���gî�#f��5Ma�Fž.JZ)5k7k"XKC�2�����ር54�&
u|�8�ʳ�ZJ5qv3Ty�9k�Y%�f+aEL4=:^CP,*ϣ��ɘVL`ǂ�6d,fqNg� epv�N{�֡��ٔ|{.j����;o�*\�$t+�n\ m{H�9Tb1�Ji�Rx`�fΔ�zlh��">y�$�L3ՄsqS)*R�L
H+Ư �3Fˁ㚆/3O6nq,
UU{My�Rf̚W��ZB�W}X`"
]1
)&!j�خOl�$o,�y
�8e3 -S`e3*%"m=O�\X��Z:4~��
�|�{Ћ7
P#I{(OU?}Py`*�e$�y�U��ri�4r�Ok
YD+(++i-^2�۹a
m.E��[��4˷�ʨKZ-�,sK"hʌg�_|�p[n)ty�z�Ć5(4CwFqp0�+_3k�Kqlϱ�˸Kz&�@�u��lʪV�uZE
VE'�svٞEA(ơd:)dnQ==!n@��
&|ݙ}}�Ȕ�ɹT״}�mX.�ߑI\!k���S@K�G��}�O)'�-JJP-]q,g$
�,�$�E,zǣx]!6�5PXx|{
`?K�X�XD�>Diz\{e"�>QP(k���u/x{qawo�zUݷ�[(
L ��$q%YUi�hj/nL0ƙ0=Ei�J}R�xY�Yj_6[�!E·˦Ծhp�C-Yj2�e'A)��`Q�?RfWWf}y*]w�I/�`�yB�N�p.�קK%y皟;$˖u��o= rHpBjO/�X��F�}9>o5�O�M1k�0fhR`A �fjuX#�aK#&WDH[�()�uu͙��B9�kI.Dz=d_5�g0Y�p-� sg#0
Z�`!�
۟b!|B<�APC��{ r
H)'4
�v):�\b;H4��VB�0FG_TJi�)4z'u�3xl�w�)�5��E_ѫ�ſ
#^i�
T
�t6~OWK0fAdQ+F+9ǭ폤sGH�y�
>8/g�`P!IBe�n1�x�AZ|l]��9�R;DZ3pu*l�hw�QגZ4ҫoeW!9���Cp0�1��l aڕ�rW�zTZ-Klw3`=Ҷ_mz|oIM2G�z1ɘZԍ A�0n�g�h;[�Q�0&x"�64�tyOy#Kx�~4q4ܘxj3u�5?�y{ho&=)ǣAl�u�9obXKgfnהŞ`4�ݥovQ8}��i?vݷ;¶"CWq�j�:Y+`*1$�Xh�HNm
d_"2�NIJn':���Ld�M�#}ݺ��Jf�:���4hAhf�l3�O7n�C]j~l]s!Txo~=ˤa���]f+{�*{�7w�o]VZ�tC.q�@�1n&��d/.)%�E *5 O�Kt�1ڬ/ۥ{HkYX�xlQ�Wg�2�#@!{��ze�GMN�i���l&Ƕs{$�;gr#@�*y�h�\]]w71%pRx656�y�(1h4Rwo8�lf4�W
�~�@�k-Ǭ§!��qZoIHj��wl['/G'鎿Z7�{cE�|3̔
u�\ kMU_s
2� |cM%�%&p$�qI7̼V�&�v
�Zqi+"@wыK�-1j-]�M&l�k�]a32Ϩ�љÚZ(+|X`ˤ~[bOO^nf�G9T,u0R�pu�K��٤�e/> �Gv�Z�~1*�JQ9R/Iϙ3n�vtg8?yc+6�nE|q헞ɣ=@G3LqI{
+;JZ�m{�n�i^:ԧS=28q�Y� |e_*U9�Gr癌sM�Sse��)8jo1(/��;ҩ�G�01xm�]{@kN�Y+�q~9�;ٯwg19x'Cq�$1f!
XZԒ�`g�0uףA8O��z���"%��:K�3#ggνs[헬&GĽ�T� gik�JSuL$PM�ai�QW=zgQ�ŴW?Z'IYt�T_p(�m35�_H<]i"S$J]�A�W�^ۃH;�S$
!̐bB�0nd7=34�+�+.�e�Ѳ�
VL�_ۏ�W�/G
f!@v�j1b��(!)�^onʕbu?E7Jq�y#H�?bPQ1T= L~۔*DQ�#k��RXCj�r.�e!b ɣKz�6/*Z~"-�8<�[H�yS¤)$(Pk�0쮊|ޭ�,K�M��5x
VpSV>nd�3�JMvKlLbXH,˾�ڟR�I�I; "&.2�|�*ʼn�陴?�*6eK1j�F�L�P�s3�I0
+RkZΜ.(RYEx�:�מo#ճ˟�Ma L�CkNp�{s}t!]�Z�㜍�7
� F�_�6�,8�U��I"�� ag�b�FHMQoXq+>*J*M|�Y���VDZ�s�I'��;#InRXT�U�3bm�B'��e�$^N!@VzqxB[ʁŭ0~�E�9pG�871|I,`*T+B� ��6@�H�3��
@Z
�b}�q�=jMyz*7�6:"a:X/�%0GN¢*Z�&�O�x--��7YZ9
�zԟ�4ge�7�r�3'�'8�g�0�����rYў/+?V<ĮҦ?��ޕ0^S0��=��?4�-i=�L&Vȇxoo}�ˈt־Jg/aQf٭���*�Lxm`ס�َ~�^|d�`ͩ�=t%ga25#Xs]9|/G��}�m8/>���3��eao$�#a^�c:��ӑ�v`j�σ@��^���ax���i �^�0Zt8_5G�yCߐ/`"u�%v%H:7Ա1tK-MGz}���#�"@`�J_^y�![\߮b~ÅHtϛKY ug�hfMS�a3�|1t=c(�G��]��Os/}=�IoJɯnY/Ím�)�uv9�.}q�#$ޟP7ིy�2�'`^[�n%=n��^mM�]/틻`b1|o«�M�~�3�O0՞XAb�䤛�t-0F0�a0x8*����q�g�?�"'I8a��vOJ�Y?t},8K1K_oje�j¿ᷬ
v~b�odp-�ps>W'L
dL[�:tNb&;�*W�ňD�KO:-cW�P�tx:]j�}*u~@%_�/��3X�$��pXBxED�==ۿ�|hEs(DUNCZK"A@3�тwB)�G6v�gS*}}ڽE̗33 q�&4.�8c`�. eW3on(zu{9?YǙ�e=O:�ˋ|)]ދ匝~��cw3�+�_g�^G.ʸ:j
u\ݲ�&�.⫽L7ŗ@9rW|k�gv"�f9^�wӋBtϠ�k?1e�Z[tym]$5v�?h�b+@M�T��6-0�V\EQZ.� [~�1{tѥcoJY*.VC|_~߉\�Mg�:<��dfph֒�_fX*l%I"q0M���+┉fne�Or�%3ߗ�H4�p�EX��ȓwu��ttowwv�{���4�1o�(c(�5?}r�闶QG}[˼
Xm
ZN�ړiİO:h��-{8R��xr1�Cv1]5��o�Ou�Ѹ-�iwT60��8{7�~�k=eO)�
x�}�-�6�Ӫ=m�%��\k66m�ͨ4$}��:-F�?_}<+�kݰ �PAgt~D)�ߣ�ީ-Y?`�P}dɷ1V^cza2Qȏ�Q
QɟDע�̩xn��¤�t'O|��D2~(�^1B�x8�n
��{�{[���$ʐ]"�gv;"dد�#5�t��h��6:ȟ�nb+nG]��@,a�`��))ȁ.bâ�J1�ʱ, <߉n9",pZ4���r䀲�e̻��4>(C^PB^]��M=1I��sp0RG�5Śx�
�K:*R%9"�@�� �Rxc�)�+h��x��B,
xLz��m���/-Iy�o[K)�6�qN"F dѴ{B.]�sI
o�JU]-OQ/��]ZX,:~�eL<^^AF�3
i��"�r\IoA�$TG*b��M�`�,~Ũ�t+YM13цX5�0~�f�DZGa�Cv̈́~|�W@O[jkwfhDPU�Uȓ�Pc3-* ;,OteK
G�"�#��;[Kx6_j���~p�R.gI*
]Z ��0>4��l�VW)KP+(ET��z0�|�=yjESZe_�ܣF 0.(̈́
9�K:��Փ>.,b'c�0ߏ1�X�R
Ys�X�Ra
)dIGX
�&Z:<}Q-mEb!&WӃR2쇁4@��
eˡW�qb\o7�J�����@cJ��4X%
_a��᷍�a�=ʚB}I+vl"m�knnBz�yJMh>#Ծ3=ǎO��?�js{56K̎-��Yqc[TrBYIc0�"_SAJ�O`�st@M}�@&((?Qץ4�?R)!l$:*<+sT1�oi#
J��\0]hîֿ�-%|Ɉs�%�L.>/�OcBz0XT8<�1_+@rL�BϲjN�T\OpY�Io��H!H]�U#
`�xcI(��z��~he{Z]
dfܙ6 �xb%T�W�.
��MU;5&6g<�9!�`(L1�3�Bx7t'l9e1q`⇔u/ـ
OC}CcPx-�r9Gl[ֺy}UJ����8�h0�.gj9T%2
&���P9
d�U
?M=/.nrj5�-i`I; aN���J���xx+�;,ۈ9�Q�"`"1aچ5c3bwp]/�oa�606^�^G>vWLQXj��*�!b3wȣ4ϓ/ ���Σg Ĩb)F_.J'e��E�t�03�7���
c�!�G )%n67p>9�/xY�,a48`�����F�"O-x�0OpW'F�:ē S3��f;.
l9�:�eO�g >{0u�3� s���RC´vx(b$�P!%�h$bcx=9`6A20=cm|?݉i2���{�}�bRQJ1|����3ʰ�LXU�ʗ�od�͒W2Vq
&JZ!
�`x�ZNrdhz߃;�G|�LBz،\{�ݾ1C�9\�9nHQ}kw.Qs��}��TIGݪ;Gէe}OL�fbv>H5m+LJY22 '�Sf�r?X�sm.4�"Gd;πW�}QX\�m�<�{#�U6j�Uzu7C�C~]c6�l^]-Zq
�YW'>;l�fhw>��t{�r:X)`�чZIe ���b�Q:o�H粕&5+8�v<(�3?Ck(^_~ܼ��(d#֗7�VF1�/?�d��Pa}Y;W?k/o7sv3��gڗ�vFwsOPi}9?π�]"c|.��/�E�|E�}/>���/2��ϋ�D�#(?A2/"�2c|/A~.3�2c:NF;:��_?2
x�:7�.�ޯP�_�2#*�>f�1~7P~U�{7MF77�$)c�F5pv�(�eK�"2SV9,.O2ʫPJ
g��~-2*ΥBK�%_7CK@Oq�ܾ:4
aq�ʍz�^S_xښꦵp-]��hp_/%^a/��^敽I%< x�Eq\+�g�لl?rnm���zqc|1h_u�$b�
V$G1x_%05�^K�t#by��ܞ0۰�lEgO�>ވ'8s }Cpzusʱ
E.g[3E.K5 D 9bH'��X��%i�W3!?c7I�TC�]�~{2#0' MĮ+fAj�|nڳ�#R:��x��<��D՚9,|Ŷr.i!aBc M�=�X`��.��s�{PN<��>x�8"�"H�"s�{B�|%wjP%n2!�%؉GGCϱiB�B0�N8|
k!
h)Ӿb,ӣ�u'�G}E5�� d{�«�U/m�F\�|gȌai'j�:BQF�A��}F垓$gg_5�b
Fy&b3@p6�+?��T|-
5�ݠ�CP6�vo�>�Lص�".h_�의VpOe])�
�'VFp)N�zQ[`+��Lܓ��~�v��0q=Ħ2|R4Mepv���R������?93�9�9j�E G8"U]ۼ#66s�Q/>¼yGW]Q籺�nal`d%+^F:H%�!Xi[��e1RpCV)�tO�拰��BVt�HEW�k,^��zeX�ѽ"'Ps:�hՆG��0^q[�KR�l@�swS
az
ٝ�˶�)E=b�농\
�Ѩ�pCTVD'����3^m'7u
ۊ|Va=r�k���`cΜ� *�φŀ��{̾���Yf#pc�ƫ�Rd�GB~DdfvX\F�ZxyU~ҥ�N�.I,'_aQd+8*)�ؐ��s���k�`�bOP���1,�sLf7=Ma�N*)As�a#�Dl���[ApN7We�s�S<"Y4.ǎ;g)O�|Y;D�5Rb&({=��z��Lk|FXK�L\Khc{żpf��#fS���
{τ �ix�v�4<1�T<���nRh1)�Lb'�kI����'�R"la,
�8�r3 ;EV Z.�t3���R/xq�{Ϣa�ʩȩ(v�U_|J�Ѭd�;j�+39ʧ=N�~�q��0X��+.9�
wާҝX;y�B(O:=q>tC*G
u[�<;�O�ot۟[a}B=FBl4*�7Y`Eqs��K7nyQueS
+Z(Ksӹn �Dv>Vl/O�P r�F˳���G`b�hPl氦j%�z'1l5ɋmEg,3!rYO~};l'�uE^8�%܆mJÁ9MR"G�Zi/%!zR4��էr0>_�V&|��Z2c{͵N_�L�m)��
|
IT Infrastructure 
