“A lot of customers integrate our solution with QRadar. The brand new app offers an exceptional user interface to streamline operations significantly,” comments Petr Špringl, Director of Products at Flowmon Networks. “With the addition of Flowmon network traffic analysis provided through deep integration, enterprises are now able to rapidly analyse and prioritise detected events directly in Qradar, without the need to switch between interfaces.”
QRadar’s centralized analytics collect and process information from all devices in the enterprise network, Flowmon feeds QRadar with detailed insights into the network traffic and automatically informs it about operation problems, anomalies and possible suspicious activities.
With the new app, Flowmon customers can easily link their solution to QRadar and benefit from:
- Response to more diversified risk scenarios by adding system log sources (e.g. Authentication and ID management) to analysis.
- Streamlined execution of enterprise policies with a high level of automation.
- New views on flows and events directly in QRadar without the need to switch between two different interfaces.
The Flowmon solution creates a secure and transparent digital environment where people rule the network regardless of its complexity and nature. Using machine learning, heuristics and advanced analytics, it enables IT professionals to improve performance and reduce risk across on-premise, datacenter and cloud environments.
“We were looking for an advanced network traffic analysis solution that could be seamlessly integrated with IBM Security QRadar for security management. Flowmon proved to be the right choice, augmenting our existing data with network insights and high fidelity when detecting cyber threats. Integration of Flowmon and QRadar via the new app is the next step that creates an interactive workspace for SecOps team. Everything is done in QRadar directly which saves time on investigation and response when hunting threats infiltrating a network,” says Peter Magula, Head of IT Security Department at OTP Bank Slovakia, Member of KBC Group
Flowmon QRadar App Availability
The new Flowmon for QRadar App comes in two packages. The first is the application itself, which provides the Flowmon investigation workflow directly from the IBM QRadar interface. The second package includes the connector (DSM) and log correlation rule set for the received syslog data. Both packages are available as a free-of-charge extension through IBM Security App Exchange for Flowmon customers with valid Gold or Premium support.