Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1.

Published byFelicity Walker Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1."— Presentation transcript:

1 © 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1

2 © 2014 IBM Corporation IBM Security Systems 2 QRadar There are four supported cases: – Compromise: If the source IP is "right clicked" this IP address is sent to the XGS. This might be used in the case when the host has been infected with malware. – Reputation: If the destination IP is “right-clicked” this IP address is sent to the XGS. This represents a malicious server such as a C&C server or one hosting Malware. – Intrusion: If a source port is “right-clicked” this IP address and port combination is sent to the XGS. This can result from that client system attacking a server. – Exposure: If the destination port is "right clicked" this IP address and port combination is sent to the XGS. This might be used in the case where the service has a vulnerability.

3 © 2014 IBM Corporation IBM Security Systems 3 QRadar “right click” Integration (source address) “on the glass” integration

4 © 2014 IBM Corporation IBM Security Systems 4 QRadar “right click” Integration (source address)

5 © 2014 IBM Corporation IBM Security Systems 5 QRadar Advanced Threat Events

6 © 2014 IBM Corporation IBM Security Systems 6 QRadar 'right click' Integration (destination port) “on the glass” integration

7 © 2014 IBM Corporation IBM Security Systems 7 QRadar 'right click' Integration (destination port)

8 © 2014 IBM Corporation IBM Security Systems 8 QRadar Advanced Threat Events

9 © 2014 IBM Corporation IBM Security Systems 9 ibm.com/security

Download ppt "© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1."

Similar presentations

A Comprehensive Study for RFID Malwares on Mobile Devices TBD.

A Comprehensive Study for RFID Malwares on Mobile Devices TBD.
Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview

Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview
SIEM Based Intrusion Detection Jim Beechey May 2010 GSEC, GCIA, GCIH, GCFA, GCWN twitter: jim_beechey.

SIEM Based Intrusion Detection Jim Beechey May 2010 GSEC, GCIA, GCIH, GCFA, GCWN twitter: jim_beechey.
Abilene Transit Security Policy Joint Techs Summer ’05 Vancouver, BC, CA Steve Cotter Director, Network Services Steve Cotter Director,

Abilene Transit Security Policy Joint Techs Summer ’05 Vancouver, BC, CA Steve Cotter Director, Network Services Steve Cotter Director,
1 SANS Technology Institute - Candidate for Master of Science Degree 1 SIEM Based Intrusion Detection Jim Beechey March 2010 GSEC Gold, GCIA Gold, GCIH,

1 SANS Technology Institute - Candidate for Master of Science Degree 1 SIEM Based Intrusion Detection Jim Beechey March 2010 GSEC Gold, GCIA Gold, GCIH,
SPAM/BOTNETS and Malware  Neil Warner, CIO, GoDaddy.com  Moderator: Dan Kaplan, deputy editor, SC Magazine.

SPAM/BOTNETS and Malware  Neil Warner, CIO, GoDaddy.com  Moderator: Dan Kaplan, deputy editor, SC Magazine.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
IBM Security A New Era of Security for a New Era of Computing Pelin Konakcı IBM Security Software Sales Leader.

IBM Security A New Era of Security for a New Era of Computing Pelin Konakcı IBM Security Software Sales Leader.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
14,698 High & Critical Vulnerabilities since 2005 Source: CVE Details

14,698 High & Critical Vulnerabilities since 2005 Source: CVE Details
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Reducing False-Positives and False-Negatives in Security Event Data Using Context Derek G. Shaw August 2011.

Reducing False-Positives and False-Negatives in Security Event Data Using Context Derek G. Shaw August 2011.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.

IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.
NETWORKING PRACTICAL EXAMPLE. REQUIRED HARDWARE BASICS Network Interface Card Ethernet Cable Client Server.

NETWORKING PRACTICAL EXAMPLE. REQUIRED HARDWARE BASICS Network Interface Card Ethernet Cable Client Server.

Similar presentations

Ads by Google