Tolly Group White Paper Series Sponsored by Q1 Labs: Network Security Management for Self-Defending Networks
Sponsor: Q1 Labs Inc.
All Reports Sponsored by this Vendor
Document Number: 206160
Publication Date: 11/22/2006
Page Count: 28
Abstract
Q1 Labs, Inc. commissioned The Tolly Group in October 2006 to conduct a comprehensive hands-on evaluation of QRadar, a Network Security Management (NSM) solution that combines network behavior analysis, security event correlation, vulnerability profiles and directed remediation in a single platform.
Tolly Group engineers evaluated the QRadar against the Cisco Security Monitoring, Analysis and Response System (Cisco Security MARS). Both solutions were subjected to a battery of tests in the following areas: Accuracy of threat detection, correlation of security events, data reduction, auto discovery and classification of network assets, and multivendor support.
Tests demonstrated that QRadar accurately detected more known attacks, as well as network anomalies, than did Cisco Security MARS. In addition, tests also showed that QRadar is particularly effective when distilling voluminous event and traffic data into manageable and readily understood summary information, with priority events flagged. The report is informed reading for any company considering networking security management.