Products: Supported Device List
QRadar accepts data from a wide range of devices including:
Anti Virus
- McAfee, e-Policy Orchestrator
- Symantec, System Center and Anti Virus Client
- Trend Micro, AntiVirus
Authentication and DHCP
- Cisco, ACS (Authentication Control Server)
- Cisco, NAC Appliance
- ForeScout, CounterACT
- Generic Authentication Server
- Juniper, Steel Belted Radius
- Linux, Red Hat DHCP logs
- MetaInfo, MetalIP DHCP Server
- Microsoft, IAS
- Microsoft, DHCP Server
- Sun, Solaris DHCP Server
- Symark Power Broker
Databases
- Microsoft, SQL Server
- Oracle (v9i, v10G)
- Oracle Database Listener
Firewalls/VPN
- Check Point, FireWall-1 & OPSEC (NG, FP1, FP2, FP3, AI R54, NGX R60)
- Cisco, FWSM
- Cisco, IOS Firewall
- Cisco, PIX Firewall
- Fortinet
- Generic Firewall Device Support
- Juniper, NetScreen Firewall
- Linux, Iptables
- Nokia, Firewall
- Nokia, IP Series
- Nortel, Switched Firewall
- Secure Computing, Cyberguard
- Symantec, SGS Appliance
Generic/Custom
- Any custom device that emits Syslog, SNMP, or SDEE.
- File based logs
- Events retrieved via JDBC
Host Logs
- Apple OSX
- Cisco, Security Agent (CSA)
- IBM, AIX
- Microsoft, Windows
- Open source, Linux
- Open BSD, Linux
- Redhat, Linux
- Sun, Solaris
Intrusion Detection
- Cisco, CSA
- Cisco, IDS
- Enterasys, Dragon
- Fortinet Fortigate FortiGuard
- Juniper, ISG
- Network Associates, McAfee Entercept
- Niksun, NetVCR
- SNORT
- SourceFire, Intrusion Sensor
- Trust Wave IPAngel
Intrusion Prevention
- Cisco, IPS
- ForeScout, CounterACT
- IBM Site Protector & Proventia
- Juniper, NetScreen IDP
- McAfee Intrushield
- Nortel, Threat Protection System
- Tipping Point, X Series
- Top Layer, IPS 5500
- Trust Wave IPAngel
Management Platforms
- Enterasys Dragon
- ISS, Site Protector
- Juniper, Infranet Controller
- Juniper, Netscreen Security Manager
- Tipping Point, SMS
- Tripwire Enterprise/Manager
Routers/Switches
- 3Com, 8800 Series Switch
- Cisco, CatOS
- Cisco, Catalyst Switches
- Cisco, Routers
- Enterasys, Matrix Router
- Extreme Extremeware
- F5, BIG IP
- Juniper, Router
- Nortel, BayRS, NAS, Secure Router
Security Appliance & UTM
- Fortinet
- Juniper, DX Platform
- Juniper, Integrated Security Gateway
- Juniper Secure Services Gateway
- Secure Computing, SideWinder G2
- SonicWall UTM
- Tipping Point, X Series
- Vericept, Content 360
VPN
- Array Networks, ArraySP SSL VPN
- Check Point, VPN-1
- Cisco, ASA
- Cisco, VPN _000 Series Concentrator
- Cisco, VPN 3000 Concentrator
- Juniper, RA/SA Series SSL VPN
- Juniper, RA/SA SSL VPN
- Nokia, IP Series
- Nortel, VPN Gateway, VPN Router
- Secure Computing, Cyberguard
Web Server, Proxies, Mail, Other
- Apache, HTTP Server
- BlueCoat SG
- F5, Load Balancer
- Microsoft, Exchange
- Microsoft, IIS
- ProFTP, FTP
- Squid, Web Cache
- Sun, Sendmail
Vulnerability Scanners*
- Foundscan
- nCircle
- Nessus
- NMAP
- Qualys
- Rapid7
Network and Application Flow Data*
- Q1 Labs, QFlow w/Layer 7 application identification
- Cisco, NetFlow NDE versions 1, 2, 5, 7 and 9
- Foundry, S-Flow
- Juniper, J-Flow
- Packeteer, FDR – Flow Data Records
*Not supported in QRadar SLIM
(Please contact your Q1Labs representative for the most up-to-date list of supported devices)