In This Section

Products

• QRadar Family Overview
• QRadar
• QRadar SLIM
• QRadar SLIM FE
• Supported Devices

Products: Supported Devices

QRadar accepts data from a wide range of devices, including:

Antivirus

• McAfee, e-Policy Orchestrator
  
• Symantec, System Center and Antivirus Client
  
• Trend Micro, Antivirus

Authentication and DHCP

• Cisco, ACS (Authentication Control Server)
  
• Cisco, NAC Appliance
  
• ForeScout, CounterACT
  
• Generic Authentication Server
  
• Juniper, Steel Belted Radius
  
• Linux, Red Hat DHCP logs
  
• MetaInfo, MetalIP DHCP Server
  
• Microsoft, IAS
  
• Microsoft, DHCP Server
  
• Sun, Solaris DHCP Server
  
• Symark Power Broker

Databases

• Microsoft, SQL Server
  
• Oracle (v9i, v10G)
  
• Oracle Database Listener

Firewalls/VPN

• Check Point, FireWall-1 & OPSEC (NG, FP1, FP2, FP3, AI R54, NGX R60)
  
• Cisco, FWSM
  
• Cisco, IOS Firewall
  
• Cisco, PIX Firewall
  
• Fortinet
  
• Generic Firewall Device Support
  
• Juniper, NetScreen Firewall
  
• Linux, Iptables
  
• Nokia, Firewall
  
• Nokia, IP Series
  
• Nortel, Switched Firewall
  
• Secure Computing, Cyberguard
  
• Symantec, SGS Appliance

Generic/Custom

• Any custom device that emits Syslog, SNMP, or SDEE.
  
• File-based logs can be sent via syslog, FTP, SFTP and SCP
  
• Events retrieved via JDBC

Host Logs

• Apple OSX
  
• Cisco, Security Agent (CSA)
• IBM, AIX
  
• Microsoft, Windows
  
• Open source, Linux
  
• Open BSD, Linux
  
• Redhat, Linux
  
• Sun, Solaris

Intrusion Detection

• Cisco, CSA
  
• Cisco, IDS
  
• Enterasys, Dragon
  
• Fortinet Fortigate FortiGuard
  
• Juniper, ISG
  
• Network Associates, McAfee Entercept
  
• Niksun, NetVCR
  
• SNORT
  
• SourceFire, Intrusion Sensor
  
• Trust Wave IPAngel

Intrusion Prevention

• Cisco, IPS
  
• ForeScout, CounterACT
  
• IBM Site Protector & Proventia
  
• Juniper, NetScreen IDP
  
• McAfee Intrushield
  
• Nortel, Threat Protection System
  
• Tipping Point, X Series
  
• Top Layer, IPS 5500
  
• Trust Wave IPAngel

Management Platforms

• Enterasys Dragon
  
• ISS, Site Protector
  
• Juniper, Infranet Controller
  
• Juniper, Netscreen Security Manager
  
• Tripwire Enterprise/Manager

Routers/Switches

• 3Com, 8800 Series Switch
  
• Cisco, CatOS
  
• Cisco, Catalyst Switches
  
• Cisco, Routers
  
• Enterasys, Matrix Router
  
• Extreme Extremeware
  
• F5, BIG IP
  
• Juniper, Router
  
• Nortel, BayRS, NAS, Secure Router

Security Appliance & UTM

• Fortinet
  
• Juniper, DX Platform
  
• Juniper, Integrated Security Gateway
  
• Juniper Secure Services Gateway
  
• Secure Computing, SideWinder G2
  
• SonicWall UTM
  
• Tipping Point, X Series and SMS
  
• Vericept, Content 360

VPN

• Array Networks, ArraySP SSL VPN
  
• Check Point, VPN-1
  
• Cisco, ASA
  
• Cisco, VPN _000 Series Concentrator
  
• Cisco, VPN 3000 Concentrator
  
• Juniper, RA/SA Series SSL VPN
  
• Juniper, RA/SA SSL VPN
  
• Nokia, IP Series
  
• Nortel, VPN Gateway, VPN Router
  
• Secure Computing, Cyberguard

Web Server, Proxies, Mail, Other

• Apache, HTTP Server
  
• BlueCoat SG
  
• F5, Load Balancer
  
• Microsoft, Exchange
  
• Microsoft, IIS
  
• ProFTP, FTP
  
• Squid, Web Cache
  
• Sun, Sendmail

Vulnerability Scanners*

• eEye REM
  
• Foundscan
  
• Juniper NSM Profiler
  
• nCircle IP360
  
• Nessus
  
• NMap
  
• Qualys
  
• Rapid7 NeXpose
  
• SecureScout

Network and Application Flow Data*

• Q1 Labs, QFlow w/Layer 7 application identification
  
• Cisco, NetFlow NDE versions 1, 2, 5, 7 and 9
  
• Foundry, S-Flow
  
• Juniper, J-Flow
  
• Packeteer, FDR – Flow Data Records

* NOTE: Not supported in QRadar SLIM

(Please contact your Q1 Labs' representative for the most up-to-date list of supported devices.)