Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
685
Views
0
Helpful
3
Replies

Qradar integration with pxGrid

Go to solution
umahar
Cisco Employee
Cisco Employee

‎03-01-2018 07:49 PM

Hi experts,

To my knowledge I haven't come across a pxGrid integration with Qradar or any other SIEM.

Can anyone please confirm ?

My understanding is syslogs can be directly sent over to Qradar, what added value would pxGrid integration offer ?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee

‎03-02-2018 08:56 AM

"Cisco ISE uses Cisco pxGrid technology to share contextual data with IBM QRadar SIEM. The integrated technology gives security analysts the ability to quickly and easily assess the significance of security events by correlating the expanded context with security alerts. The integration also provides QRadar with Cisco Rapid Threat Containment capability. It can then contain threats by using the network as an enforcer with VLANs or Cisco TrustSec® security groups."

https://www.cisco.com/c/dam/en/us/products/collateral/security/threat-response/solution-overview-c22-739546.pdf

"IBM Security QRadar SIEM integrates with AnyConnect NVM to form a solution that combines leadership IBM Security Intelligence capabilities with valuable contextual information about users, identities, privilege levels, and device types including mobile and BYOD."


https://blogs.cisco.com/security/pxgrid-keeps-growing

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee

‎03-02-2018 08:56 AM

"Cisco ISE uses Cisco pxGrid technology to share contextual data with IBM QRadar SIEM. The integrated technology gives security analysts the ability to quickly and easily assess the significance of security events by correlating the expanded context with security alerts. The integration also provides QRadar with Cisco Rapid Threat Containment capability. It can then contain threats by using the network as an enforcer with VLANs or Cisco TrustSec® security groups."

https://www.cisco.com/c/dam/en/us/products/collateral/security/threat-response/solution-overview-c22-739546.pdf

"IBM Security QRadar SIEM integrates with AnyConnect NVM to form a solution that combines leadership IBM Security Intelligence capabilities with valuable contextual information about users, identities, privilege levels, and device types including mobile and BYOD."


https://blogs.cisco.com/security/pxgrid-keeps-growing

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎03-02-2018 10:42 AM

Here is a listing of providers as well

https://www.cisco.com/c/m/en_us/products/security/technical-alliance-partners.html


0 Helpful

Go to solution
umahar
Cisco Employee
Cisco Employee
In response to Jason Kunst

‎03-05-2018 11:18 AM

Thanks. I talked internally and a How to Guide for Qradar should be available in few weeks.

0 Helpful
Customers Also Viewed These Support Documents