How QRadar Pricing Works

IBM QRadar pricing is determined by the number of event logs per second and network flow logs per minute the SIEM must ingest.

On average, QRadar will replace 6 customer installed security products. Furthermore, QRadar is considered by industry experts to be one of the most advanced and mature SIEM tools on the market, that can also integrate with a customer’s existing security defenses.

• Volume pricing discounts are provided for all QRadar SIEM product lines, including on premise appliances, software licenses, virtual hardware (any customer provided VMware infrastructure), as well as QRadar SIEM in the Cloud, SaaS and hosted managed SIEM service offerings.
  
  
• QRadar pricing is considerably low in comparison to other SIEM tools when factoring in the total cost of ownership variables.
  
  
• The QRadar SEIM Security Intelligence platform provides a completely integrated SOC package for companies of all sizes, without having to purchase additional features and services to make it successfully work out of the box to address cybersecurity, internal threats and identifying vulnerabilities.

There are in fact a number of variables that should be considered when comparing QRadar pricing and total cost of ownership to other SIEM tools. On average, QRadar pricing for initial licenses, on-going support and maintenance for a small company will cost around $155K over three years, a mid-sized company 3 year cost average is $645K, and one of IBM’s largest SIEM customers with over $20B in revenue and 32,000 employees averaged a 3 year cost of $5.048M. Pricing estimates were provided by a study done by Forrester, “The Total Economic Impact Of IBM QRadar Security Intelligence Platform”. These cost estimates do not take into account the savings or ROI benefits that significant risk adjustments have provided these companies.

• Speed and effectiveness of detecting real threats and vulnerabilities
• Increased incident response times (real threats discovered and isolated quickly)
• Fewer forensic investigations (better vulnerability detection)
• Support for more third-party applications and log sources
• Lower compliance and administrative costs due to better auditing and reporting
• Decrease in workloads (less false positives)
• Legacy systems and general infrastructure support and integration

Note: Cybersecurity AI and User Behavior Analytics technology can be attributed to some of the above mentioned ROI benefits, they also considerably enhance administrators and security analyst’s abilities and skillsets when implementing and using QRadar on a daily basis.

To receive a price quote or estimate, contact us with the quantities of the below infrastructure details that you want included in your QRadar SIEM Security Intelligence platform from each site (primary data center and remote sites separately). Note: QRadar SIEM has no event log per second or network flow per minute maximum. Your QRadar deployment will only be limited by the scope your company decides. For a complete understanding of how different event log and network flow types (NetFlow, J-Flow, sFlow, vFlow, and QFlow) contribute to identifying cybersecurity threats and vulnerabilities, please schedule a demonstration or watch the below short video demo.

• AD, ESX, DNS, DHCP and Authentication Servers
• Windows IIS and Exchange Servers
• Windows Servers (general purpose)
• Unix and Linux Servers (general purpose)
• Antivirus and Antimalware Servers
• Database Servers
• Proxy/Web Application Firewall Servers
• Core, Large Firewalls (exposed to the public internet)
• Small, Edge, Internal Firewalls (intranet)
• IDS, VPN, IPS, WAF, DAM, DLP, LB systems
• VPN Instances
• Routers, Switches and Wireless devices
• IBM i iSeries AS400 LPARs (can include: QAUDJRN, QHST, QSYSOPR, DB2 FIM, Performance, Network Traffic from Exit Programs)
• IBM Mainframe z Series (can include: RACF, CICS and DB2)
• Other Servers (provide Manufacture Type)
• Critical 3^rd Party Applications
• Total Number of Workstations
• Total Number of Servers
• Number of Months for Log Retention on-line
• Bandwidth
• SEIM Product Preference: Appliance, Virtual, Cloud, SaasS or hosted/fully managed

QRadar SIEM Demonstration

*Also see QRadar Pricing on all IBM SIEM Security Intelligence Product Prices
(including QRadar Hardware Appliances)