Cisco Blogs

Cisco Firepower + IBM QRadar: Integration for Enhanced Security Protection

- March 14, 2018 - 4 Comments

Cybercriminals are more creative, more relentless, and more strategic than ever, working feverishly to extract as much sensitive data as they can, and often inflicting considerable damage upon today’s businesses.  Considering the dynamic, ever-growing threat landscape that continues to increase security blind spots, response teams find themselves lost amid the growing complexity of defending their networks.  Security analysts find themselves, aimlessly, chasing down a myriad of security incidents and alerts as a result of the multiple vendor products under their management.  Without integrated tools that capture, correlate and prioritize these incidents, rapidly analyzing and remediating threats becomes extremely challenging, if impossible.

These security challenges highlight the imperative for tighter, more integrated security solutions that provide security analysts with tools to detect, block, and remediate threats in real-time to protect the business.

This is where Cisco Security and IBM Security have partnered to tackle these challenges by providing robust, integrated security solutions.  We have integrated our Firepower (Next-Generation Firewall) technology with IBM’s QRadar SIEM to provide a network security solution that simplifies and accelerates threat defense for security analysts.  This integration provides the ability to quickly identify and eliminate suspicious activity within their network, making it easy to protect their critical resources.  This technology collaboration provides simple, open, and automated security for fast threat detection that:

  • Enhances visibility across the entire network, cloud, and endpoints.
  • Reduces incident response times, allowing faster threat identification and containment.
  • Delivers deep, rich insights for threat investigation and remediation.

Together, Firepower + QRadar delivers a tightly integrated security architecture that easily adapts to rapidly changing threats, and protects businesses as they continue to innovate and grow.

For more details about our Firepower integration with QRadar, please visit Firepower+QRadar Integration.


In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. I suspect that you guys have never actually had to use qradar in a real world scenario.

    • It is interesting reading your comment -- I was responsible for leading teams of then incompetent millennials in multi-million deployment projects in over 5 fortune 50 customers in the US as well as large companies in Canada, Singapore and Australia. So would these qualify as "Real World Scenarios"? And yes, because of the incompetent technical staff, over 50% failed due to the lack of security and technical skills needed in this area.

    • Not you ExIBM. Cisco!

  2. I was part of the QRadar global consulting team. Almost al of our projects failed due to the ineptness of the unskilled millennials IBM hires for these project because they can get them cheap. They lack in basic IT skills and have very little security practice knowledge, but that leads to massive failure and mad and disappointed customers. On top of all this they lie to customers in the project status meeting telling the customer -- more has been completed than has been. QRadar is a great product -- unfortunately IBM people lack the skills to install, configure and maintain it.