Deployment Architecture
IBM QRadar Security Information and Event Management (SIEM) is a network security management platform that provides situational awareness and compliance support. It collects, processes, aggregates, and stores network data in real-time. IBM Security QRadar SIEM has an architecture that provides real-time visibility into your IT infrastructure that you can use for threat detection and prioritization.
The Illumio Application for QRadar integrates with the Illumio Policy Compute Engine (PCE) to provide security insights into your Illumio-secured data center.
This diagram shows the data collection topology from Illumio PCE to QRadar.
The Illumio Application for QRadar provides two dashboards which are integrated into the QRadar user interface.
With east-west traffic visibility on the Security Operations dashboard, you can see potential attacks and identify compromised workloads.
The PCE Operations dashboard allows you to monitor the health of all deployed and managed PCEs.
The Illumio App for QRadar is supported with these PCE versions:
21.2.0, 21.2.1
21.5, 22.2, 22.5, 23.2, 23.5, and SaaS