IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Multi-tenant enviornment to restrict rules & IPS records

    Posted Mon December 16, 2024 12:12 AM

    Hi SMEs, i am seeking answer on multi-tenant resources restriction. This is a all together a new requirement where we would like to on-board one more customer to the existing environment using multi-tenant feature. Having some doubt on how to split the data and make rules, report, dashboards & other IPR records so that SOC team (3rd party) will be managing the other customer shouldn't have access to existing customer's records (rules, network hierarchy, report, dashboard and other configuration). Please suggest



    ------------------------------
    M Pa
    ------------------------------


  • 2.  RE: Multi-tenant enviornment to restrict rules & IPS records

    Posted Tue December 17, 2024 08:15 AM
    Are the rules the same for all the tenants or slightly different? I
    will focus on the easiest and continue with the most tedious ones

    --
    Louis O. Anibaba
    Cyber-Security Analyst III
    Qradar Engineer IV
    Qualys Administrator
    714-276-4121


    Original Message


  • 3.  RE: Multi-tenant enviornment to restrict rules & IPS records

    Posted Wed December 18, 2024 04:35 AM

    Hi Louis, thanks for your response. Here i would like to check the rules & other configuration developed for one Tenant can not be seen or edited by other Tenant admin. 



    ------------------------------
    M Pa
    ------------------------------

    Original Message


Related Content