Founded in 2001, Q1 Labs is a global provider of high-value, cost-effective, risk management, security information and event management (SIEM) and log management products. The growing company provides a flexible, easy-to-use family of offerings – the QRadar Security Intelligence Platform – that allows customers to meet their individual security management and compliance requirements, both in physical and virtual environments. Q1 Labs is a US based company with headquarters located in Waltham, MA with sales and support offices throughout North America and Europe. The company also has research & development and customer support centers in Belfast, Northern Ireland and in Fredericton, New Brunswick.

Q1 Labs in Leaders Quadrant of 2011 Gartner SIEM Magic Quadrant Report. Read the full Report

Product Line

  • QRadar SIEM: QRadar SIEM delivers the industry’s only solution that enables security professionals to gain the visibility they need to protect their networks better protects IT assets from a growing landscape of Cyber-war and Cyber-crime driven threats and meet current and emerging compliance mandates. learn more
  • QRadar Log Manager: QRadar Log Manager is a comprehensive solution for organizations that are looking to implement a distributed log management offering to collect, archive, and analyze network and security event logs. learn more
  • QRadar Risk Manager: QRadar Risk Manager provides organizations with a pre-exploit solution that allows network security professionals to assess what risks exist during and after an attack, while also answering many “What if?” questions ahead of time, which can greatly improve operational efficiency and reduce network security risks. learn more
  • Network Activity Monitors: Network activity monitoring is a security fundamental that some organizations do without, at their peril. Effective analysis of network session activity, or flow data, involves the collection and detailed classification of network behavior, as well as the ability to correlate network activity against log events and other security activities across your entire network. learn more
  • Application Activity Monitors: Application Aware network monitoring enables stateful information about all conversations at the application layer and provides a more thorough understanding of complex applications including voice over IP (VoIP), Multimedia, ERP and database. QRadar Application Monitor gathers knowledge from a deep examination of every packet within a conversation and provides a more detailed application level context. This information, when correlated with network and security events, enables a more advanced analysis of the overall security posture of the network.  Furthermore, the application content that is captured provides key forensic data and evidence for analyzing the true impact of threats – notably those that include potential data leakage. learn more
  • QRadar HA: QRadar HA delivers automatic failover and full disk synchronization between systems – a capability that is typically only available with costly, manually-implemented software and storage solutions. learn more
  • QRadar Log Manager FE: Security Intelligence Solutions from Q1 Labs are the standard for centralized monitoring of enterprise network and security information in over 1,600 organizations worldwide. Now you can download a free version of our award winning log management solution. learn more


Supported Devices

The Q1 Labs Security Intelligence Partner Program fosters closer technical and business collaboration with vendors that provide complementary solutions. Through this program, Q1 Labs co-develops integration with industry-leading network and security solutions:


  • McAfee AV/e-Policy Orchestrator
  • Sophos Enterprise Console
  • Symantec System Center and Antivirus Client
  • Trend Micro Antivirus
  • Trend Micro Control Manager

Authentication and DHCP:

  • Bridgewater Systems, Service Controller
  • Cisco ACS (Authentication Control Server)
  • Cisco NAC Appliance
  • Cyber Ark PIM Suite
  • ForeScout CounterACT
  • FreeRadius RADIUS Server
  • Generic Authentication Server
  • Juniper Steel Belted Radius
  • Lieberman Software
  • Linux Red Hat DHCP logs
  • MetaInfo MetalIP DHCP Server
  • Microsoft DNS
  • Microsoft IAS
  • Microsoft DHCP Server
  • RSA Authentication Manager
  • Sun Solaris DHCP Server
  • Symark Power Broker


  • IBM DB2
  • IBM Informix
  • Microsoft SQL Server
  • Oracle (v9i, v10G)
  • Oracle Audit Vault
  • Oracle Database Listener
  • Sybase ASE Database
  • Imperva SecureSphere

Storage Management:

  • NetApp Data ONTAP


  • Cisco ACE Firewall
  • Check Point, FireWall-1 & OPSEC (NG, FP1, FP2, FP3, AI R54, NGX R60)
  • CheckPoint Endpoint Security
  • Cisco FWSM
  • Cisco IOS Firewall
  • Cisco PIX Firewall
  • Enterasys NAC
  • Fortinet
  • Generic Firewall Device Support
  • Juniper NetScreen Firewall
  • Juniper Secure Access SA
  • Linux Iptables
  • Nokia Firewall
  • Nokia IP Series
  • Nortel Switched Firewall
  • PaloAlto Networks PA Series
  • Secure Computing Cyberguard
  • Symantec SGS Appliance


  • Any custom device that emits Syslog, SNMP, or SDEE.
  • File-based logs can be sent via syslog, FTP, SFTP and SCP
  • Events retrieved via JDBC
  • Log Event Enhanced Format(LEEF)
  • Asset Exchange Information Source(AXIS)

Host Logs

  • Apple OSX
  • CA ACF2
  • CA Top Secret
  • Cisco, Security Agent (CSA)
  • EMC VMWare ESX vSphere
  • IBM, AIX
  • Microsoft Windows
  • IBM AS/400 iSeries (OS 400)
  • Open source Linux
  • Open BSD Linux
  • Redhat Linux
  • Sun Solaris
  • HP Tandem
  • HP/UX

Intrusion Detection:

  • Cisco CSA
  • Cisco IDS
  • Enterasys Dragon
  • Fortinet Fortigate FortiGuard
  • Juniper ISG
  • Network Associates McAfee Entercept
  • Niksun NetVCR
  • SourceFire Intrusion Sensor
  • Trust Wave IPAngel

Intrusion Prevention

  • Bit9 Parity
  • Cisco, IPS
  • FireEye
  • ForeScout CounterACT
  • IBM Site Protector & Proventia
  • Juniper NetScreen IDP
  • McAfee Intrushield
  • Nortel Threat Protection System
  • Sourcefire Defense Center (syslog and eStreamer)
  • Radware Defense Pro
  • Symantec Endpoint Protection
  • Tipping Point X Series
  • Top Layer IPS 5500
  • Trust Wave IPAngel

Management Platforms

  • Enterasys Dragon
  • Enterasys NetSight ASM
  • Fair Warning
  • IBM Domino (Notes)
  • IBM Websphere
  • ISS Site Protector
  • Juniper Infranet Controller
  • Juniper Netscreen Security Manager
  • McAfee e-Policy Orchestrator
  • McAfee Change Control (Solidcore)
  • Microsoft MOM 2005
  • Microsoft SCOM 2007
  • Oracle BEA WebLogic
  • Starent Networks Home Agent
  • Tripwire Enterprise/Manager


  • 3Com, 8800 Series Switch
  • Cisco CatOS
  • Cisco Catalyst Switches
  • Cisco NSEL
  • Cisco Routers
  • Enterasys Matrix Router
  • Extreme Extremeware
  • F5 ASM
  • F5 BIG IP
  • HP Procurve
  • Juniper Router
  • Nortel BayRS NAS, Secure Router

Point of Sale/Measurement:

  • ITron OpenWay
  • Radiant PSeries

Security Appliance & UTM:

  • Astaro Security Gateway
  • Fortinet
  • Juniper AUM
  • Juniper DPI
  • Juniper MX
  • Juniper DX Platform
  • Juniper Integrated Security Gateway
  • Juniper Secure Services Gateway
  • Juniper SRC
  • Juniper SRX Gateway
  • Secure Computing SideWinder G2
  • SonicWall UTM
  • Sophos PureMessage
  • Tipping Point X Series and SMS
  • Vericept Content 360
  • Websense Security


  • Array Networks, ArraySP SSL VPN
  • Check Point VPN-1
  • Cisco ASA
  • Cisco VPN 3000 Series Concentrator
  • Cisco VPN 3000 Concentrator
  • Juniper RA/SA Series SSL VPN
  • Juniper RA/SA SSL VPN
  • Nokia IP Series
  • Nortel VPN Gateway VPN Router
  • Secure Computing Cyberguard

Wireless Management:

  • Motorola Symbol Access Point
  • Aruba Wireless Management Controller
  • Cisco Aironet
  • Enterasys HiGuard Wireless

Web Server, Proxies, Mail, Other:

  • Apache, HTTP Server
  • BlueCoat SG
  • Cisco Ironport
  • CryptoCard CryptoShield
  • F5 Load Balancer
  • Microsoft DHCP
  • Microsoft Exchange
  • Microsoft IIS
  • Microsoft ISA
  • ProFTP FTP
  • Squid Web Cache
  • Starent Networks Home Agent
  • Sun Sendmail

Vulnerability Scanners*:

  • eEye REM
  • McAfee Foundstone Foundscan
  • Juniper NSM Profiler
  • nCircle IP360
  • Nessus
  • NMap
  • Patchlink (Lumension/Harris) Scan
  • Qualys
  • Rapid7 NeXpose
  • Saint
  • SecureScout

Network and Application Flow Data*:

  • Q1 Labs, QFlow w/Layer 7 application identification
  • Cisco NetFlow NDE versions 1, 2, 5, 7 and 9
  • Cisco NSEL Netflow v9
  • Foundry S-Flow
  • Juniper J-Flow
  • Packeteer FDR – Flow Data Records

* NOTE: Not supported in QRadar Log Manager


For more information

Please visit or contact us by phone at 02-210-0969 , by email at