QRadar Incident Forensics

Use IBM® QRadar® Incident Forensics to retrace the step-by-step actions of a potential attacker, and conduct an in-depth forensics investigation of suspected malicious network security incidents. QRadar Incident Forensics reduces the time it takes security teams to investigate offense records. It can also help you remediate a network security breach and prevent it from happening again.

View hardware information and requirements for the QRadar Incident Forensics in the following table:

Table 1. QRadar Incident Forensics
Description Value
Interfaces One 2-port Emulex 8Gbps FC

Two 10/100/1000 Base-T network monitoring interfaces

One 10/100/1000 Base-T QRadar management interface

One 10/100/1000 Base-T integrated management module interface

Two 10 Gbps SFP + ports

Memory 128 GB, 8 x 16 GB 1866 MHz RDIMM8
Storage 12 x 3.5 inch 4 TB SAS 7.2 K rpm, 48 TB total, 34 TB usable (RAID 6)
Power supply Dual Redundant 900 W AC Power Supply
Dimensions 29.5 inches deep x 17.6 inches wide x 3.4 inches high

For more information about QRadar Incident Forensics appliances, including front and back panel diagrams, see IBM System X3650 M4 BD (https://lenovopress.com/tips1102-system-x3650-m4-bd).