QRadar Network Packet Capture-C

QRadar® Network Packet Capture-C (MTM 4531-F2C) offers an optional QRadar Network Packet Capture-C appliance to store and manage data that is used by QRadar Incident Forensics when no other network packet capture (PCAP) device is deployed. Any number of these appliances can be installed as a tap on a network or subnetwork to collect the raw packet data.

View hardware information and requirements for the QRadar Network Packet Capture-C in the following table.

Table 1. QRadar Network Packet Capture-C
Description Value
Interfaces Two Napatech Network Adapter for fiber, providing four 10 GbE SFP+, 1GbE SFP

SR SFP+ Transceivers

SX SFP Transceivers

TX SFP Transceivers

Three 10/100/1000 Base-T network monitoring interfaces

One 10/100/1000 Base-T QRadar management interface

One 10/100/1000 Base-T integrated remote system management interface

Two 10 GbE SFP+ ports

Memory 128 GB, 8 x16 GB 2133 MT/s DDR4 RDIMM
Storage 2x 1 TB 2.5" SAS (RAID 1), 12x 6 TB 3.5" SAS (RAID5)
Power supply Dual redundant 750 W AC
Dimensions 2U, 26.92 inches deep x 17.49 inches wide x 3.44 inches high
Figure 1. QRadar Network Packet Capture-C
Image showing the back and front panels of the QRadar Network Packet Capture-C appliance.

Picture: © 2018 Dell Inc. or its subsidiaries. All Rights Reserved

Table 2. Legend for use with the QRadar Network Packet Capture-C image
Label Description
1 Packet capture storage
2 IMM port (1GbE TX)
3 External RAID DAS ports
4 Management ports (10 GbE SFP+)
5 Management ports (1 GbE TX)
6 Network packet capture (SFP/SFP+)
7 QRadar firmware storage