Supported environments for QRadar DNS Analyzer

Before you install the IBM® QRadar DNS Analyzer app, ensure that you meet the following requirements.

Restriction: With optimal configurations, the QRadar® DNS Analyzer app V1.2.0 handles a maximum of 200,000 DNS data flows per minute. In a network environment where DNS flow exceeds 200,000 per minute, some of the flows might not be analyzed.
Table 1. Requirements for the QRadar DNS Analyzer installations
Requirement Details
Supported IBM QRadar versions for 2.0.0 or later
  • QRadar 7.5.0 Update Package 3 and later
Browsers The QRadar DNS Analyzer app is supported on Google Chrome and Mozilla Firefox.
Flow source IBM® QRadar® Network Insights appliance
Log source Use either of the following log source server.
  • BIND DNS server
  • Infoblox DNS server
  • Microsoft DNS server
  • BlueCat Networks Adonis DNS server
  • Apache Proxy server
  • Squid Proxy server
  • McAfee Web Gateway server
  • Cisco IronPort Web Security Appliance
  • Check Point Firewall
Note: The DNS Analyzer app ingests domain request data from both QNI flows and server logs.
Memory (RAM) from the application pool of memory 4 GB
Free storage space from the application pool of storage space. 48 GB
Note: Use 64 GB for system optimization.
Network configuration Port 443 must be open to communicate with X-Force® Exchange.
Performance optimization Use an App Host appliance to improve the performance of the QRadar DNS Analyzer app.