The Vectra AI Platform provides coverage, clarity, and control across the entire modern network. Coverage for attackers’ moves across all of your network, identity, and cloud threat surfaces. AI signal clarity prioritizes attacks with AI assistants to automatically triage, correlate, and prioritize threats across domains. We put you in control with context to discover, hunt, investigate, and stop attacks early in their progression - all while spending less time prioritizing alerts.
Software updates, including new threat intelligence and detection algorithms, are included with your license. They are delivered to your system on a regular basis to ensure continuous protection from the latest threats. Vectra Match customers can also choose to enable automated curated ruleset updates that provide signature updates.
Vectra appliances are supported in traditional physical on-prem, virtual hypervisor, and IaaS cloud environments. Vectra supports AWS, Azure, and GCP clouds along with VMware, Hyper-V, Nutanix, and KVM hypervisors. Vectra continually evaluates customer demand for support of new environments. Please check with your account team for questions on future plans.
X-Series and S-Series appliances can perform “Sensor” duties, passively capturing network traffic out-of-band and forwarding a metadata stream to the“Brain” appliance for further processing. B-Series and X-Series appliances can serve as the Brain for your deployment. They run network detection models locally and serve as customer side integration point for added coverage, response, and context enhancement options. The Brain appliance is connected to the Vectra cloud where the Respond UX provides the UI along with advanced features such as Instant Investigation and AI-Assisted Search. In Quadrant UX deployments, the Brain appliance serves the classic Vectra UI locally.
Network traffic can be directed to appliances through physical SPAN/Copy/Mirror ports, TAPs, and packet brokers. Native cloud packet forwarding options are supported such as VPC Traffic Mirroring (AWS), VTAP (Azure), and NSI (GCP). Hypervisor based packet forwarding options are also supported. Vectra Sensors support a variety of encapsulation methods such as VXLAN andGENEVE. For additional detail, please see the Vectra NDR (Detect) and Network Identity Architecture Overview.
物理的なアプライアンスの仕様
X3
X29/M29*
X47/M47*
Management Interfaces (MGT)
2 x 1GbE Copper
2 x 1 GbE銅
2 x 1 GbE銅
Capture Interfaces†
2 x 1 GbE Copper 2 x 10 GbE SFP+
2 x 1 GbE Copper 2 x 10 GbE SFP+
2 x 1 GbE Copper 2 x 10/25 GbE SFP28
Alternate Interface Configuration
該当なし
Yes, see footnote
Yes, see footnote
Paired Sensors††
150
150
150
Tracked Hosts1
100,000
150,000
150,000
センサーモード性能
9 Gbps
15 Gbps
20 Gbps
ミックスド・モードのパフォーマンス
8 Gbps
8 Gbps
15 Gbps
ブレイン・モードのパフォーマンス
14 Gbps
20 Gbps
30 Gbps
Match Throughput
Sensor 3 Gbps Mixed 1 Gbps
Sensor 9 Gbps Mixed 4.6 Gbps
Sensor 13 Gbps Mixed 6 Gbps
入力電圧
Dual power supplies, auto sensing 100-240 VAC, 50-60 Hz
Dual power supplies, auto sensing 100-240 VAC, 50-60 Hz
Dual power supplies, auto sensing 100-240 VAC, 50-60 Hz
パワー
Normal: 277 W (945 BTU/h) Max: 392 W (1338 BTU/h)
Normal: 296 W (10010 BTU/h) Max: 337 W (1150 BTU/h)
Normal: 602 W (2204 BTU/h) Max: 866 W (2966 BTU/h)
現在
3.5 A at 110 VAC 1.7 A at 220 VAC
2.9 A at 110 VAC 1.5 A at 220 VAC
8.0 A at 110 VAC 3.9 A at 220 VAC
寸法
42.8 mm (1.685 inches) H 482 mm (18.976 inches) W 662.19 mm (26.070 inches) D
42.8 mm (1.685 inches) H 482 mm (18.976 inches) W 787.04 mm (30.99 inches) D
42.8 mm (1.685 inches) H 482 mm (18.976 inches) W 787.04 mm (30.99 inches) D
重量
16.6キロ(36.6ポンド)
17.5 kg (38.6 lb)
20.3キロ(44.8ポンド)
環境
Operating temperature 10° to 35° C (50° to 95° F) Non-operating temperature -40° to 65° C (-40° to 149° F) Airflow: Front to back, 26 CFM = 12.3 l/s Sound Power 3.8 bels
Operating temperature 10° to 35° C (50° to 95° F) Non-operating temperature -40° to 65° C (-40° to 149° F) Airflow: Front to back, 35.8 CFM = 16.9 l/s Sound Power 7.2 bels
Operating temperature 10° to 35° C (50° to 95° F) Non-operating temperature -40° to 65° C (-40° to 149° F) Airflow: Front to back, 111.8 CFM = 52.8 l/s Sound Power 8.4 bels
MTBCF
45,700 hours
87,600 hours
97,300 hours
Alternate Interface Configuration: *For the X29/M29 and X47/M47 appliances, one of the 10 GbE SFP+ ports that are normally used for capture traffic can be configured to be used as a management interface. When configured as such, the original MGT1 copper port would be unused.
Please see the quick start guides for these appliances for full details and how to configure the alternate interface configurations.
S1**
S11
S101
Management Interfaces (MGT)†
2 x 1 GbE銅
2 x 1 GbE銅
2 x 10 GbE SFP+
Capture Interfaces†
4 x 1 GbE Copper 2 x 10 GbE SFP+
2 x 1 GbE銅
2 x 10 GbE SFP+ 2 configurable to: 10/25 GbE SFP28, 40 GbE QSFP, 100 GbE QSFP28
Alternate Interface Configuration
Yes, see footnote
該当なし
該当なし
センサーモード性能
1 Gbps
2 Gbps
50 Gbps
Match Throughput
600 Mbps
1.2 Gbps
33 Gbps
入力電圧
単一外部電源、自動感知100-240VAC、50-60Hz
単一電源、自動感知 100-240VAC、50-60Hz
Dual power supplies, auto sensing 100-240 VAC, 50-60 Hz
パワー
Normal: Not available Max: 45W (154 BTU/h)
Normal: 152 W (519 BTU/h) Max: 186 W (635 BTU/h)
Normal: 615 W (2098 BTU/h) Max: 868 W (2962 BTU/h)
現在
2.0 A at 100 VAC 1.0 A at 240 VAC
1.7 A at 110 VAC 0.8 A at 220 VAC
7.9 A at 110 VAC 3.8 A at 220 VAC
寸法
52 mm (2.04 in) H 208 mm (8.18 in) W - 200 mm (7.87 in) D
42.8 mm (1.685 inches) H 434 mm (17.1 inches) W 535 mm (22.6 inches) D
42.8 mm (1.685 inches) H 482 mm (18.976 inches) W 808.5 mm (31.8 inches) D
重量
Without power supply unit (PSU): 1.4 kg (3.1 lb) Including power supply and packaging: 4.9 kg (10.8 lb)
12.2 kg (26.9 lb)
21 kg (46.3 lb)
環境
Operating temperature 0° to 40° C (32° to 104° F) Non-operating temperature -40° to 70° C (-40° to 158° F) Airflow: In bottom, out sides and back, 10 CFM = 4.7 l/s Sound Power 4.8 bels
Operating temperature 0° to 40° C (32° to 104° F) Non-operating temperature -40° to 70° C (-40° to 158° F) Airflow: Front to back, 11.4 CFM = 5.4 l/s Sound Power 5.7 bels
Operating temperature 10° to 35° C (50° to 95° F) Non-operating temperature -40° to 65° C (-40° to 149° F) Airflow: Front to back, 61.6 CFM = 29.1 l/s Sound Power 7.6 bels
MTBCF
445,000 hours
109,000 hours
107,000 hours
Alternate Interface Configuration:
**For the S1 appliance, both management and capture ports can be configured to use one of the 10 GbE SFP+ ports for either management or capture use. In the default configuration, only the cooper interfaces are used. This results in4 different potential interface configurations for the S1 appliance.
Please see the quick start guides for these appliances for full details and how to configure the alternate interface configurations.
B101
B127
Management Interfaces (MGT)†
2 x 10 GbE SFP+
2 x 10/25 GbE SFP28
Capture Interfaces
該当なし
該当なし
Alternate Interface Configuration
該当なし
該当なし
Paired Sensors††
500
500
Tracked Hosts1
300,000
300,000
センサーモード性能
該当なし
該当なし
ミックスド・モードのパフォーマンス
該当なし
該当なし
ブレイン・モードのパフォーマンス
75 Gbps
75 Gbps
Match Throughput
該当なし
該当なし
入力電圧
Dual power supplies, auto sensing 100-240 VAC, 50-60 Hz
Dual power supplies, auto sensing 100-240 VAC, 50-60 Hz
パワー
Normal: 604 W (2061 BTU/h) Max: 846 W (2887 BTU/h)
773 W (2638 BTU/h) Max: 1149 W (3920 BTU/h)
現在
7.7 amps at 110 VAC 3.7 amps at 220 VAC
10.7 amps at 110 VAC 5.3 amps at 220 VAC
寸法
42.8 mm (1.685 inches) H 482 mm (18.976 inches) W 808.5 mm (31.8 inches) D
42.8 mm (1.685 inches) H 482 mm (18.976 inches) W 787.04 mm (30.99 inches) D
重量
21 kg (46.3 lb)
20.3キロ(44.8ポンド)
環境
Operating temperature 10° to 35° C (50° to 95° F) Non-operating temperature -40° to 65° C (-40° to 149° F) Airflow: Front to back, 61.6 CFM = 29.1 l/s Sound Power 7.6 bels
Operating temperature 10° to 35° C (50° to 95° F) Non-operating temperature -40° to 65° C (-40° to 149° F) Airflow: Front to back, 111.8 CFM = 52.8 l/s Sound Power 8.4 bels
MTBCF
109,000 hours
132,000 hours
† SFP Options : For any appliance that supports SFP interface (SFP+, SFP28, QSFP, QSFP28, etc), please see the SFPs and QSFPs supported in Vectra appliances article on the Vectra support site for additional details and note the following regarding which can be included free as part of your order, or added to your order for an additional cost:
Up to 2 (if supported by your appliance model), SFP, SFP+, or SFP28 modules can be included at no additional cost in your appliance order.
This is valid for each appliance in your order.
Additional SFPs above a count of the two per appliance specified above, will incur additional cost.
All 40/100G QSFPs will incur additional cost over the base price of the appliance.
†† Paired Sensors : Refers to how many Sensors (physical, virtual, or cloud) an appliance can pair with. 1 Tracked Hosts : Refers to how many hosts the appliance running in Brain or Mixed mode can track simultaneously (open host sessions). Brains can typically retain and display data for larger numbers of hosts, this only refers to how many hosts the system can process metadata for simultaneously. Performance – Refers to the amount of network traffic observed by Sensors that a Sensor can produce metadata for, or the amount of traffic observed by Sensors that a Brain can process metadata for. The performance numbers are based upon average throughput a given Sensor/Brain can process. Actual performance may vary depending on traffic composition. Please contact Vectra AI to discuss further.
Please see the quick start guides for these appliances for full details and how to configure the alternate interface configurations.
Vectra Match パフォーマンス
家電製品
モード
Match Throughput (Detect and Match)
S1
センサー
400 Mbps
S11
センサー
1.2 Gbps
S101
センサー
33 Gbps
X3
センサー
3 Gbps
X3
ミックス
1 Gbps
X29
センサー
9 Gbps
X29
ミックス
4.6 Gbps
X47
センサー
13 Gbps
X47
ミックス
6 Gbps
2コアのvSensor(VMware、Hyper-V、KVM、Nutanix)
センサー
250 Mbps
4コアのvSensor (VMware、Hyper-V、KVM、Nutanix)
センサー
500 Mbps
8コアのvSensor(VMware、Hyper-V、KVM、Nutanix)
センサー
1 Gbps
16コアのvSensor (VMware、Hyper-V、KVM、Nutanix)
センサー
2.5 Gbps
32コアのvSensor(VMware)
センサー
10 Gbps
2コアのvSensor(AWS、Azure、GCP)
センサー
500 Mbps
4つのコアvSensor(AWS、Azure、GCP)
センサー
1 Gbps
8コアvSensors(AWS)
センサー
2 Gbps
16コアのvSensors(AWS)
センサー
4 Gbps
16 core vSensor (GCP)
センサー
2.5 Gbps
32 core vSensor (GCP)
センサー
5 Gbps
バーチャル・ブレインズ - カスタマー・プレミス・ハイパーバイザーの展開
ハイパーバイザー
VMタイプ
コア
メモリー
Storage (OS, Data) in GB
ペアセンサー
Tracked Hosts
パフォーマンス
VMware
vSphere 6.5以降
4
48GB
128,512
5
25,000
150 Mbps
VMware
vSphere 6.5以降
6
48GB
128,512
10
37,500
500 Mbps
VMware
vSphere 6.5以降
8
64GB
128,512
15
50,000
2 Gbps
VMware
vSphere 6.5以降
16
128GB
128,512
25
50,000
4 Gbps
VMware
vSphere 6.5以降
32
256GB
128,512
100
150,000
10 Gbps
ニュータニックス
AOS 6.8.1 and higher with Prism Central (and v3 API) available
32
256GB
128,512
100
150,000
10 Gbps
仮想センサー - ハイパーバイザーのカスタマー・プレミス・デプロイメント
ハイパーバイザー
VMタイプ
コア
メモリー
ストレージ
パフォーマンス
VMware
vSphere 6.5以降
2
8 GB
100 GB
500 Mbps
VMware
vSphere 6.5以降
4
8 GB
150 GB
1 Gbps
VMware
vSphere 6.5以降
8
16 GB
150 GB
2 Gbps
VMware
vSphere 6.5以降
16
64 GB
600 GB*
5 Gbps
VMware
vSphere 6.5以降
32
114 GB
830 GB
20 Gbps
ハイパーブイ
HW v8以上のWindows Server 2016
2
8 GB
100 GB
500 Mbps
ハイパーブイ
HW v8以上のWindows Server 2016
4
8 GB
150 GB
1 Gbps
ハイパーブイ
HW v8以上のWindows Server 2016
8
16 GB
150 GB
2 Gbps
ハイパーブイ
HW v8以上のWindows Server 2016
16
64 GB
500 GB
5 Gbps
KVM
標準PC (Q35 + ICH9, 2009)
2
8 GB
100 GB
500 Mbps
KVM
標準PC (Q35 + ICH9, 2009)
4
8 GB
150 GB
1 Gbps
KVM
標準PC (Q35 + ICH9, 2009)
8
16 GB
150 GB
2 Gbps
KVM
標準PC (Q35 + ICH9, 2009)
16
64 GB
500 GB
5 Gbps
ニュータニックス
AOS バージョン:5.20.3.5 以降 AHV バージョン:2021105.2267 以降
2
8 GB
100 GB
500 Mbps
ニュータニックス
AOS バージョン:5.20.3.5 以降 AHV バージョン:2021105.2267 以降
4
8 GB
150 GB
1 Gbps
ニュータニックス
AOS バージョン:5.20.3.5 以降 AHV バージョン:2021105.2267 以降
8
16 GB
150 GB
2 Gbps
ニュータニックス
AOS バージョン:5.20.3.5 以降 AHV バージョン:2021105.2267 以降
16
64 GB
500 GB
5 Gbps
クラウド - IaaSの展開
脳の展開
クラウド
VMタイプ
コア
メモリー
Storage (OS, Data, Data, Data) in GB
ペアセンサー
Tracked Hosts
パフォーマンス
AWS
R5D.2xラージ
8
64 GB
256, 64, 128, 256
15
50,000
2 Gbps
AWS
R5D.4Xラージ
16
128 GB
256, 64, 128, 256
25
50,000
5 Gbps
AWS
R5D.8Xラージ
32
256 GB
256, 64, 128, 256
100
150,000
15 Gbps
AWS
r5.16xlarge
64
512 GB
2562, 64, 512, 512
500
500,000
50 Gbps
Azure
スタンダード_E16s_v3
16
128 GB
256, 64, 128, 256
25
50,000
5 Gbps
Azure
スタンダード_E32s_v3
32
256 GB
256, 64, 128, 256
100
150,000
15 Gbps
事業継続計画
n2-highmem-16
16
128 GB
1 TB (single partition)
25
50,000
5 Gbps
事業継続計画
n2-highmem-32
32
256 GB
1 TB (single partition)
100
150,000
15 Gbps
事業継続計画
n2-highmem-64
64
512 GB
1.2 TB (single partition)
100
150,000
50 Gbps
事業継続計画
n2-highmem-96
96
768 GB
4 TB(シングルパーティション)
100
500,000
85 Gbps
2 This disk has upgraded performance over standard EBS volumes.
vSensorの展開
クラウド
VMタイプ
コア
メモリー
Storage (OS, Data) in GB
パフォーマンス
AWS
r5(n).large3
2
16 GB
50, 128
1 Gbps
AWS
r5(n).large3
4
32 GB
50, 128
2 Gbps
AWS
r5(n).2xlarge3
8
64 GB
50, 512
4 Gbps
AWS
r5(n).4xlarge3
16
128 GB
50, 512
8 Gbps
AWS
c5n.18xlarge3
72
192 GB
50, 128 (No PCAP capability) 3
Up to 10 Gbps3
Azure
スタンダード_DS11_v2
2
14 GB
50, 128
1 Gbps
Azure
スタンダード_DS3_v2
4
14 GB
50, 128
2 Gbps
事業継続計画
e2-スタンダード-2
2
8 GB
50, 128
1 Gbps
事業継続計画
e2-スタンダード-4
4
16 GB
50, 128
2 Gbps
事業継続計画
e2-スタンダード-16
16
64 GB
50, 128
5 Gbps
事業継続計画
e2スタンダード-32
32
128 GB
50, 128
10 Gbps
3 AWS vSensor configurations include both “n” and non “n” r5 instance types.
Networking performance is quoted as “up to 10Gbps” on the r5 instances by AWS and can be influenced by neighboring instances allocated to the same physical hardware inAWS.
Networking performance is quoted as “up to 25Gbps” on the r5n instances by AWS. These instances are still shared with neighbors but are optimized by AWS to have higher overall network throughput.
Customers can work with AWS to utilize dedicated instances and distribute instances to provide the required networking throughput to their vSensor instances on that dedicated hardware.
Vectra monitors instance types available from the supported IaaS vendors for cost, performance, and availability. If you have questions about specific instance types that are not supported, please contact your Vectra account team.
