{"version":1,"pages":[{"id":"DDvgH0oYS04ZhT1VtiQD","title":"Welcome","pathname":"/","siteSpaceId":"sitesp_UtbXl","emoji":"1f3e0","description":"This is the home page for docs.vectra.ai.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"}]},{"id":"t53pEx2tSr39EReBRl52","title":"Getting started","pathname":"/deployment/getting-started","siteSpaceId":"sitesp_UtbXl","description":"Quick links to core deployment guides, requirements, and architecture references.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"8ef36yTH12WLNTiaG12Z","title":"Analyst UX options (RUX vs QUX)","pathname":"/deployment/getting-started/analyst-ux-options-rux-vs-qux","siteSpaceId":"sitesp_UtbXl","description":"How to tell Respond UX from Quadrant UX and what differs across features and docs.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"LXf12XMOe2JNsNfyW47J","title":"NDR / network identity architecture","pathname":"/deployment/getting-started/ndr-network-identity-architecture","siteSpaceId":"sitesp_UtbXl","description":"This document provides a high-level overview of the architecture for Vectra NDR including network identity.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"69eb9dde445e5f9e57e57466881b2657fb8b11e6","title":"Respond UX deployment guide","pathname":"/deployment/getting-started/respond-ux-deployment-guide","siteSpaceId":"sitesp_UtbXl","description":"End-to-end guide for deploying Vectra Respond UX, including requirements, firewall rules, deployment steps, data source setup, initial configuration, and post-deploy next steps.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"uKpVp7lmeWMBPcTkEuQp","title":"Introduction and overview","pathname":"/deployment/getting-started/respond-ux-deployment-guide/introduction-and-overview","siteSpaceId":"sitesp_UtbXl","description":"Introduction and overview of the Vectra AI platform for Respond UX (RUX) deployments, appliance modes and basic requirements when adding network Sensors to your overall deployment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX deployment guide"}]},{"id":"171zXJcIli12QmTWMgVO","title":"Firewall requirements","pathname":"/deployment/getting-started/respond-ux-deployment-guide/firewall-requirements","siteSpaceId":"sitesp_UtbXl","description":"Firewall requirements for your Respond UX (RUX) deployment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX deployment guide"}]},{"id":"3pSw5rIucX0IVNBukVEQ","title":"Deployment","pathname":"/deployment/getting-started/respond-ux-deployment-guide/deployment","siteSpaceId":"sitesp_UtbXl","description":"Overview of the RUX deployment process, how to do your initial login, deployment steps along with requirements and documentation links.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX deployment guide"}]},{"id":"R0Zf7b9968Zl7vxkuYJP","title":"Initial configuration","pathname":"/deployment/getting-started/respond-ux-deployment-guide/initial-configuration","siteSpaceId":"sitesp_UtbXl","description":"Guidance for configuring settings in the \"Configuration\" menu in the Vectra UI after the initial deployment is complete for Respond UX and your data sources are connected.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX deployment guide"}]},{"id":"Voc0QFa6vJ5Uuubrn2KY","title":"Configuring data sources","pathname":"/deployment/getting-started/respond-ux-deployment-guide/configuring-data-sources","siteSpaceId":"sitesp_UtbXl","description":"Links to deployment guides for network Sensors, traffic validation, and other cloud data sources deployment guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX deployment guide"}]},{"id":"uaWIiP6E6IRwQOjen83C","title":"Recommended next steps","pathname":"/deployment/getting-started/respond-ux-deployment-guide/recommended-next-steps","siteSpaceId":"sitesp_UtbXl","description":"Actions recommend to complete after your initial RUX deployment including backup, configuring other integrations and products, and some best practices.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX deployment guide"}]},{"id":"PvlGfhasS30mwsBObUHK","title":"Respond UX specific","pathname":"/deployment/getting-started/respond-ux-deployment","siteSpaceId":"sitesp_UtbXl","description":"Respond UX-only deployment and configuration guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"8p6aYZA3gq7nm3Ti2ruM","title":"Initial login - protecting your MFA secret key (RUX)","pathname":"/deployment/getting-started/respond-ux-deployment/initial-login-protecting-your-mfa-secret-key-rux","siteSpaceId":"sitesp_UtbXl","description":"Secure your MFA secret during first login and avoid account lockouts.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX specific"}]},{"id":"u0xXzJJl62qOmKd27lo5","title":"Global View","pathname":"/deployment/getting-started/respond-ux-deployment/global-view","siteSpaceId":"sitesp_UtbXl","description":"Demo video, applicability, capabilities, onboarding/deployment, architecture, and answers to your frequently asked questions (FAQs) about Global View for RUX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX specific"}]},{"id":"WBvk2JXZg4tGDD7OZ2bb","title":"SIEM connector (syslog intermediary)","pathname":"/deployment/getting-started/respond-ux-deployment/siem-connector-syslog-intermediary","siteSpaceId":"sitesp_UtbXl","description":"How to configure a syslog intermediary server to poll the RUX API and then send data via syslog to a downstream collector.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX specific"}]},{"id":"04yTaarHnEHzS0w9GWYZ","title":"Why migrate to RUX from QUX Migration to RUX from QUX","pathname":"/deployment/getting-started/respond-ux-deployment/why-migrate-to-rux-from-qux-migration-to-rux-from-qux","siteSpaceId":"sitesp_UtbXl","description":"Reasons to move from QUX to RUX, plus key workflow and feature changes.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Respond UX specific"}]},{"id":"2rzCaPjb2RzvDdANBGVB","title":"Quadrant UX deployment guide","pathname":"/deployment/getting-started/quadrant-ux-deployment","siteSpaceId":"sitesp_UtbXl","description":"End-to-end guide for deploying Vectra Quadrant UX, including requirements, firewall rules, deployment steps, data source setup, initial configuration, and post-deploy next steps.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"qfvEkTp6VpebqXicreP6","title":"Introduction and overview","pathname":"/deployment/getting-started/quadrant-ux-deployment/introduction-and-overview","siteSpaceId":"sitesp_UtbXl","description":"Introduction and overview of the Vectra AI platform for Quadrant UX (QUX) deployments and appliance modes","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Quadrant UX deployment guide"}]},{"id":"EmNjaQCGaaz4DSlQYSAP","title":"Firewall requirements","pathname":"/deployment/getting-started/quadrant-ux-deployment/firewall-requirements","siteSpaceId":"sitesp_UtbXl","description":"Firewall requirements for your Quadrant UX (QUX) deployment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Quadrant UX deployment guide"}]},{"id":"imU0gWrogBWBjyy6Fdt0","title":"Brain deployment","pathname":"/deployment/getting-started/quadrant-ux-deployment/brain-deployment","siteSpaceId":"sitesp_UtbXl","description":"Overview of the QUX deployment process, deployment steps along with requirements and documentation links, and how to do your initial login.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Quadrant UX deployment guide"}]},{"id":"aCJDsxI3pNKBBuBBapEp","title":"Initial configuration","pathname":"/deployment/getting-started/quadrant-ux-deployment/initial-configuration","siteSpaceId":"sitesp_UtbXl","description":"Guidance for configuring settings in the \"Configuration\" menu in the Vectra UI after the initial deployment is complete for Respond UX and your data sources are connected.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Quadrant UX deployment guide"}]},{"id":"RBv5kWxIj9rm42Ylu5Dg","title":"Configuring data sources","pathname":"/deployment/getting-started/quadrant-ux-deployment/configuring-data-sources","siteSpaceId":"sitesp_UtbXl","description":"Links to deployment guides for network Sensors, traffic validation, and guidance for other cloud data sources supported in QUX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Quadrant UX deployment guide"}]},{"id":"CtSDrAPgYYoqzFGDI15I","title":"Recommended next steps","pathname":"/deployment/getting-started/quadrant-ux-deployment/recommended-next-steps","siteSpaceId":"sitesp_UtbXl","description":"Actions recommend to complete after your initial RUX deployment including backup, configuring other integrations and products, and some best practices.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"},{"label":"Quadrant UX deployment guide"}]},{"id":"QqjhezgB1jfjSjQl0IVU","title":"Firewall requirements","pathname":"/deployment/getting-started/firewall-requirements","siteSpaceId":"sitesp_UtbXl","description":"This article describes firewall (connectivity) requirements for all Vectra deployments (RUX and QUX).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"pezQXiSb2um2Q3VTsCuA","title":"Appliance specifications","pathname":"/deployment/getting-started/appliance-specifications","siteSpaceId":"sitesp_UtbXl","description":"Overview, performance, and specifications for Vectra's physical, virtual, and cloud appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"YMWiVGY1J5chc5NNhkKd","title":"Default usernames and passwords","pathname":"/deployment/getting-started/default-usernames-and-passwords","siteSpaceId":"sitesp_UtbXl","description":"Default credentials for CLI, Web UI, and IPMI/iDRAC access.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"AXkqnqPN9ACLyhWzSnOM","title":"IPv6 management support for Vectra appliances","pathname":"/deployment/getting-started/ipv6-management-support-for-vectra-appliances","siteSpaceId":"sitesp_UtbXl","description":"As of v8.5, the use of IPv6 for management is supported on most Vectra appliances. This article provides additional details.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Getting started"}]},{"id":"fw6NNqgDOwJwTLf1o8qG","title":"IDR for Azure AD & CDR for M365","pathname":"/deployment/idr-for-azure-ad-and-cdr-for-m365","siteSpaceId":"sitesp_UtbXl","description":"Deployment quick start guide for both IDR for Azure AD & CDR for M365 covering both RUX and QUX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"7eOGKXqyoIGTcRa3GBMo","title":"CDR for AWS","pathname":"/deployment/cdr-for-aws","siteSpaceId":"sitesp_UtbXl","description":"Landing page for CDR for AWS deployment, sizing, and integration guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"omBYtqOhy11BXlxrUBxY","title":"Deployment (CDR for AWS)","pathname":"/deployment/cdr-for-aws/deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploy CDR for AWS using CloudFormation or manual setup. Includes requirements, IAM permissions, troubleshooting, and cost guidance, plus a quick video and example policy attachments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"}]},{"id":"0fzFBk0RrCbOWsYQTCtk","title":"Architecture and requirements","pathname":"/deployment/cdr-for-aws/deployment/architecture-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Intro and overview for CDR for AWS, general requirements, network setup requirements for QUX deployments, and deployment overview.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"},{"label":"Deployment (CDR for AWS)"}]},{"id":"k9sDrziYYl1fMaN76sQW","title":"Deploy via CloudFormation","pathname":"/deployment/cdr-for-aws/deployment/deploy-via-cloudformation","siteSpaceId":"sitesp_UtbXl","description":"End-to-end steps using the Vectra-provided CloudFormation template.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"},{"label":"Deployment (CDR for AWS)"}]},{"id":"U03jNC6uSMNJD62H3r4v","title":"Appendix 1 - AWS Configuration Notes","pathname":"/deployment/cdr-for-aws/deployment/appendix-1-aws-configuration-notes","siteSpaceId":"sitesp_UtbXl","description":"Required permissions, data events guidance, bucket location, and KMS notes.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"},{"label":"Deployment (CDR for AWS)"}]},{"id":"762xJl7VgZKgoq7XyoQL","title":"Appendix 2 - Manual AWS Deployment","pathname":"/deployment/cdr-for-aws/deployment/appendix-2-manual-aws-deployment","siteSpaceId":"sitesp_UtbXl","description":"Create the SNS topic and IAM role yourself, then authorize in Vectra.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"},{"label":"Deployment (CDR for AWS)"}]},{"id":"zFB47SS5j5WbdjUMkt99","title":"Appendix 3 – Troubleshooting Issues While Onboarding","pathname":"/deployment/cdr-for-aws/deployment/appendix-3-troubleshooting-issues-while-onboarding","siteSpaceId":"sitesp_UtbXl","description":"Common errors during CloudFormation/manual setup and how to resolve them.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"},{"label":"Deployment (CDR for AWS)"}]},{"id":"ayQeuKaFUMLghmKve6Ft","title":"Appendix 4 – AWS Log Ingestion Cost Estimates","pathname":"/deployment/cdr-for-aws/deployment/appendix-4-aws-log-ingestion-cost-estimates","siteSpaceId":"sitesp_UtbXl","description":"CloudTrail, S3, SNS, data events, retention, and transfer costs.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"},{"label":"Deployment (CDR for AWS)"}]},{"id":"dApCyRPxfPC0vg8PCwlR","title":"Estimating Log Volume","pathname":"/deployment/cdr-for-aws/estimating-log-volume","siteSpaceId":"sitesp_UtbXl","description":"Guidance to estimate AWS log volume and expected ingestion impact for CDR for AWS.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"}]},{"id":"xZ3sh1NFZGSabcGa3SPK","title":"Amazon Security Lake Integration","pathname":"/deployment/cdr-for-aws/amazon-security-lake-integration","siteSpaceId":"sitesp_UtbXl","description":"This article provides guidance for customers who wish to integrate Vectra Detect for AWS with Amazon Security Lake.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for AWS"}]},{"id":"MiPTtXioajVu2VDS4Us1","title":"CDR for Azure","pathname":"/deployment/cdr-for-azure","siteSpaceId":"sitesp_UtbXl","description":"Landing page for CDR for Azure deployment and sizing guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"7678bfce34dfc8d5d424d19b0c53beaf6620496c","title":"Estimating usage","pathname":"/deployment/cdr-for-azure/estimating-usage","siteSpaceId":"sitesp_UtbXl","description":"This article describes how to quickly gather some basic sizing information around Azure CDR. This information can be used by Vectra sales teams to help estimate service costs.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for Azure"}]},{"id":"eHvxrLJqabpPPFKn1Kfc","title":"Deployment","pathname":"/deployment/cdr-for-azure/deployment","siteSpaceId":"sitesp_UtbXl","description":"CDR for Azure Deployment anchor page with demo video and product related announcements.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for Azure"}]},{"id":"VsMWUIofloM05G0yluJw","title":"Introduction, architecture, and requirements","pathname":"/deployment/cdr-for-azure/deployment/introduction-architecture-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"What CDR for Azure provides, how it works, and what you need before deploying.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for Azure"},{"label":"Deployment"}]},{"id":"skUrE7j6vzCo416qJqr9","title":"Automated deployment","pathname":"/deployment/cdr-for-azure/deployment/automated-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploy CDR for Azure using the Vectra-provided ARM templates. This is the \"Automated\" deployment method and is recommended for most Vectra customers.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for Azure"},{"label":"Deployment"}]},{"id":"2nukC9GVIa4bnj5Fyigj","title":"Manual deployment","pathname":"/deployment/cdr-for-azure/deployment/manual-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploy CDR for Azure manually without the aid of Vectra provided ARM templates.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for Azure"},{"label":"Deployment"}]},{"id":"540UUuAjsHJpvJTZSAKq","title":"Appendix 1 - Azure configuration notes","pathname":"/deployment/cdr-for-azure/deployment/appendix-1-azure-configuration-notes","siteSpaceId":"sitesp_UtbXl","description":"Azure permissions, objects created by Vectra, and related operational notes to help with permissions issues.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for Azure"},{"label":"Deployment"}]},{"id":"lAyWmLitRtfoaFvrVSxS","title":"Appendix 2 - Adding additional locations or resources","pathname":"/deployment/cdr-for-azure/deployment/appendix-2-adding-additional-locations-or-resources","siteSpaceId":"sitesp_UtbXl","description":"Guidance for re-running deployment when you add regions, locations, or Vectra adds new supported resource types.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for Azure"},{"label":"Deployment"}]},{"id":"oHmW6XcWezaR68ckItwS","title":"Appendix 3 - Troubleshooting issues while onboarding","pathname":"/deployment/cdr-for-azure/deployment/appendix-3-troubleshooting-issues-while-onboarding","siteSpaceId":"sitesp_UtbXl","description":"Common onboarding issues, policy conflicts, and ARM template deployment errors.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"CDR for Azure"},{"label":"Deployment"}]},{"id":"xpqHNjAshsHuA6vm4u9G","title":"NDR physical appliances","pathname":"/deployment/ndr-physical-appliances","siteSpaceId":"sitesp_UtbXl","description":"Quick start and hardware guidance for physical Brain and Sensor appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"XyGxRDuiuFsHqkpIBLqV","title":"Supported SFPs and QSFPs","pathname":"/deployment/ndr-physical-appliances/supported-sfps-and-qsfps","siteSpaceId":"sitesp_UtbXl","description":"Supported SFP/QSFP transceivers for Vectra physical appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"}]},{"id":"jaXws7PQs4aA0QiQT5MO","title":"Physical appliance modes and switching between them","pathname":"/deployment/ndr-physical-appliances/physical-appliance-modes-and-switching-between-them","siteSpaceId":"sitesp_UtbXl","description":"The article describes the Brain, Sensor, and Mixed modes and how to switch between them for physical Vectra appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"}]},{"id":"jJ4gIn5XsN5bpEMyO40U","title":"X-Series","pathname":"/deployment/ndr-physical-appliances/x-series","siteSpaceId":"sitesp_UtbXl","description":"Quick start guides and lifecycle notes for X-Series appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"}]},{"id":"y2UOXUpYWbXiAUChvVjx","title":"X3","pathname":"/deployment/ndr-physical-appliances/x-series/x3","siteSpaceId":"sitesp_UtbXl","description":"The X3 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"X-Series"}]},{"id":"HhOXVHFwONvBNGv065Iw","title":"X47","pathname":"/deployment/ndr-physical-appliances/x-series/x47","siteSpaceId":"sitesp_UtbXl","description":"The X47 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"X-Series"}]},{"id":"fepau5vpVAsWhYYWK47c","title":"X29 (EOS)","pathname":"/deployment/ndr-physical-appliances/x-series/x29","siteSpaceId":"sitesp_UtbXl","description":"The X29 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"X-Series"}]},{"id":"C1ogJnC4LmaGRm68qkIj","title":"X80 (EOL)","pathname":"/deployment/ndr-physical-appliances/x-series/x80","siteSpaceId":"sitesp_UtbXl","description":"The X80 quick start guide provides guidance for initial connection to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"X-Series"}]},{"id":"xQ2RZLMghXmJE77wtPNn","title":"B-Series","pathname":"/deployment/ndr-physical-appliances/b-series","siteSpaceId":"sitesp_UtbXl","description":"Quick start guides and lifecycle notes for B-Series appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"}]},{"id":"DCiMG34hNeng2MVqHOnJ","title":"B127","pathname":"/deployment/ndr-physical-appliances/b-series/b127","siteSpaceId":"sitesp_UtbXl","description":"The B127 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"B-Series"}]},{"id":"b2oHfYCnJc6f7gNRLILf","title":"B101 (EOS)","pathname":"/deployment/ndr-physical-appliances/b-series/b101","siteSpaceId":"sitesp_UtbXl","description":"The B101 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"B-Series"}]},{"id":"oxHdk3i0XcRjRu5CGn7t","title":"S-Series","pathname":"/deployment/ndr-physical-appliances/s-series","siteSpaceId":"sitesp_UtbXl","description":"Quick start guides and lifecycle notes for S-Series appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"}]},{"id":"DoCle0yyHlJ4lo661ltX","title":"S1","pathname":"/deployment/ndr-physical-appliances/s-series/s1","siteSpaceId":"sitesp_UtbXl","description":"The S1 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"S-Series"}]},{"id":"wSKJGBOA0jvlqGyCQeEi","title":"S1v2","pathname":"/deployment/ndr-physical-appliances/s-series/s1v2","siteSpaceId":"sitesp_UtbXl","description":"The S1v2 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"S-Series"}]},{"id":"jZIZqRdQxLLQQtmftgkJ","title":"S11","pathname":"/deployment/ndr-physical-appliances/s-series/s11","siteSpaceId":"sitesp_UtbXl","description":"The S11 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"S-Series"}]},{"id":"B3pd8z3XtlynA0Vps46n","title":"S17","pathname":"/deployment/ndr-physical-appliances/s-series/s17","siteSpaceId":"sitesp_UtbXl","description":"The S17 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"S-Series"}]},{"id":"IC7LwRHcT6PjmTMTRRiG","title":"S101","pathname":"/deployment/ndr-physical-appliances/s-series/s101","siteSpaceId":"sitesp_UtbXl","description":"The S101 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network. Covers v1 and v2 variants.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"S-Series"}]},{"id":"e8dGlJ6litMgFBckawaA","title":"S127","pathname":"/deployment/ndr-physical-appliances/s-series/s127","siteSpaceId":"sitesp_UtbXl","description":"The S127 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"S-Series"}]},{"id":"h6CBGvjWGuOsig3JEI02","title":"S2 (EOL)","pathname":"/deployment/ndr-physical-appliances/s-series/s2","siteSpaceId":"sitesp_UtbXl","description":"The S2 quick start guide provides guidance for connecting your appliance to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"S-Series"}]},{"id":"2WTllSyWglIUyN8rDH43","title":"M-Series","pathname":"/deployment/ndr-physical-appliances/m-series","siteSpaceId":"sitesp_UtbXl","description":"Quick start guides and lifecycle notes for M-Series appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"}]},{"id":"chW5R3gPQq7Z4FTeBulO","title":"M47","pathname":"/deployment/ndr-physical-appliances/m-series/m47","siteSpaceId":"sitesp_UtbXl","description":"The M47 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"M-Series"}]},{"id":"iS9OEiAX6C9z47dsw7Cj","title":"M29 (EOS)","pathname":"/deployment/ndr-physical-appliances/m-series/m29","siteSpaceId":"sitesp_UtbXl","description":"The M29 quick start guide provides guidance for initial deployment, verifying connectivity, and next steps to take after the appliance is connected to your network.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR physical appliances"},{"label":"M-Series"}]},{"id":"3t32tljfncpX747jllN5","title":"NDR virtual / cloud appliances","pathname":"/deployment/ndr-virtual-cloud-appliances","siteSpaceId":"sitesp_UtbXl","description":"Deploy Brains and vSensors in virtualized and public cloud environments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"RhFE16TlQl6rjhIM805C","title":"AWS Brain","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-brain","siteSpaceId":"sitesp_UtbXl","description":"This document outlines the steps to deploy a Vectra Brain in the customer’s AWS account. AWS Brains are supported for both Respond UX and Quadrant UX deployment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"SLgZHD0e2JgsSQw92JR1","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-brain/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Prerequisites and deployment workflow for an AWS Brain.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS Brain"}]},{"id":"l1y3If4D2eYINig1lSlz","title":"Firewall requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-brain/firewall-requirements","siteSpaceId":"sitesp_UtbXl","description":"Connectivity and security group rules for AWS Brain deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS Brain"}]},{"id":"MXwaP0k8qDRVrDNWnjtt","title":"Deploying the AMI","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-brain/deploying-the-ami","siteSpaceId":"sitesp_UtbXl","description":"Deploy the AWS Brain AMI using CloudFormation or AWS Marketplace.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS Brain"}]},{"id":"ejHLalry9V42rTTNUmkK","title":"Enabling AWS integrations","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-brain/enabling-aws-integrations","siteSpaceId":"sitesp_UtbXl","description":"Enable AWS HostID and optional Security Hub and CloudWatch integrations.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS Brain"}]},{"id":"2BP3DpAe4dkNDbZXw7ZC","title":"Pairing Sensors or Stream","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-brain/pairing-sensors-or-stream","siteSpaceId":"sitesp_UtbXl","description":"Pair Sensors or Stream to an AWS Brain after provisioning.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS Brain"}]},{"id":"cT0alKh6TM3oufmbXlvA","title":"AWS vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-vsensor","siteSpaceId":"sitesp_UtbXl","description":"Parent page for AWS vSensor deployment and includes attachments used by the deployment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"w7oV0E45NOECOzwXvafA","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-vsensor/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Prerequisites and sizing guidance for deploying Vectra AWS vSensors, including sizing, SRT setup, VPC/subnet planning, and security group requirements.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS vSensor"}]},{"id":"l2CwpM0IcqYu4kGfoM2t","title":"Deployment from AWS Marketplace","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-vsensor/deployment-from-aws-marketplace","siteSpaceId":"sitesp_UtbXl","description":"Step-by-step AWS Marketplace and CloudFormation deployment for AWS vSensors, including key template parameters and post-deploy checks.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS vSensor"}]},{"id":"shmagTVLVhGNBeCeeUjI","title":"AWS integrations","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-vsensor/aws-integrations","siteSpaceId":"sitesp_UtbXl","description":"Configure AWS integrations for Vectra (HostID, optional Security Hub, optional CloudWatch), including required IAM users/roles/policies.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS vSensor"}]},{"id":"cqGfiTdKkTz21puZUd22","title":"Pairing AWS vSensors","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-vsensor/pairing-aws-vsensors","siteSpaceId":"sitesp_UtbXl","description":"Pair AWS vSensors to a Brain using the Sensor Registration Token workflow (AWS vSensors do not support online pairing).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS vSensor"}]},{"id":"EvjNjgMBONCcYrvBTuzn","title":"Directing traffic to AWS vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-vsensor/traffic-direction-to-aws-vsensor","siteSpaceId":"sitesp_UtbXl","description":"Configure AWS VPC Traffic Mirroring to send EC2 traffic to a vSensor (mirror filters, mirror targets, and mirror sessions).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS vSensor"}]},{"id":"vXGLkYImiVmcKT8uGKIv","title":"AWS vSensor FAQs","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-vsensor/aws-vsensor-faqs","siteSpaceId":"sitesp_UtbXl","description":"Common questions and troubleshooting for AWS vSensor deployments, including regional limits, validation, updates, and service quotas.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"AWS vSensor"}]},{"id":"bFq2ugY1qtGqEp8WII3W","title":"AWS Security Hub integration (QUX only)","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-security-hub-integration-qux-only","siteSpaceId":"sitesp_UtbXl","description":"This article explains how to setup AWS Security Hub Integration Guide for use with Vectra Quadrant UX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"M58bRZbxdjNUauuSKslN","title":"AWS best practices","pathname":"/deployment/ndr-virtual-cloud-appliances/aws-best-practices","siteSpaceId":"sitesp_UtbXl","description":"AWS configuration and operational best practices for Vectra appliances and integrations.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"MAquyxNiHLgVCQ5QUHvF","title":"Azure Brain","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-brain","siteSpaceId":"sitesp_UtbXl","description":"This document outlines the steps to deploy a Vectra Brain in a customer’s Azure subscription. Azure Brains are supported in both Respond UX and Quadrant UX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"NqE48FVH9kUgy0vvPF4i","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-brain/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Prerequisites and high-level workflow for deploying an Azure Brain, including required permissions and Azure resources.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure Brain"}]},{"id":"xxL4HmWB08GuINydX98u","title":"Firewall requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-brain/firewall-requirements","siteSpaceId":"sitesp_UtbXl","description":"Azure-specific connectivity guidance for Azure Brain deployments, including NSG rules, DNS, and NTP notes.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure Brain"}]},{"id":"heo6mOudfZzaZmd4vJYI","title":"Deploying the Brain image","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-brain/deploying-the-brain-image","siteSpaceId":"sitesp_UtbXl","description":"Deploy the Vectra Brain VM in Azure using the Azure CLI, including required inputs, sizing, and post-deploy access steps.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure Brain"}]},{"id":"Mhuysu7agsnUDiuUwZLR","title":"Azure HostID integration","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-brain/azure-hostid-integration","siteSpaceId":"sitesp_UtbXl","description":"Enable the Azure HostID integration to enrich hosts using Azure Resource Manager metadata.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure Brain"}]},{"id":"wRTkWLuHIW9eRV5JkY2t","title":"Pairing Sensors or Stream","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-brain/pairing-sensors-or-stream","siteSpaceId":"sitesp_UtbXl","description":"Pair Sensors or Stream to an Azure Brain, with notes on Azure vSensor/Stream pairing limitations.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure Brain"}]},{"id":"gAD9HWCAnxtpKZCoXdHx","title":"Azure vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-vsensor","siteSpaceId":"sitesp_UtbXl","description":"Deploy and pair Vectra vSensors in Microsoft Azure environments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"kcqlzXTqXYK1BSwphWhS","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-vsensor/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Azure vSensor deployment introduction and requirements including Sensor Registration Token, Brain and Sensor communications requirements, and Azure requirements.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure vSensor"}]},{"id":"pPT0h9l2XCRINlEmjUDh","title":"Deployment from Azure marketplace","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-vsensor/deployment-from-azure-marketplace","siteSpaceId":"sitesp_UtbXl","description":"Deploying the Azure vSensor image from the Azure marketplace.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure vSensor"}]},{"id":"fvmNpDUj76uSLvBLjrk9","title":"Azure HostID integration","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-vsensor/azure-hostid-integration","siteSpaceId":"sitesp_UtbXl","description":"Configuring HostID integration between your Vectra Brain and the Azure Resource Manager.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure vSensor"}]},{"id":"oB5uVfjxLkvcOfrCsYNz","title":"Pairing Azure vSensors","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-vsensor/pairing-azure-vsensors","siteSpaceId":"sitesp_UtbXl","description":"Pair Azure vSensors to a Brain using the Sensor Registration Token workflow (Azure vSensors do not support online pairing).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure vSensor"}]},{"id":"ohEHaFUXM2sJa6gEmYjg","title":"Directing traffic to Azure vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-vsensor/directing-traffic-to-azure-vsensor","siteSpaceId":"sitesp_UtbXl","description":"How to direct traffic to Azure vSensors.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure vSensor"}]},{"id":"eicNvoxUtXQXLeaeY3RG","title":"Azure cPacket cVu-V","pathname":"/deployment/ndr-virtual-cloud-appliances/azure-vsensor/azure-cpacket-cvu-v","siteSpaceId":"sitesp_UtbXl","description":"Optionally deploy cPacket cVu-V in Azure to feed traffic for a Vectra vSensor for packet capture and NDR visibility.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Azure vSensor"}]},{"id":"uDX9DPIYGgjsAFS4Ea06","title":"GCP Brain","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-brain","siteSpaceId":"sitesp_UtbXl","description":"This document outlines the steps to deploy a Vectra NDR virtual Brain in a customer’s Google Cloud Platform (GCP) project.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"Pc1cSYNMs8r9X0AFTYWp","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-brain/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Overview of the GCP Brain deployment and prerequisites, including required access, tooling, and Vectra-provided resources.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP Brain"}]},{"id":"uV6XiZixASWRkJKHGl8w","title":"Preparation","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-brain/preparation","siteSpaceId":"sitesp_UtbXl","description":"Pre-deployment checklist for GCP Brain install, including connectivity, SSH keys, sizing, and required service accounts and roles.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP Brain"}]},{"id":"ZnRCwykb2E68Ev32Wmks","title":"Firewall requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-brain/firewall-requirements","siteSpaceId":"sitesp_UtbXl","description":"Network connectivity requirements (ports, protocols, and FQDNs) for Vectra appliances and Vectra cloud services.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP Brain"}]},{"id":"pQi7wR6C5iSF22EfO82L","title":"Deployment","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-brain/deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploy the GCP Brain VM using the Vectra template and `gcloud infra-manager`, then connect and complete provisioning.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP Brain"}]},{"id":"UckWbxJeHYmCYNDsbywU","title":"Post deployment configuration","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-brain/post-deployment-configuration","siteSpaceId":"sitesp_UtbXl","description":"Post-deploy steps for the GCP Brain, including HostID integration setup and GCP Sensor pairing guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP Brain"}]},{"id":"ADYEE6uH6XQnOr3klu5h","title":"GCP vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-vsensor","siteSpaceId":"sitesp_UtbXl","description":"This document outlines the steps to deploy a Vectra NDR virtual Sensor (vSensor) in a customer’s Google Cloud Platform (GCP) project.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"lQA1qMrBe3VjOvpj7uYm","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-vsensor/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Overview of the GCP vSensor deployment and requirements, including required access, tooling, and Vectra-provided resources.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP vSensor"}]},{"id":"m8gZgvDzkUZYetWvPA8b","title":"Preparation","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-vsensor/preparation","siteSpaceId":"sitesp_UtbXl","description":"Pre-deployment checklist for GCP vSensor install, including connectivity, SSH keys, sizing, and required service accounts and roles.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP vSensor"}]},{"id":"xBAJyaLxEXRUg8oFQQgM","title":"Deploying the image","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-vsensor/deploying-the-image","siteSpaceId":"sitesp_UtbXl","description":"Deploy the GCP vSensor VM using the Vectra template and `gcloud infra-manager`.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP vSensor"}]},{"id":"2ix1ZAQcA1QkD39U6x3V","title":"Pairing GCP vSensors","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-vsensor/pairing-gcp-vsensors","siteSpaceId":"sitesp_UtbXl","description":"Overview of GCP vSensor pairing, pairing and registration settings, configuring the Brain location and Sensor Registration Token (SRT), and pairing guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP vSensor"}]},{"id":"HVYD0ggDMUkXRjxXZaoW","title":"Directing traffic to GCP vSensors","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-vsensor/directing-traffic-to-gcp-vsensors","siteSpaceId":"sitesp_UtbXl","description":"How to direct traffic to the GCP vSensor capture port using Google Network Security Integration (NSI), VPC Packet Mirroring, or 3rd party VXLAN-based packet brokers.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP vSensor"}]},{"id":"LA2hsGN3jAB3Er2SDsH0","title":"GCP HostID integration","pathname":"/deployment/ndr-virtual-cloud-appliances/gcp-vsensor/gcp-hostid-integration","siteSpaceId":"sitesp_UtbXl","description":"This article goes over the GCP HostID integration available for Vectra NDR deployments that capture traffic from GCP VPCs.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"GCP vSensor"}]},{"id":"uewjXTPB3gyUqVrWqkqm","title":"Hyper-V vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/hyper-v-vsensor","siteSpaceId":"sitesp_UtbXl","description":"This guide is intended to help customers or partners deploy vSensors in Hyper-V environments and pair them to your Vectra Brain. This includes both Respond UX and Quadrant UX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"WEgRYIS2c3J7rRC9QgP0","title":"Introduction and general requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/hyper-v-vsensor/introduction-and-general-requirements","siteSpaceId":"sitesp_UtbXl","description":"Hyper-V vSensor deployment introduction, resource requirements, performance, and connectivity requirements.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Hyper-V vSensor"}]},{"id":"RbAKBikqdtDdmM5vvnHm","title":"vSensor deployment in Hyper-V","pathname":"/deployment/ndr-virtual-cloud-appliances/hyper-v-vsensor/vsensor-deployment-in-hyper-v","siteSpaceId":"sitesp_UtbXl","description":"Final checks before Hyper-V vSensor deployment, deploying the vSensor and it's initial embryo state after deployment before pairing and updating.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Hyper-V vSensor"}]},{"id":"IpiPZgFk0AbgpJaUyfhG","title":"Capture configuration and vSwitch guidance","pathname":"/deployment/ndr-virtual-cloud-appliances/hyper-v-vsensor/capture-configuration-and-vswitch-guidance","siteSpaceId":"sitesp_UtbXl","description":"Guidance for configuring Hyper-V vSensor physical network traffic capture, virtual network traffic capture from other guests or VLANs, and additional virtual switch option guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Hyper-V vSensor"}]},{"id":"6TTSQDbh6yZ98K22P0EG","title":"Initial vSensor configuration at CLI","pathname":"/deployment/ndr-virtual-cloud-appliances/hyper-v-vsensor/initial-vsensor-configuration-at-cli","siteSpaceId":"sitesp_UtbXl","description":"Changing from DHCP (default) to static addressing, configuring DNS servers, changing password, and verifying Hyper-V vSensor connectivity.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Hyper-V vSensor"}]},{"id":"gCcncfF6YTd2g7Q2eCQI","title":"Pairing Hyper-V vSensors","pathname":"/deployment/ndr-virtual-cloud-appliances/hyper-v-vsensor/pairing-hyper-v-vsensors","siteSpaceId":"sitesp_UtbXl","description":"Pairing Hyper-V vSensors with a Vectra Brain appliance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Hyper-V vSensor"}]},{"id":"QuhI5tQoSAl35UB5tBoB","title":"Traffic capture guidance and validation","pathname":"/deployment/ndr-virtual-cloud-appliances/hyper-v-vsensor/traffic-capture-guidance-and-validation","siteSpaceId":"sitesp_UtbXl","description":"Guidance for Hyper-V vSensor traffic capture, PCAP generation, and traffic validation.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Hyper-V vSensor"}]},{"id":"nmT2Xzsp9RCcD5OdXqls","title":"KVM vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/kvm-vsensor","siteSpaceId":"sitesp_UtbXl","description":"This guide is intended to help customers or partners deploy vSensors in KVM environments and pair them to your Vectra Brain. This includes both Respond UX and Quadrant UX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"h2loCFuHDc7abn9Tv8po","title":"Introduction and general requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/kvm-vsensor/introduction-and-general-requirements","siteSpaceId":"sitesp_UtbXl","description":"KVM vSensor deployment introduction, resource requirements, performance, connectivity requirements, and preparation list.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"KVM vSensor"}]},{"id":"EDWZzipjh3yVaXMH2twf","title":"KVM specific details and deployment","pathname":"/deployment/ndr-virtual-cloud-appliances/kvm-vsensor/kvm-specific-details-and-deployment","siteSpaceId":"sitesp_UtbXl","description":"KVM requirements and networking guidance, interacting with KVM VMs, deploying the vSensor and it's initial embryo state after deployment before pairing and updating.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"KVM vSensor"}]},{"id":"5fCTeybTZBpklWVuNNdt","title":"Initial vSensor configuration at CLI","pathname":"/deployment/ndr-virtual-cloud-appliances/kvm-vsensor/initial-vsensor-configuration-at-cli","siteSpaceId":"sitesp_UtbXl","description":"Changing from DHCP (default) to static addressing, configuring DNS servers, changing password, and verifying KVM vSensor connectivity.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"KVM vSensor"}]},{"id":"Ux7yML6ZDMse6fy2yYlR","title":"Pairing KVM vSensors","pathname":"/deployment/ndr-virtual-cloud-appliances/kvm-vsensor/pairing-kvm-vsensors","siteSpaceId":"sitesp_UtbXl","description":"Pairing KVM vSensors with a Vectra Brain appliance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"KVM vSensor"}]},{"id":"YP57UvcVcAwodCMP39dk","title":"Traffic capture guidance and validation","pathname":"/deployment/ndr-virtual-cloud-appliances/kvm-vsensor/traffic-capture-guidance-and-validation","siteSpaceId":"sitesp_UtbXl","description":"Guidance for KVM vSensor traffic capture, PCAP generation, and traffic validation.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"KVM vSensor"}]},{"id":"7CrePHm9vty56Y8JUykt","title":"Nutanix Brain","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-brain","siteSpaceId":"sitesp_UtbXl","description":"Deploy a Vectra Brain in Nutanix environments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"6c80Bbz59smfpI3jk6gr","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-brain/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Introductions and requirements for deploying a Vectra Brain appliance in Nutanix environments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix Brain"}]},{"id":"jx1SA27HVpVNaZWc18LI","title":"Firewall requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-brain/firewall-requirements","siteSpaceId":"sitesp_UtbXl","description":"Firewall requirements for a Nutanix Brain for both RUX or QUX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix Brain"}]},{"id":"aa4TZGXmxM0wCj7D3cCw","title":"Licensing and Brain deployment overview","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-brain/licensing-and-brain-deployment-overview","siteSpaceId":"sitesp_UtbXl","description":"How licensing works for Nutanix Brains and an overview of the Nutanix Brain deployment process.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix Brain"}]},{"id":"x7Pheg9HLJyKRMqFRBZR","title":"Brain deployment in Nutanix","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-brain/brain-deployment-in-nutanix","siteSpaceId":"sitesp_UtbXl","description":"How to download the Nutanix Brain image and deploy it within Nutanix.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix Brain"}]},{"id":"lRpTkFS7sKL2a8gJGcua","title":"Initial startup and licensing","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-brain/initial-startup-and-licensing","siteSpaceId":"sitesp_UtbXl","description":"Initial startup, provisioning proxy configuration, and licensing for Nutanx Brain. Licensing must be completed prior to the main UI or CLI being available.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix Brain"}]},{"id":"D102X7H4pLeDIiarkyTJ","title":"Post deployment guidance","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-brain/post-deployment-guidance","siteSpaceId":"sitesp_UtbXl","description":"Guidance for static addressing, updates, performance testing, integrity checks, configuration validation, licensing checks, and resizing your Nutanix Brain.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix Brain"}]},{"id":"eObT4rqLdlLblFvU3go2","title":"Nutanix vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor","siteSpaceId":"sitesp_UtbXl","description":"Deploy and pair a Vectra vSensor on Nutanix AHV.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"nB8U7qyVJbhDUXdQOLNq","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Nutanix vSensor deployment introduction, resource requirements including performance and supported Nutanix versions, and connectivity requirements.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"GhtUNeCFRA18F0UCgZDY","title":"Nutanix traffic capture options","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/nutanix-traffic-capture-options","siteSpaceId":"sitesp_UtbXl","description":"Nutanix terminology and methods to direct traffic to a vSensor capture port.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"dN527I4W6judUrYNc9ey","title":"Preparing for deployment","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/preparing-for-deployment","siteSpaceId":"sitesp_UtbXl","description":"Information to gather before deployment, choosing a deployment method, and pre-deployment steps shared by all deployment methods.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"KHhOiBZnaHA2qlXjT8Yq","title":"Service Chaining 1.0 deployment","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/service-chaining-1.0-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploying Nutanix vSensor VM using Service Chaining 1.0 to direct traffic at the vSensor capture port.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"iP7Ra5daiAIybkHWZ0CQ","title":"Traffic Mirroring deployment","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/traffic-mirroring-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploying Nutanix vSensor VM using Traffic Mirroring to direct traffic at the vSensor capture port.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"4Zv4x9QB3UBAoCKjL96B","title":"Post deployment configuration (shared for all deployment types)","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/post-deployment-configuration-shared-for-all-deployment-types","siteSpaceId":"sitesp_UtbXl","description":"Shared steps for Nutanix vSensors after the initial deployment in Nutanix is completed.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"1X5w59XxvEPFGrMqcUOV","title":"Initial vSensor configuration at CLI","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/initial-vsensor-configuration-at-cli","siteSpaceId":"sitesp_UtbXl","description":"Changing from DHCP (default) to static addressing, configuring DNS servers, changing password, and verifying Nutanix vSensor connectivity.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"rBnAh6IIYgOhMjjNdQPP","title":"Pairing Nutanix vSensors","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/pairing-nutanix-vsensors","siteSpaceId":"sitesp_UtbXl","description":"Pairing Nutanix vSensors with a Vectra Brain appliance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"adfSngoNGa7rj0kFHKfu","title":"Traffic capture and validation","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/traffic-capture-and-validation","siteSpaceId":"sitesp_UtbXl","description":"Guidance for Nutanix vSensor traffic capture, PCAP generation, and traffic validation.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"PaURlMrrSe6jT0xNScP3","title":"Appendix - Service Chaining 1.0 alternate API instructions","pathname":"/deployment/ndr-virtual-cloud-appliances/nutanix-vsensor/appendix-service-chaining-1.0-alternate-api-instructions","siteSpaceId":"sitesp_UtbXl","description":"Alternative API-based instructions to fully deploy Service Chaining 1.0 using API calls instead of Nutanix UI-based instructions and a minimal set of API calls that can't be done in the Nutanix UI.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"Nutanix vSensor"}]},{"id":"yR8lIHlcTmm1l7uwGcNH","title":"VMware Brain","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain","siteSpaceId":"sitesp_UtbXl","description":"Deploy a Vectra Brain on VMware vSphere.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"Qmx5X3ZI7fBpakUvqVU5","title":"Introduction and requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Introductions and requirements for deploying a Vectra Brain appliance in VMware vSphere environments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware Brain"}]},{"id":"P00JJHcQTBlWi630Kutt","title":"VMware deployment details and considerations","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain/vmware-deployment-details-and-considerations","siteSpaceId":"sitesp_UtbXl","description":"Guidance for VMware vSensors and Brains including CPU/RAM/Storage, capture ports, modifications required after deployment, use of SANs, vMotion, and unsupported hypervisors.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware Brain"}]},{"id":"GlY7jcl3S0CvqIgwb1ZM","title":"Firewall requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain/firewall-requirements","siteSpaceId":"sitesp_UtbXl","description":"Firewall requirements for a VMware Brain deployed in a vSphere environment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware Brain"}]},{"id":"bAgogUPDTPTTNymwgIJu","title":"Licensing and Brain deployment overview","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain/licensing-and-brain-deployment-overview","siteSpaceId":"sitesp_UtbXl","description":"How licensing works for VMware Brains and an overview of the VMware Brain deployment process.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware Brain"}]},{"id":"TRtqNLJu6gWV3jhdAKqq","title":"Brain deployment in VMware","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain/brain-deployment-in-vmware","siteSpaceId":"sitesp_UtbXl","description":"How to download the VMware Brain .OVA and deploy it from in VMware.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware Brain"}]},{"id":"yTe1gzaF8nOvkvugRVCm","title":"Initial startup and licensing","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain/initial-startup-and-licensing","siteSpaceId":"sitesp_UtbXl","description":"Initial startup, provisioning proxy configuration, and licensing for VMware Brain. Licensing must be completed prior to the main UI or CLI being available.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware Brain"}]},{"id":"tY7ejClU4hgPbvwSX8Wv","title":"vCenter integration","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain/vcenter-integration","siteSpaceId":"sitesp_UtbXl","description":"How to configure vCenter integration with your Vectra Brain appliance to help with HostID and enable a virtual infrastructure view.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware Brain"}]},{"id":"L1v8hCA05U6EH1ZZ1qs8","title":"Post deployment guidance","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-brain/post-deployment-guidance","siteSpaceId":"sitesp_UtbXl","description":"Guidance for static addressing, updates, performance testing, integrity checks, configuration validation, licensing checks, and resizing your VMware Brain.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware Brain"}]},{"id":"OxnEVHP2QPNoHQ1tCEcl","title":"VMware vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor","siteSpaceId":"sitesp_UtbXl","description":"This guide is intended to help customers or partners deploy vSensors in VMware environments and pair them to your Vectra Brain. This includes both Respond UX and Quadrant UX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"}]},{"id":"ZK4nUBasU3z1hohsFy29","title":"Introduction and general requirements","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor/introduction-and-general-requirements","siteSpaceId":"sitesp_UtbXl","description":"VMware vSensor deployment introduction, resource requirements, performance, supported VMware versions, and connectivity requirements.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware vSensor"}]},{"id":"fkrtlEiJJ5q5NihAVp6Y","title":"VMware deployment details and considerations","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor/vmware-deployment-details-and-considerations","siteSpaceId":"sitesp_UtbXl","description":"Guidance for VMware vSensors and Brains including CPU/RAM/Storage, capture ports, modifications required after deployment, use of SANs, vMotion, and unsupported hypervisors.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware vSensor"}]},{"id":"sfqNOmemoihEOaSKVs9T","title":"vCenter integration","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor/vcenter-integration","siteSpaceId":"sitesp_UtbXl","description":"How to configure vCenter integration with your Vectra Brain appliance to help with HostID and enable a virtual infrastructure view.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware vSensor"}]},{"id":"PoTsOdMeLLpZIteeDmLE","title":"vSensor deployment in VMware","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor/vsensor-deployment-in-vmware","siteSpaceId":"sitesp_UtbXl","description":"Final checks before VMware vSensor deployment, VMware switch types and port group guidance, deploying the vSensor, it's initial embryo state, and modifying 16 and 32 core vSensors after deployment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware vSensor"}]},{"id":"98lcyUGycgPlApRbLfln","title":"Initial vSensor configuration at CLI","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor/initial-vsensor-configuration-at-cli","siteSpaceId":"sitesp_UtbXl","description":"Changing from DHCP (default) to static addressing, configuring DNS servers, changing password, and verifying VMware vSensor connectivity.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware vSensor"}]},{"id":"VWnrXRzMBwiGu2lLK7d9","title":"Pairing VMware vSensors","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor/pairing-vmware-vsensors","siteSpaceId":"sitesp_UtbXl","description":"Pairing VMware vSensors with a Vectra Brain appliance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware vSensor"}]},{"id":"Yih9UBG8sOsZK1ErqeQa","title":"Capturing physical network traffic with VMware vSensor","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor/capturing-physical-network-traffic-with-vmware-vsensor","siteSpaceId":"sitesp_UtbXl","description":"How to capture physical network traffic using a VMware vSensor.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware vSensor"}]},{"id":"7HQZMSOIIwNuD6rgaEVc","title":"Traffic capture guidance and validation","pathname":"/deployment/ndr-virtual-cloud-appliances/vmware-vsensor/traffic-capture-guidance-and-validation","siteSpaceId":"sitesp_UtbXl","description":"Guidance for VMware vSensor traffic capture, PCAP generation, and traffic validation.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR virtual / cloud appliances"},{"label":"VMware vSensor"}]},{"id":"hLlsx0CC8A1ZS2QDXXKm","title":"NDR Traffic engineering and validation","pathname":"/deployment/traffic-engineering-and-validation","siteSpaceId":"sitesp_UtbXl","description":"Validate Sensor traffic feeds and troubleshoot capture and quality issues.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"nu4XoxNrRcMgnP747F06","title":"Using Vectra packet capture (PCAP)","pathname":"/deployment/traffic-engineering-and-validation/using-vectra-packet-capture-pcap","siteSpaceId":"sitesp_UtbXl","description":"How to capture PCAPs on Vectra Sensors and download them from your Vectra UI.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR Traffic engineering and validation"}]},{"id":"Oko7Bx9q8pLf69uhOfMj","title":"Traffic validation (ENTV)","pathname":"/deployment/traffic-engineering-and-validation/traffic-validation-entv","siteSpaceId":"sitesp_UtbXl","description":"Use ENTV to validate Sensor traffic quality and troubleshoot capture issues.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR Traffic engineering and validation"}]},{"id":"2U59tcWprFOid4E2dn2Z","title":"Traffic validation (ENTV) alerting","pathname":"/deployment/traffic-engineering-and-validation/entv-syscheck-descriptions","siteSpaceId":"sitesp_UtbXl","description":"Descriptions and advice for system health checks related to traffic validation (ENTV) and how to be alerted on them when they are in a critical state.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR Traffic engineering and validation"}]},{"id":"PpXfvp7Ip0ujkcxcuiqK","title":"Traffic visibility drop alerting","pathname":"/deployment/traffic-engineering-and-validation/traffic-visibility-drop-alerting","siteSpaceId":"sitesp_UtbXl","description":"Details for system health checks related to traffic visibility changes in your environment and how to be alerted on them when visibility drops for IP counts, bandwidth, and packet counts are critical.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR Traffic engineering and validation"}]},{"id":"eRYuh62FuM8VBrTgf8Mf","title":"Network traffic recommendations","pathname":"/deployment/traffic-engineering-and-validation/network-traffic-recommendations","siteSpaceId":"sitesp_UtbXl","description":"Recommended traffic mix, Sensor placement, and encapsulation guidance for NDR.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR Traffic engineering and validation"}]},{"id":"Tjx85qKszuB5cDvscFDl","title":"Link aggregation (LACP)","pathname":"/deployment/traffic-engineering-and-validation/link-aggregation-lacp","siteSpaceId":"sitesp_UtbXl","description":"Configure and troubleshoot link aggregation (LACP) on Vectra appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR Traffic engineering and validation"}]},{"id":"xtZ8kNq4NX4SdhPQvKRW","title":"Asymmetry concerns","pathname":"/deployment/traffic-engineering-and-validation/asymmetry-concerns","siteSpaceId":"sitesp_UtbXl","description":"This Knowledge Base article explores the concern of asymmetry in sensor feeds.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"NDR Traffic engineering and validation"}]},{"id":"R9sN97wo8IdrrK6Mc7JP","title":"Match","pathname":"/deployment/match","siteSpaceId":"sitesp_UtbXl","description":"Start here for Vectra Match deployment, tuning, and troubleshooting.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"0YQW4rvoCMT7wq23yZUq","title":"Deployment","pathname":"/deployment/match/deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploying Vectra Match including requirements, throughput, licensing, ruleset management, UI and API deployment, and outputting Matches to downstream receivers.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"}]},{"id":"eEuwBLO5v9sX2LZ42nsJ","title":"Introduction and requirements","pathname":"/deployment/match/deployment/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Overview of Vectra Match, supported deployments, requirements, permissions, performance notes, and unsupported Suricata features.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"},{"label":"Deployment"}]},{"id":"cYV7WjuIRbojKrqK9dYy","title":"Licensing","pathname":"/deployment/match/deployment/licensing","siteSpaceId":"sitesp_UtbXl","description":"How Match licensing works, including online renewals and offline activation for QUX.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"},{"label":"Deployment"}]},{"id":"YgODH2pcpKRYXrJyYfx3","title":"Ruleset Management Guidance","pathname":"/deployment/match/deployment/ruleset-management-guidance","siteSpaceId":"sitesp_UtbXl","description":"Ruleset limits, sourcing, tuning workflow, curated ruleset downloads, lifecycle management, and Suricata variable support.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"},{"label":"Deployment"}]},{"id":"WnEvUluRSeGOHqsbufYA","title":"Deployment (UI and general guidance)","pathname":"/deployment/match/deployment/deployment-ui-and-general-guidance","siteSpaceId":"sitesp_UtbXl","description":"End-to-end Match deployment using the UI, including enabling Sensors and assigning rulesets.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"},{"label":"Deployment"}]},{"id":"OncAgxffQZCcSZjrWbeV","title":"API Deployment","pathname":"/deployment/match/deployment/api-deployment","siteSpaceId":"sitesp_UtbXl","description":"Match API overview and deployment examples for RUX (OAuth) and QUX (token), including ruleset upload and assignment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"},{"label":"Deployment"}]},{"id":"CJE2oINAaYEQIo3kr42X","title":"Outputting Matches to downstream receivers","pathname":"/deployment/match/deployment/outputting-matches-to-downstream-receivers","siteSpaceId":"sitesp_UtbXl","description":"Configure Match output via Stream, syslog, Kafka, and Recall.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"},{"label":"Deployment"}]},{"id":"bSB7Qr7cjTudAotV1b3E","title":"FAQ","pathname":"/deployment/match/faq","siteSpaceId":"sitesp_UtbXl","description":"This is a general Frequently Asked Questions (FAQ) article for Vectra Match.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"}]},{"id":"at1MCuQ73s9lPc4Yo4HA","title":"Troubleshooting","pathname":"/deployment/match/troubleshooting","siteSpaceId":"sitesp_UtbXl","description":"This guide is designed to provide Vectra Match customers with basic troubleshooting capabilities when operating the Vectra Match platform based upon use cases.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"}]},{"id":"D2kFdqyTrYCn83bVSfF1","title":"Vectra curated ruleset","pathname":"/deployment/match/vectra-curated-ruleset","siteSpaceId":"sitesp_UtbXl","description":"Vectra provides a curated version of the ET Pro ruleset. This article provides guidance regarding its contents and use.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"}]},{"id":"jGpcZKXzCv3HBMRsGmIJ","title":"Managing rulesets","pathname":"/deployment/match/managing-rulesets","siteSpaceId":"sitesp_UtbXl","description":"This article describes the features available for managing Vectra Match Rulesets in the Vectra UI.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"}]},{"id":"VjY1AP9zSU3xtsQyGBB2","title":"Performance and rulset optimization","pathname":"/deployment/match/performance-and-rulset-optimization","siteSpaceId":"sitesp_UtbXl","description":"How Suricata/Match performance is measured, what drives throughput, and practical ruleset tuning tips (noise reduction, profiling, bypass rules, and resizing guidance).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"}]},{"id":"sHEZ1VksNpnQFXPS2vge","title":"Suricata configuration","pathname":"/deployment/match/suricata-configuration","siteSpaceId":"sitesp_UtbXl","description":"This article provides a sample suricata.yaml file that is the configuration file used by Vectra Sensors that run Vectra Match.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Match"}]},{"id":"anlHxv724VdksVpgUwNz","title":"Stream","pathname":"/deployment/stream","siteSpaceId":"sitesp_UtbXl","description":"Deploy and configure Vectra Stream to forward security-enriched network metadata to your data lake or SIEM.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"YMveCuWsYVCKdinyGPlr","title":"Introduction and requirements","pathname":"/deployment/stream/introduction-and-requirements","siteSpaceId":"sitesp_UtbXl","description":"Introduction to Stream deployment, licensing steps, and connectivity requirements.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"}]},{"id":"TUUUEOvuq2t8pqtjt7uG","title":"Stream sizing","pathname":"/deployment/stream/stream-sizing","siteSpaceId":"sitesp_UtbXl","description":"Sizing guidelines for Stream VMs and M-Series appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"}]},{"id":"LPBQrWzvUPqmzM1oea1y","title":"Preparing to deploy Stream","pathname":"/deployment/stream/preparing-to-deploy-stream","siteSpaceId":"sitesp_UtbXl","description":"Download Stream images and collect deployment inputs, including Brain details and Sensor Registration Tokens (SRTs).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"}]},{"id":"53VzjVc3VjsrqaIx69nw","title":"Deployment","pathname":"/deployment/stream/deployment","siteSpaceId":"sitesp_UtbXl","description":"Platform-specific Stream deployment guides as part of overall Stream deployment and configuration process.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"}]},{"id":"zER5qPmIX72yTJLh19Wa","title":"VMware Stream deployment","pathname":"/deployment/stream/deployment/vmware-stream-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploy Stream on VMware using an OVA via vCenter/vSphere or via the Brain CLI provisioning command.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Deployment"}]},{"id":"Fo6xtz7GhzQ3AcL1BUQ3","title":"Hyper-V Stream deployment","pathname":"/deployment/stream/deployment/hyper-v-stream-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploy Stream on Hyper-V using the provided VHD and PowerShell deployment script.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Deployment"}]},{"id":"WNxmnzIV3e5PTlpxWpOw","title":"KVM Stream deployment","pathname":"/deployment/stream/deployment/kvm-stream-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploy Stream on KVM using the image tarball and `vectra-stream.sh`, with basic `virsh` troubleshooting tips.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Deployment"}]},{"id":"yeaFCg7Fa0HOoyfaEB1x","title":"AWS Stream deployment","pathname":"/deployment/stream/deployment/aws-stream-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploying Stream in AWS environments using and image from the AWS Marketplace.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Deployment"}]},{"id":"QT3w615nyV5MxKOGsb2Y","title":"Azure Stream deployment","pathname":"/deployment/stream/deployment/azure-stream-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploying Stream in Azure using a image from the Azure Marketplace.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Deployment"}]},{"id":"1paMbavjVHzprdg7CQ6D","title":"GCP Stream deployment","pathname":"/deployment/stream/deployment/gcp-stream-deployment","siteSpaceId":"sitesp_UtbXl","description":"Deploy Stream in GCP using `gcloud infra-manager` with aVectra-provided template and image shared to you from Vectra.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Deployment"}]},{"id":"lbOlDP2KCOvcdG7uXuvu","title":"M-Series Stream deployment","pathname":"/deployment/stream/deployment/m-series-stream-deployment","siteSpaceId":"sitesp_UtbXl","description":"Quick-start steps to deploy Stream on a physical M-Series appliance, then pair and enable publishing.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Deployment"}]},{"id":"wu9Zlc0KJ0WJCxV3t7DK","title":"Initial CLI configuration","pathname":"/deployment/stream/initial-cli-configuration","siteSpaceId":"sitesp_UtbXl","description":"Connect to the Stream CLI and configure static IP, gateway, DNS, and password changes if not using DHCP or changes are needed after initial deployment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"}]},{"id":"W95abYOqGB8HzWouFJJM","title":"Pairing Stream appliances","pathname":"/deployment/stream/pairing-stream-appliances","siteSpaceId":"sitesp_UtbXl","description":"How to pair Stream appliances with your Vectra Brain appliance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"}]},{"id":"nJwnOplOXqLcK9r4Lnku","title":"Metadata filtering and publishing","pathname":"/deployment/stream/metadata-filtering-and-publishing","siteSpaceId":"sitesp_UtbXl","description":"How to configure options for metadata filtering and the destination publisher of your choice.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"}]},{"id":"6jDH7bv4imFpP3Taj3Mx","title":"Publisher specific guidance","pathname":"/deployment/stream/publisher-specific-guidance","siteSpaceId":"sitesp_UtbXl","description":"Instructions for specific publishers that you are using to receive Stream data.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"}]},{"id":"HmPzZaTCo7hbGqNGX4dq","title":"Elastic, Syslog, and Kafka","pathname":"/deployment/stream/publisher-specific-guidance/elastic-syslog-and-kafka","siteSpaceId":"sitesp_UtbXl","description":"Details for Elastic, Syslog, and Kafka Stream publishers.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Publisher specific guidance"}]},{"id":"YR9X73nY48vSrNdR5urA","title":"ELK integration","pathname":"/deployment/stream/publisher-specific-guidance/elk-integration","siteSpaceId":"sitesp_UtbXl","description":"This article outlines the custom content developed by Vectra for ELK (Elastic, Logstash and Kibana) when using Vectra Stream. This content can be integrated with your ELK deployment.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Publisher specific guidance"}]},{"id":"X76R6Onr8CgisBWuPaON","title":"Splunk integration","pathname":"/deployment/stream/publisher-specific-guidance/splunk-integration","siteSpaceId":"sitesp_UtbXl","description":"This article is meant to be used by customers who will be integrating Vectra Steam metadata into their Splunk installation.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Stream"},{"label":"Publisher specific guidance"}]},{"id":"ySoIu2U3RRPIdqaOYoEr","title":"Recall (QUX only)","pathname":"/deployment/recall-qux-only","siteSpaceId":"sitesp_UtbXl","description":"Start here for Recall setup and access in Quadrant UX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"ByApgdj2Ia3NatzBIrLS","title":"Getting started with Recall","pathname":"/deployment/recall-qux-only/getting-started-with-recall","siteSpaceId":"sitesp_UtbXl","description":"Prerequisites and first steps to start using Recall in Quadrant UX.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Recall (QUX only)"}]},{"id":"pRuPGyJhadRAi7bL8FTo","title":"Enabling forwarding to Recall","pathname":"/deployment/recall-qux-only/enabling-forwarding-to-recall","siteSpaceId":"sitesp_UtbXl","description":"Configure Stream to forward supported metadata to Recall.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Recall (QUX only)"}]},{"id":"MiASBHJAOUcTQ4YTULUU","title":"Recall indices & content for Stream in Elk v7","pathname":"/deployment/recall-qux-only/recall-indices-and-content-for-stream-in-elk-v7","siteSpaceId":"sitesp_UtbXl","description":"Index patterns and packaged content for using Recall with ELK v7.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Recall (QUX only)"}]},{"id":"ruIzksoyLOolfIxMWSXx","title":"SSO access to Recall","pathname":"/deployment/recall-qux-only/sso-access-to-recall","siteSpaceId":"sitesp_UtbXl","description":"Set up SSO for Recall access and troubleshoot common login issues.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Recall (QUX only)"}]},{"id":"I1IY2nRNtjCilGI6zau6","title":"Appliance operations","pathname":"/deployment/appliance-operations","siteSpaceId":"sitesp_UtbXl","description":"Common operational tasks for Vectra appliances, from access to health checks.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"E6AMOUTbuaTjNhR9VWFc","title":"Configuring IP settings for appliances","pathname":"/deployment/appliance-operations/configuring-ip-settings-for-appliances","siteSpaceId":"sitesp_UtbXl","description":"This article provides instructions for how to configure the IP address of a Vectra appliance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"tAipobsSHrkQPmOJkaNi","title":"Pairing appliances","pathname":"/deployment/appliance-operations/pairing-appliances","siteSpaceId":"sitesp_UtbXl","description":"Overview of Sensor/Stream pairing, pairing and registration settings, configuring the Brain location and Sensor Registration Token (SRT), and pairing guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"MeaXhDsyYLbXE6L1gCqd","title":"Unpairing Sensor from Brain","pathname":"/deployment/appliance-operations/unpairing-sensor-from-brain","siteSpaceId":"sitesp_UtbXl","description":"Safely unpair a Sensor from a Brain and clean up pairing state.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"IHuNnhbvr1hag2Vo5jG8","title":"SSH login process for CLI","pathname":"/deployment/appliance-operations/ssh-login-process-for-cli","siteSpaceId":"sitesp_UtbXl","description":"This article discusses how users can access the Vectra Support Command Line Interface (vscli) on Vectra appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"4PVJDzXvktql6E0Xvmc9","title":"Console access on appliances","pathname":"/deployment/appliance-operations/console-access-on-appliances","siteSpaceId":"sitesp_UtbXl","description":"This article describes methods of accessing the console on Vectra appliances so that you can login as the "vectra" user to perform commands using the CLI.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"wYnMx0DPY1xMY9QDA3tS","title":"Changing Sensor CLI password","pathname":"/deployment/appliance-operations/changing-sensor-cli-password","siteSpaceId":"sitesp_UtbXl","description":"This article provides steps to change the password of a Vectra Sensor CLI password.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"R2YlarF29wYy9QvZKt9v","title":"IPMI / iDRAC configuration","pathname":"/deployment/appliance-operations/ipmi-idrac-configuration","siteSpaceId":"sitesp_UtbXl","description":"Configure out-of-band management (IPMI/iDRAC) for Vectra appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"tj2meHLl64QtNVYsgXOv","title":"Monitoring appliance health","pathname":"/deployment/appliance-operations/monitoring-appliance-health","siteSpaceId":"sitesp_UtbXl","description":"This article describes ways how you could perform routine monitoring the health of you physical and virtual Vectra appliances for both Brain and Sensors.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"xF4n4b0gQLps4VnrqrpD","title":"Monitoring Vectra with Zabbix","pathname":"/deployment/appliance-operations/monitoring-vectra-with-zabbix","siteSpaceId":"sitesp_UtbXl","description":"Monitor Brain and Sensor health with Zabbix checks and dashboards.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"pj3ZtjoaBtIbaAX4vw1y","title":"Resizing virtual appliances","pathname":"/deployment/appliance-operations/resizing-virtual-appliances","siteSpaceId":"sitesp_UtbXl","description":"Change CPU/RAM/disk resources for virtual Brains, Sensors, and Stream appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"6QmzXYG29EtabhtxC7qZ","title":"Shutting down appliances gracefully","pathname":"/deployment/appliance-operations/shutting-down-appliances-gracefully","siteSpaceId":"sitesp_UtbXl","description":"Shutdown and reboot procedures that protect data and prevent corruption.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"YikppDbJ8uQq6Exg8vC0","title":"Understanding the v2.5 health API","pathname":"/deployment/appliance-operations/understanding-the-v25-health-api","siteSpaceId":"sitesp_UtbXl","description":"Health API endpoints and fields for monitoring Quadrant UX appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"KfD4VbnZ63FyKrRwkmXL","title":"FIPS mode enabling and disabling","pathname":"/deployment/appliance-operations/fips-mode-enabling-and-disabling","siteSpaceId":"sitesp_UtbXl","description":"What FIPS mode for Vectra appliances does and how to enable and disable it.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Appliance operations"}]},{"id":"nmSHRwDfe6TowKimCRvK","title":"Deprecated / Retired","pathname":"/deployment/deprecated-retired","siteSpaceId":"sitesp_UtbXl","description":"Retired products and legacy deployment guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"}]},{"id":"j7QrPeXUVd04b9puUsl6","title":"NDR for Cloud (Gigamon)","pathname":"/deployment/deprecated-retired/ndr-for-cloud-gigamon","siteSpaceId":"sitesp_UtbXl","description":"Legacy NDR for Cloud (Gigamon) deployment docs and reference material.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Deprecated / Retired"}]},{"id":"Es5f7bGjUSnIpyJSIMoZ","title":"AWS","pathname":"/deployment/deprecated-retired/ndr-for-cloud-gigamon/aws","siteSpaceId":"sitesp_UtbXl","description":"Legacy NDR for Cloud (Gigamon) guidance for AWS.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Deprecated / Retired"},{"label":"NDR for Cloud (Gigamon)"}]},{"id":"5OqSkvx543nH9NCQhwWh","title":"Azure","pathname":"/deployment/deprecated-retired/ndr-for-cloud-gigamon/azure","siteSpaceId":"sitesp_UtbXl","description":"Legacy NDR for Cloud (Gigamon) guidance for Azure.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Deprecated / Retired"},{"label":"NDR for Cloud (Gigamon)"}]},{"id":"AvwMeF2prQPDVJmIUUeK","title":"Reference architectures","pathname":"/deployment/deprecated-retired/ndr-for-cloud-gigamon/reference-architectures","siteSpaceId":"sitesp_UtbXl","description":"Legacy reference architectures for NDR for Cloud (Gigamon).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Deprecated / Retired"},{"label":"NDR for Cloud (Gigamon)"}]},{"id":"63fd92cddcc95649f7d08004578452a19576fd7e","title":"NDR for Cloud end of sales and support","pathname":"/deployment/deprecated-retired/ndr-for-cloud-gigamon/ndr-for-cloud-end-of-sales-and-support","siteSpaceId":"sitesp_UtbXl","description":"End-of-sales and end-of-support timeline for NDR for Cloud (Gigamon), including renewal limits and recommended migration options.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Deployment"},{"label":"Deprecated / Retired"},{"label":"NDR for Cloud (Gigamon)"}]},{"id":"OUBJJ2HmQLwVMdemSjoH","title":"Navigation updates (RUX)","pathname":"/configuration/navigation-updates-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"}]},{"id":"Wv59pMK25JxwcyONF9ST","title":"ACCESS","pathname":"/configuration/access","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"}]},{"id":"kmVFecwVF4pWmDIOxKYz","title":"API (RUX)","pathname":"/configuration/access/api-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"}]},{"id":"QToQNHuDdarAeb951cqO","title":"RUX API Postman quick start guide","pathname":"/configuration/access/api-rux/rux-api-postman-quick-start-guide","siteSpaceId":"sitesp_UtbXl","description":"Use the Vectra Platform public Postman collection to get up and running quickly with the new Vectra AI Platform API.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (RUX)"}]},{"id":"POnlGW1p9R4kFSRlZtSv","title":"v3.4 API guide (RUX)","pathname":"/configuration/access/api-rux/v34-api-guide-rux","siteSpaceId":"sitesp_UtbXl","description":"Vectra Platform API Guide v3.4 (August 2025) for RUX deployments","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (RUX)"}]},{"id":"ryHvWFQ1zyZLzw5vMjDM","title":"v3.3 API guide (RUX)","pathname":"/configuration/access/api-rux/v33-api-guide-rux","siteSpaceId":"sitesp_UtbXl","description":"Vectra Platform API Guide v3.3 (Sep 2024) for Respond UX deployments","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (RUX)"}]},{"id":"nv0RjIJr8NnVjoi0hQgf","title":"v3.2 API guide (RUX)","pathname":"/configuration/access/api-rux/v32-api-guide-rux","siteSpaceId":"sitesp_UtbXl","description":"Vectra SaaS API Guide v3.2 (Jan 2024)","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (RUX)"}]},{"id":"4Yt6vpZopKuxQ4QqcdCx","title":"v3.1 API guide (RUX)","pathname":"/configuration/access/api-rux/v31-api-guide-rux","siteSpaceId":"sitesp_UtbXl","description":"Vectra SaaS API Guide v3.1 (Jan 2024)","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (RUX)"}]},{"id":"llYgQHDtcsyqahaxqfk2","title":"v3.0 API guide (RUX)","pathname":"/configuration/access/api-rux/v30-api-guide-rux","siteSpaceId":"sitesp_UtbXl","description":"Vectra SaaS API Guide v3.0 (Jan 2024)","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (RUX)"}]},{"id":"eaFjeh1ff9zLetjAVtQE","title":"API (QUX)","pathname":"/configuration/access/api-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"}]},{"id":"VED4VATBMzbb9FZNSvYi","title":"v2.5 Postman quick start guide using OAuth2","pathname":"/configuration/access/api-qux/v25-postman-quick-start-guide-using-oauth2","siteSpaceId":"sitesp_UtbXl","description":"This article shows how to quickly get started using the QUX v2.5 API using OAuth2 for authentication and the Postman API testing tool.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (QUX)"}]},{"id":"IfkwNx8nYgKAIUHMNB32","title":"v2.5 Postman quick start guide using token auth","pathname":"/configuration/access/api-qux/v25-postman-quick-start-guide-using-token-auth","siteSpaceId":"sitesp_UtbXl","description":"This article shows how to quickly get started using the QUX v2.5 API using token authentication and the Postman API testing tool.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (QUX)"}]},{"id":"QbcHEatoHdfTVFG0dqOH","title":"v2.5 API guide (QUX)","pathname":"/configuration/access/api-qux/v25-api-guide-qux","siteSpaceId":"sitesp_UtbXl","description":"This guide is for v2.5 of the Vectra REST API for QUX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (QUX)"}]},{"id":"jUDKYgebdsIE6fOARGWx","title":"v2.4 API guide (QUX)","pathname":"/configuration/access/api-qux/v24-api-guide-qux","siteSpaceId":"sitesp_UtbXl","description":"This guide is for v2.4 of the Vectra REST API. For Vectra AI Platform (RUX) users, please see the v3.x REST API Guide.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (QUX)"}]},{"id":"Y6zuv1DB2V9uvk1NB77z","title":"v2.2 API guide (QUX)","pathname":"/configuration/access/api-qux/v22-api-guide-qux","siteSpaceId":"sitesp_UtbXl","description":"This guide is for the v2.2 of the Vectra REST API. For Vectra AI Platform (RUX) users, please see the v3.x REST API Guide.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"API (QUX)"}]},{"id":"iuvcMG8hVvgYy7XnyYOR","title":"CLI (Vectra appliances)","pathname":"/configuration/access/cli-vectra-appliances","siteSpaceId":"sitesp_UtbXl","description":"This article explores the commands available in the Command Line Interface (CLI) of Vectra appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"}]},{"id":"aLP6BcF1qf99ZvmAlail","title":"External Authentication (QUX)","pathname":"/configuration/access/external-authentication-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"}]},{"id":"4lLZTd6BGn9sledb0Zst","title":"RADIUS (QUX)","pathname":"/configuration/access/external-authentication-qux/radius-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"External Authentication (QUX)"}]},{"id":"QgglQnyPErJ6KG92gx5L","title":"LDAP (QUX)","pathname":"/configuration/access/external-authentication-qux/ldap-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"External Authentication (QUX)"}]},{"id":"RyqHYxHKzfGzPQjTpKvG","title":"TACACS+ (QUX)","pathname":"/configuration/access/external-authentication-qux/tacacs-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"External Authentication (QUX)"}]},{"id":"vOnPuNCooChjvSlNXupZ","title":"SAML SSO (RUX)","pathname":"/configuration/access/saml-sso-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"}]},{"id":"aLQSKkFflOffFbPxpt58","title":"Any IdP SAML (RUX)","pathname":"/configuration/access/saml-sso-rux/any-idp-saml-rux","siteSpaceId":"sitesp_UtbXl","description":"Enabling RUX (Respond UX) SAML SSO with any SAML 2.0 compliant Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (RUX)"}]},{"id":"RvYIzMeamy4BsXPRQqzO","title":"ADFS SAML (RUX)","pathname":"/configuration/access/saml-sso-rux/adfs-saml-rux","siteSpaceId":"sitesp_UtbXl","description":"Enabling RUX (Respond UX) SAML SSO with ADFS as the Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (RUX)"}]},{"id":"sbZShaw5YgaXXsIo1xHR","title":"Entra ID (Azure AD) SAML (RUX)","pathname":"/configuration/access/saml-sso-rux/entra-id-azure-ad-saml-rux","siteSpaceId":"sitesp_UtbXl","description":"Enabling RUX (Respond UX) SAML SSO with Entra ID (Azure AD) as the Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (RUX)"}]},{"id":"Dmol1BrjyroLSWCzDgzv","title":"Keycloak SAML (RUX)","pathname":"/configuration/access/saml-sso-rux/keycloak-saml-rux","siteSpaceId":"sitesp_UtbXl","description":"Enabling RUX (Respond UX) SAML SSO with Keycloak as the Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (RUX)"}]},{"id":"OfbAVv17vKs5Ik64ufc6","title":"Okta SAML (RUX)","pathname":"/configuration/access/saml-sso-rux/okta-saml-rux","siteSpaceId":"sitesp_UtbXl","description":"Enabling RUX (Respond UX) SAML SSO with Okta as the Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (RUX)"}]},{"id":"B1PYYLwlezFdHgoacHiZ","title":"SAML SSO (QUX)","pathname":"/configuration/access/saml-sso-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"}]},{"id":"2Zwwym1VrXFSjrlW0D37","title":"Any IdP SAML (QUX)","pathname":"/configuration/access/saml-sso-qux/any-idp-saml-qux","siteSpaceId":"sitesp_UtbXl","description":"Enabling QUX (Quadrant UX) SAML SSO with any SAML 2.0 compliant Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (QUX)"}]},{"id":"YGKZyoS8hRhsVa1IyvwL","title":"ADFS SAML (QUX)","pathname":"/configuration/access/saml-sso-qux/adfs-saml-qux","siteSpaceId":"sitesp_UtbXl","description":"Enabling QUX (Quadrant UX) SAML SSO with ADFS as the Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (QUX)"}]},{"id":"MLTr9PuIt6PKVFEEUpxf","title":"Entra ID (Azure AD) SAML (QUX)","pathname":"/configuration/access/saml-sso-qux/entra-id-azure-ad-saml-qux","siteSpaceId":"sitesp_UtbXl","description":"Enabling QUX (Quadrant UX) SAML SSO with Entra ID (Azure AD) as the Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (QUX)"}]},{"id":"B0I6iJWSmWcnL36Ysmmf","title":"Okta SAML (QUX)","pathname":"/configuration/access/saml-sso-qux/okta-saml-qux","siteSpaceId":"sitesp_UtbXl","description":"Enabling QUX (Quadrant UX) SAML SSO with Okta as the Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (QUX)"}]},{"id":"wBLtNOLTjIldqZx7e5u4","title":"Ping Identity SAML (QUX)","pathname":"/configuration/access/saml-sso-qux/ping-identity-saml-qux","siteSpaceId":"sitesp_UtbXl","description":"Enabling QUX (Quadrant UX) SAML SSO with Ping Identity as the Identity Provider (IdP).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"SAML SSO (QUX)"}]},{"id":"g3nKv5VEJBk4eFX2TXpa","title":"Vectra remote support","pathname":"/configuration/access/vectra-remote-support","siteSpaceId":"sitesp_UtbXl","description":"Configure and verify Vectra Remote Support (VPN, UI access, and CLI access) for RUX and QUX deployments, including connectivity requirements, proxy considerations, and troubleshooting.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"}]},{"id":"4CgqSIJVmBc0VoU9JKhE","title":"QUX deployments prior to v9.9","pathname":"/configuration/access/vectra-remote-support/qux-deployments-prior-to-v98","siteSpaceId":"sitesp_UtbXl","description":"Remote support allows authorized Vectra personnel to connect to your Vectra (Brain). This article details how you can enable, disable, and verify the status of remote support.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"ACCESS"},{"label":"Vectra remote support"}]},{"id":"XF2ucj710DrW9rh1OlZt","title":"COVERAGE","pathname":"/configuration/coverage","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"}]},{"id":"nJX4mrET1aYrxpB7dpQI","title":"Brain Setup","pathname":"/configuration/coverage/brain-setup","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"}]},{"id":"3V04yE6gIUEzZuOpfMpJ","title":"IP address classfication","pathname":"/configuration/coverage/brain-setup/ip-address-classfication","siteSpaceId":"sitesp_UtbXl","description":"This article addresses the queries related to IP-Address-Classification setting available in Vectra Quadrant and Respond UX.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Brain Setup"}]},{"id":"MNI0nHyaM9Ea1OM4v61I","title":"Network Identities (WELI)","pathname":"/configuration/coverage/network-identities-weli","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"}]},{"id":"jL6rrwhtzL5tS4CIBvD6","title":"Windows Event Log Ingestion (WELI)","pathname":"/configuration/coverage/network-identities-weli/windows-event-log-ingestion-weli","siteSpaceId":"sitesp_UtbXl","description":"Configure Windows Event Log Ingestion (WELI) to send Kerberos security events to Vectra for analysis. It enables PAA detections, HostID enrichment, and provides metadata for investigation.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Network Identities (WELI)"}]},{"id":"HqKCSYHQnuLIsLehK9r6","title":"WELI via NXLog","pathname":"/configuration/coverage/network-identities-weli/weli-via-nxlog","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Network Identities (WELI)"}]},{"id":"PcMiF8mk12foFI0bP2Ph","title":"WELI Splunk (Raw TCP / XML) configuration","pathname":"/configuration/coverage/network-identities-weli/weli-splunk-raw-tcp-xml-configuration","siteSpaceId":"sitesp_UtbXl","description":"Windows Event Log Ingestion - Collecting Security Events with Splunk Universal Forwarders and sending data to Vectra in Raw TCP / XML format.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Network Identities (WELI)"}]},{"id":"vxcBF4hs9Elt69odh0O8","title":"WELI Splunk (syslog / legacy) configuration","pathname":"/configuration/coverage/network-identities-weli/weli-splunk-syslog-legacy-configuration","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Network Identities (WELI)"}]},{"id":"HosoP5EkRAZEPIaNt0xx","title":"Remote Users","pathname":"/configuration/coverage/remote-users","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"}]},{"id":"WIr0eRrka31HgFQ2NsRn","title":"Remote users (SASE / SSE)","pathname":"/configuration/coverage/remote-users/remote-users-sase-sse","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Remote Users"}]},{"id":"zPwM36hJDZC8nh1baaJ7","title":"Netskope Cloud TAP","pathname":"/configuration/coverage/remote-users/netskope-cloud-tap","siteSpaceId":"sitesp_UtbXl","description":"Configure Netskope Cloud TAP with Vectra NDR, including vSensor setup, SASE IP remapping, and Stitcher deployment guidance for AWS/Azure.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Remote Users"}]},{"id":"zDfyCFNpz4jghXdjW618","title":"Zscaler ZIA","pathname":"/configuration/coverage/remote-users/zscaler-zia","siteSpaceId":"sitesp_UtbXl","description":"This article discusses Vectra's support of Zscaler Internet Access (ZIA) and provides details for use with both PCAP ingestion and on-prem capture.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Remote Users"}]},{"id":"DxtDWI6Kkuv44UtOWM08","title":"Zscaler ZPA","pathname":"/configuration/coverage/remote-users/zscaler-zpa","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Remote Users"}]},{"id":"mSjqNPXzcTatJJTkkHOQ","title":"Zscaler ZPA log ingestion via QRadar","pathname":"/configuration/coverage/remote-users/zscaler-zpa-log-ingestion-via-qradar","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Remote Users"}]},{"id":"8oNAMe6stu0z1iP0x641","title":"Optimizing Vectra for use with VPN clients","pathname":"/configuration/coverage/remote-users/optimizing-vectra-for-use-with-vpn-clients","siteSpaceId":"sitesp_UtbXl","description":"How to optimize Vectra observability for VPN clients by using Sensor placement, SASE/SSE integration, EDR integration, Windows Event Log Ingestion, and rDNS.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Remote Users"}]},{"id":"WmOO6KhwZomPHZ6pvm0L","title":"Threat Feeds","pathname":"/configuration/coverage/threat-feeds","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"}]},{"id":"SY6pSn9PkVVuwt3zpOwQ","title":"External threat intel integration","pathname":"/configuration/coverage/threat-feeds/external-threat-intel-integration","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Threat Feeds"}]},{"id":"IPMjhcohfYa1WcSbQLsI","title":"Vectra threat intelligence","pathname":"/configuration/coverage/threat-feeds/vectra-threat-intelligence","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"},{"label":"Threat Feeds"}]},{"id":"rvyC7nxMeL3XAORXBQ5s","title":"Encapsulation Endpoints (GRE, ERSPAN, GENEVE, VXLAN)","pathname":"/configuration/coverage/encapsulation-endpoints-gre-erspan-geneve-vxlan","siteSpaceId":"sitesp_UtbXl","description":"Configure Sensor capture interfaces with an IP address to be used as a destination for tunneled encapsulations such as GRE, ERSPAN, GENEVE, and VXLAN traffic.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"COVERAGE"}]},{"id":"7HUdHW2JtB0rezb0PkBo","title":"RESPONSE","pathname":"/configuration/response","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"}]},{"id":"OPfyUpyiWhlP6CmWNqe6","title":"Lockdown","pathname":"/configuration/response/lockdown","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"}]},{"id":"xE6XRXW7ae9yFBCZJazo","title":"Active Directory Account Lockdown","pathname":"/configuration/response/lockdown/active-directory-account-lockdown","siteSpaceId":"sitesp_UtbXl","description":"Configure and use Active Directory Account Lockdown, including permissions, automatic thresholds, notifications, API usage, and protected account caveats.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Lockdown"}]},{"id":"x3HkVFcMWg7QHSJBTcwU","title":"Active Directory Account Lockdown custom configuration","pathname":"/configuration/response/lockdown/active-directory-account-lockdown-custom-configuration","siteSpaceId":"sitesp_UtbXl","description":"This article details new Account Lockdown custom configuration options that are available in v8.2+ of Vectra software.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Lockdown"}]},{"id":"Pzf15jZc9FuHpc3pb6QK","title":"Entra ID (Azure AD) Account Lockdown (RUX)","pathname":"/configuration/response/lockdown/entra-id-azure-ad-account-lockdown-rux","siteSpaceId":"sitesp_UtbXl","description":"This article describes the Azure Active Directory (AAD) Account Lockdown feature in a Frequently Asked Questions (FAQ) style. This feature is only available in the Vectra Respond UX.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Lockdown"}]},{"id":"nNaKXHZO9xYLOCfMMKCj","title":"Host Lockdown (EDR)","pathname":"/configuration/response/lockdown/host-lockdown-edr","siteSpaceId":"sitesp_UtbXl","description":"Frequently asked questions about Host Lockdown which uses an integrated EDR to isolate a host as a response action.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Lockdown"}]},{"id":"m9EtKThi5he7IX7XzZH8","title":"Traffic Lockdown","pathname":"/configuration/response/lockdown/traffic-lockdown","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Lockdown"}]},{"id":"1NJBLh5eTwJ2T8lXHDNq","title":"Notifications","pathname":"/configuration/response/notifications","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"}]},{"id":"1EvcrnBtxVlCPQHtYmQZ","title":"External app alerts (webhook)","pathname":"/configuration/response/notifications/external-app-alerts-webhook","siteSpaceId":"sitesp_UtbXl","description":"Configure webhook-based alert destinations for Vectra prioritization and system alerts in tools like Microsoft Teams.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Notifications"}]},{"id":"jg86HUw8h3sWiEupF6kB","title":"Syslog guide (QUX)","pathname":"/configuration/response/notifications/syslog-guide-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Notifications"}]},{"id":"LFhudaGSFgC6lwLfSl79","title":"Syslog sending to Kafka","pathname":"/configuration/response/notifications/syslog-sending-to-kafka","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Notifications"}]},{"id":"1CkvNv72WXirhrVvkE1Y","title":"Syslog and Kafka message size limits (QUX)","pathname":"/configuration/response/notifications/syslog-and-kafka-message-size-limits-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Notifications"}]},{"id":"YQvWBBlGeExSQGdrrAAx","title":"System alerts","pathname":"/configuration/response/notifications/system-alerts","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Notifications"}]},{"id":"IN2JfHMPk00k57FDAyVC","title":"SIEM","pathname":"/configuration/response/siem","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"}]},{"id":"F6WlbKAZt2urWYv7OBGM","title":"Microsoft Sentinel SIEM integration (RUX)","pathname":"/configuration/response/siem/azure-sentinel-siem-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"Deploy the Microsoft Sentinel (formerly Azure Sentinel) integration for Vectra Respond UX (package v3.3.0), including ingestion, workbooks, analytics rules, and playbooks.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"UWOM3LZNBUjOAEnEo338","title":"Azure Sentinel Stream integration using AMA","pathname":"/configuration/response/siem/azure-sentinel-stream-integration-using-ama","siteSpaceId":"sitesp_UtbXl","description":"This article provides detailed instructions for deploying and configuring the Vectra Stream app for Azure Sentinel for use with the Microsoft Azure Monitor Agent.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"4NaBq0YrF5zLi72nf2Ts","title":"Azure Sentinel Stream integration using OMS (Deprecated)","pathname":"/configuration/response/siem/azure-sentinel-stream-integration-using-oms","siteSpaceId":"sitesp_UtbXl","description":"Deprecated guide for sending Vectra Stream Raw JSON to Microsoft Sentinel via the OMS (Log Analytics) agent and a Linux collector.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"02aowqy5r1Hm8Q5WBmbY","title":"Crowdstrike Next-Gen SIEM integration (RUX)","pathname":"/configuration/response/siem/crowdstrike-next-gen-siem-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"Ingest Vectra entity scoring events, detection events, and audit events from Vectra Respond UX.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"HuD9vkON3E1o9BqytMJL","title":"Crowdstrike Next-Gen SIEM integration (QUX)","pathname":"/configuration/response/siem/crowdstrike-nextgen-siem-integration-qux","siteSpaceId":"sitesp_UtbXl","description":"Send Vectra Detect (QUX) logs to CrowdStrike NextGen-SIEM via a log collector and HEC, using the provided parser and setup guide.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"GAOnmQSA6i8AZlIadTUF","title":"Google SecOps SIEM integration (QUX)","pathname":"/configuration/response/siem/google-secops-siem-integration-qux","siteSpaceId":"sitesp_UtbXl","description":"Ingest and parse Vectra Detect (QUX) syslog into Google SecOps SIEM for detections, entities, and audit/health/lockdown data.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"HAbLmilMpo1JVf3JFjSl","title":"Google SecOps SIEM integration (RUX)","pathname":"/configuration/response/siem/google-secops-siem-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"Integrate Vectra Respond UX (RUX) with Google SecOps SIEM using the Vectra API, with a deployment guide and configuration template.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"wVb8r7eIPhtvSq87dEND","title":"Google SecOps SIEM Stream integration","pathname":"/configuration/response/siem/google-secops-siem-stream-integration","siteSpaceId":"sitesp_UtbXl","description":"Forward Vectra Stream security-enriched metadata to Google SecOps SIEM via syslog, using the provided implementation guide.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"HTxHTb90I8CEjjNoStYD","title":"Microsoft Sentinel NDR (Detect) integration using AMA","pathname":"/configuration/response/siem/microsoft-sentinel-ndr-detect-integration-using-ama","siteSpaceId":"sitesp_UtbXl","description":"Deploy or migrate Vectra Detect syslog CEF ingestion to Microsoft Sentinel using Azure Monitor Agent (AMA), including Logstash transformation and troubleshooting.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"seT4N7L9kYFgNp3DtTLx","title":"QRadar SIEM integration (RUX)","pathname":"/configuration/response/siem/qradar-siem-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"OGFyF3cGFA04BLx9yIE4","title":"QRadar SIEM integration (QUX)","pathname":"/configuration/response/siem/qradar-siem-integration-qux","siteSpaceId":"sitesp_UtbXl","description":"Install and configure the Vectra Detect app for QRadar (QUX), supporting both Vectra SaaS API polling and Brain syslog ingestion.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"wz1jfDZ83uYpHt5XjjMK","title":"Splunk SIEM / Vectra integration guide (start here for RUX)","pathname":"/configuration/response/siem/splunk-siem-vectra-integration-guide-start-here-for-rux","siteSpaceId":"sitesp_UtbXl","description":"Start here for Splunk integration with Vectra Respond UX, including supported add-ons/apps, install matrix, API client setup, and data inputs.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"XdubMvRBK5zW4Wejochm","title":"Splunk SIEM / Vectra integration guide (start here for QUX)","pathname":"/configuration/response/siem/splunk-siem-vectra-integration-guide-start-here-for-qux","siteSpaceId":"sitesp_UtbXl","description":"This article serves as the starting point for Vectra's various integrations with Splunk. Read this prior to any other articles regarding Splunk integration.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"U5TOyUm5fYT6ok2bxLDf","title":"Splunk - Vectra Detect Add-On and Syslog Configuration (QUX)","pathname":"/configuration/response/siem/splunk-vectra-detect-add-on-and-syslog-configuration-qux","siteSpaceId":"sitesp_UtbXl","description":"Install the Technology Add-on for Vectra Detect (JSON) and configure Detect syslog so Splunk parses events into the correct sourcetypes.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"T8CUsZBIYGverb4hrm9G","title":"Splunk - Vectra Detect Integration Steps (QUX)","pathname":"/configuration/response/siem/splunk-vectra-detect-integration-steps-qux","siteSpaceId":"sitesp_UtbXl","description":"End-to-end steps for integrating Vectra Detect (QUX) with Splunk, including which add-ons to install and how to configure the Detect app macro.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"QzRKPsESuVBRiSzIi2OW","title":"Splunk TA - Changing from CEF to JSON for Vectra Detect (QUX)","pathname":"/configuration/response/siem/splunk-ta-changing-from-cef-to-json-for-vectra-detect-qux","siteSpaceId":"sitesp_UtbXl","description":"Migrate Splunk ingestion for Vectra Detect from legacy CEF syslog to full JSON using the new TA, with install, configuration, and validation steps.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"bLCPl8ACQ5cpD5OfPEDv","title":"Splunk - Vectra SaaS Add-on Configuration (QUX)","pathname":"/configuration/response/siem/splunk-vectra-saas-add-on-configuration-qux","siteSpaceId":"sitesp_UtbXl","description":"Install and configure the Vectra SaaS add-on for Splunk, including API client details, proxy options, and data inputs for scoring and detections.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SIEM"}]},{"id":"GbSO6QJGJAzjzvJ55hTn","title":"SOAR","pathname":"/configuration/response/soar","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"}]},{"id":"iCSHMgdXVHh5aEwPWxn2","title":"Google SecOps SOAR integration (RUX)","pathname":"/configuration/response/soar/google-secops-soar-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SOAR"}]},{"id":"apyzqX7jIJJEmNIeRbcE","title":"Google SecOps SOAR integration (QUX)","pathname":"/configuration/response/soar/google-secops-soar-integration-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SOAR"}]},{"id":"3tL1AhE5e5eCguDO9RVV","title":"Palo Alto XSOAR integration (QUX)","pathname":"/configuration/response/soar/palo-alto-xsoar-integration-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SOAR"}]},{"id":"SMxhcGt6O32PLErb9RbS","title":"Palo Alto XSOAR integration (RUX)","pathname":"/configuration/response/soar/palo-alto-xsoar-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SOAR"}]},{"id":"n675iLgndGylJTJbEHVp","title":"Splunk SOAR integration (RUX)","pathname":"/configuration/response/soar/splunk-soar-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SOAR"}]},{"id":"Y55fM2SejlehYyQKUWbl","title":"Splunk SOAR integration (QUX)","pathname":"/configuration/response/soar/splunk-soar-integration-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SOAR"}]},{"id":"trU9oamuOzXQ5WJSHQUz","title":"ServiceNow SIR SOAR integration (RUX)","pathname":"/configuration/response/soar/servicenow-sir-soar-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SOAR"}]},{"id":"MrpVtuZZeuX1awSrJgi9","title":"ServiceNow SIR SOAR integration (QUX)","pathname":"/configuration/response/soar/servicenow-sir-soar-integration-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"SOAR"}]},{"id":"ch0cPi6sfTQKY4TiekfF","title":"Ticketing / CMDB","pathname":"/configuration/response/ticketing","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"}]},{"id":"SBiV68gdNN01j2MgBF2u","title":"ServiceNow ITSM ticketing integration (RUX)","pathname":"/configuration/response/ticketing/servicenow-itsm-ticketing-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Ticketing / CMDB"}]},{"id":"PCjvJbPmuPdtLEF0mwAC","title":"ServiceNow ITSM ticketing integration (QUX)","pathname":"/configuration/response/ticketing/servicenow-itsm-ticketing-integration-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Ticketing / CMDB"}]},{"id":"2iL6H6CRgoZ6hMAOIjXs","title":"ServiceNow CMDB integration (RUX)","pathname":"/configuration/response/ticketing/servicenow-cmdb-integration-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"RESPONSE"},{"label":"Ticketing / CMDB"}]},{"id":"XSznT3Ya8f0olst345ce","title":"SETUP","pathname":"/configuration/setup","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"}]},{"id":"rlvGwE4a8lMKl47j0ZQN","title":"Account Association","pathname":"/configuration/setup/account-association","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"}]},{"id":"jtsIPBAqndprmpjo4Y5F","title":"EDR Integrations","pathname":"/configuration/setup/edr-integrations","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"}]},{"id":"13tFQLmE8h7zXIeMm6NO","title":"Microsoft Defender for Endpoint","pathname":"/configuration/setup/edr-integrations/microsoft-defender-for-endpoint","siteSpaceId":"sitesp_UtbXl","description":"Microsoft Defender for Endpoint FAQ, formerly Microsoft Defender ATP","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"EDR Integrations"}]},{"id":"UGJuP8rXlw68b139YdaQ","title":"Carbon Black Response","pathname":"/configuration/setup/edr-integrations/carbon-black-response","siteSpaceId":"sitesp_UtbXl","description":"How to configure Carbon Black Response (On-Prem) integration","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"EDR Integrations"}]},{"id":"wN7iP2unpbnm467GZInX","title":"Carbon Black Cloud","pathname":"/configuration/setup/edr-integrations/carbon-black-cloud","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"EDR Integrations"}]},{"id":"0pG09P4ITFqj5xPVoF8J","title":"Trellix (FireEye) Endpoint Security (HX)","pathname":"/configuration/setup/edr-integrations/trellix-fireeye-endpoint-security-hx","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"EDR Integrations"}]},{"id":"tRELd4woCwxfQEbIug9l","title":"SentinelOne","pathname":"/configuration/setup/edr-integrations/sentinelone","siteSpaceId":"sitesp_UtbXl","description":"How to configure integration with SentinelOne EDR to enable Host Lockdown, provide details from SentinelOne in Host details screens, and provide artifacts to feed Vectra's automated HostID technology.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"EDR Integrations"}]},{"id":"0wwMSuB9mPbG7Og93AEy","title":"Cybereason","pathname":"/configuration/setup/edr-integrations/cybereason","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"EDR Integrations"}]},{"id":"mjdslwCrvVh8qMcJc1nZ","title":"Crowdstrike","pathname":"/configuration/setup/edr-integrations/crowdstrike","siteSpaceId":"sitesp_UtbXl","description":"Configuring integration with Crowdstrike EDR to enable EDR process AI stitching, Host Lockdown capability, and add host details from Crowdstrike to host details pages and Vectra's automated HostID.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"EDR Integrations"}]},{"id":"zRsxjDRwt5EGTJFUbmJS","title":"External Connectors","pathname":"/configuration/setup/external-connectors","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"}]},{"id":"cfuto8cRXORrWvkGS8Xl","title":"Active Directory","pathname":"/configuration/setup/external-connectors/active-directory","siteSpaceId":"sitesp_UtbXl","description":"This article provides configuration advice for integration AD with Vectra NDR (formerly known as Vectra Detect for Network). This is supported for both Respond UX and Quadrant UX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"External Connectors"}]},{"id":"ElmzyEKr7m5pTXgm5149","title":"AWS HostID integration","pathname":"/configuration/setup/external-connectors/aws-hostid-integration","siteSpaceId":"sitesp_UtbXl","description":"This article goes over the AWS HostID integration available for Vectra NDR deployments that see traffic from AWS VPCs.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"External Connectors"}]},{"id":"1W8iPWYxAKZ7UHi9mJnl","title":"Azure HostID integration","pathname":"/configuration/setup/external-connectors/azure-hostid-integration","siteSpaceId":"sitesp_UtbXl","description":"This article goes over the Azure HostID integration available for Vectra NDR deployments that see traffic from Azure virtual networks.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"External Connectors"}]},{"id":"KYLMAgjPfBBba8zj5f6C","title":"GCP HostID integration","pathname":"/configuration/setup/external-connectors/gcp-hostid-integration","siteSpaceId":"sitesp_UtbXl","description":"This article goes over the GCP HostID integration available for Vectra NDR deployments that capture traffic from GCP VPCs.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"External Connectors"}]},{"id":"xCG7XkbL5068HjVFnWU1","title":"SIEM (Vectra Brain ingesting logs)","pathname":"/configuration/setup/external-connectors/siem-vectra-brain-ingesting-logs","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"External Connectors"}]},{"id":"Sz3VZbYgR6beLYaD0iWu","title":"vCenter integration (VMware)","pathname":"/configuration/setup/external-connectors/vcenter-integration-vmware","siteSpaceId":"sitesp_UtbXl","description":"Configure the Vectra Brain to query the VMware vCenter API (read-only) for infrastructure visibility and vSensor planning.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"},{"label":"External Connectors"}]},{"id":"aLwfeOG6nPfcFsNWSLKN","title":"Proxies","pathname":"/configuration/setup/proxies","siteSpaceId":"sitesp_UtbXl","description":"This article is designed to assist in understanding how Vectra appliances interact with proxy systems.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"SETUP"}]},{"id":"NtwuMhomI2u86nQMYcpX","title":"TUNING","pathname":"/configuration/tuning","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"}]},{"id":"Ghc5eZA8vzOVxAZ3gDlU","title":"Triage best practices","pathname":"/configuration/tuning/triage-best-practices","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"TUNING"}]},{"id":"KIgDpvz2kB1ZNpVCrzhA","title":"Active Directory (AD) groups","pathname":"/configuration/tuning/active-directory-ad-groups","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"TUNING"}]},{"id":"xIeHO9KLNQtEW0U80zfI","title":"Dynamic groups","pathname":"/configuration/tuning/dynamic-groups","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"TUNING"}]},{"id":"bpe1t5iys7XwO11rXEBG","title":"Creating triage filters via API","pathname":"/configuration/tuning/creating-triage-filters-via-api","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"TUNING"}]},{"id":"gfFoCblJCzD0OzwEqr4C","title":"Noise elimination for Tanium and other mesh scanners","pathname":"/configuration/tuning/noise-elimination-for-tanium-and-other-mesh-scanners","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"TUNING"}]},{"id":"RPLBoVJOmfw3y7btIFMf","title":"QUX specific","pathname":"/configuration/qux-specific","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"}]},{"id":"0Hc0VWuZUlpJoQonGUsa","title":"SSL certificate installation","pathname":"/configuration/qux-specific/ssl-certificate-installation","siteSpaceId":"sitesp_UtbXl","description":"This article discusses SSL certificate options for Quadrant UX deployments. For RUX deployments, the cert used to support the GUI is fully managed by Vectra only.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"QUX specific"}]},{"id":"dxEZlRCHGRubIq7antpq","title":"Digest emails","pathname":"/configuration/qux-specific/digest-emails","siteSpaceId":"sitesp_UtbXl","description":"Digest Emails provide a feature to send a summary of detections count per category in for last 24 hours","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"QUX specific"}]},{"id":"BUDeU3i2Flam67xvCZKq","title":"Login caption","pathname":"/configuration/qux-specific/login-caption","siteSpaceId":"sitesp_UtbXl","description":"This article covers the steps to create a login caption on Vectra Quadrant UX.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"QUX specific"}]},{"id":"br9l9N5bbrnvikz7egdZ","title":"SMTP configuration (QUX)","pathname":"/configuration/qux-specific/smtp-configuration-qux","siteSpaceId":"sitesp_UtbXl","description":"Vectra Brain appliances that serve the Quadrant UX can be configured to support SMTP for sending email alert notifications. This article describes how to configure the required SMTP settings.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Configuration"},{"label":"QUX specific"}]},{"id":"eBqtz4TifLzUf1sIkrrR","title":"Analyst Guidance","pathname":"/operations/analyst-guidance","siteSpaceId":"sitesp_UtbXl","description":"Analyst workflow guidance and quick links for investigations, testing, and reporting.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"}]},{"id":"sITyqQV98q2As9ygj278","title":"New close workflow","pathname":"/operations/analyst-guidance/new-close-workflow","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"rWZfKnCNQuU1v3a0ghp2","title":"Assignnment workflow FAQ (prior to New close workflow)","pathname":"/operations/analyst-guidance/assignnment-workflow-faq-prior-to-new-close-workflow","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"QouznRrJ8PxdufKoibWX","title":"Understanding Vectra AI detections","pathname":"/operations/analyst-guidance/understanding-vectra-ai-detections","siteSpaceId":"sitesp_UtbXl","description":"Description of Vectra's detection models.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"cpRnIpDdL8diCIIsAMPK","title":"Monitoring honeypot (honeytoken) identities","pathname":"/operations/analyst-guidance/monitoring-honeypot-honeytoken-identities","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"vbJftmat95XjhEFY0Z0p","title":"Triggering detections for testing purposes","pathname":"/operations/analyst-guidance/triggering-detections-for-testing-purposes","siteSpaceId":"sitesp_UtbXl","description":"This article shows some ways to trigger a Cyptocurrency Mining (like Bitcoin mining for example) or Brute-Force Detection to quickly see if your system is working properly.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"IJcKk8cBCGpnhPVbJIrJ","title":"TCP reset does not stop modern attacks","pathname":"/operations/analyst-guidance/tcp-reset-does-not-stop-modern-attacks","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"KEHfCguEidvp363333AB","title":"CDR (Detect) for AWS detection test guide","pathname":"/operations/analyst-guidance/cdr-detect-for-aws-detection-test-guide","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"MuoHfrkBpTqwvNI8UL7A","title":"Recall best practices guide","pathname":"/operations/analyst-guidance/recall-best-practices-guide","siteSpaceId":"sitesp_UtbXl","description":"A guide to understand best practices & recommendations to get the most out of Recall in a fast and efficient way.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"eUJKXR0YAAHEZCM9SoAu","title":"Investigate Quick Start Guide (prior to SQL search)","pathname":"/operations/analyst-guidance/investigate-quick-start-guide-prior-to-sql-search","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"zaj23hAG8TgHWIcLb5uI","title":"Advanced search reference guide (QUX)","pathname":"/operations/analyst-guidance/advanced-search-reference-guide-qux","siteSpaceId":"sitesp_UtbXl","description":"This article provides guidance for using the Advanced Search feature that is part of Quadrant UX deployments.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"ERoGpRqGlFfHkIpFl6J3","title":"Recall custom models - how to create detections (QUX)","pathname":"/operations/analyst-guidance/recall-custom-models-how-to-create-detections-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"hVIFOPXJEP398gB8RFlB","title":"Crowdstrike EDR process correlation user guide","pathname":"/operations/analyst-guidance/crowdstrike-edr-process-correlation-user-guide","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"b2qkte4MjfrLWq0jAAXH","title":"Vectra self-detection events","pathname":"/operations/analyst-guidance/vectra-self-detection-events","siteSpaceId":"sitesp_UtbXl","description":"Explains expected Vectra cloud/update/metadata-sharing traffic and why it may trigger Hidden HTTPS Tunnel, Multi-home fronted tunnel, or Smash and Grab detections.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"b0Bl1W4e0F5aNleveZrG","title":"Key asset treatment (QUX)","pathname":"/operations/analyst-guidance/key-asset-treatment-qux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Analyst Guidance"}]},{"id":"ciCcp37DkTgirwL3vAvw","title":"Updates","pathname":"/operations/readme-1","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"}]},{"id":"bJ1RkqBrcLsqnsGoMx3p","title":"Offline updates (v8.9+)","pathname":"/operations/readme-1/offline-updates-v89","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Updates"}]},{"id":"zn9Mru81ygFq6HpWZNe8","title":"Offline updates (prior to v8.9)","pathname":"/operations/readme-1/offline-updates-prior-to-v89","siteSpaceId":"sitesp_UtbXl","description":"Offline Updates","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Updates"}]},{"id":"jcVj6vncKcVMtoWfizXa","title":"Troubleshooting updates","pathname":"/operations/readme-1/troubleshooting-updates","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Updates"}]},{"id":"57rojlA9rP4vqTS3HOgx","title":"Dashboards and Reports","pathname":"/operations/dashboards-and-reports","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"}]},{"id":"cTK5qOji7tNj4P1TDnjp","title":"Operational Overview report guidance","pathname":"/operations/dashboards-and-reports/operational-overview-report-guidance","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Dashboards and Reports"}]},{"id":"yJM7RyzKvE4bfJvwoEVa","title":"Executive Overview report guidance","pathname":"/operations/dashboards-and-reports/executive-overview-report-guidance","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Dashboards and Reports"}]},{"id":"ZYeckieUyQGepxfuDhNM","title":"Recall","pathname":"/operations/dashboards-and-reports/recall","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Dashboards and Reports"}]},{"id":"vWVY1g5oewXMALYeSmV7","title":"Recall certificate expiry dashboard","pathname":"/operations/dashboards-and-reports/recall/recall-certificate-expiry-dashboard","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Dashboards and Reports"},{"label":"Recall"}]},{"id":"bqotdhWiXU3luACfX8ys","title":"Recall Netlogon exploit visibility dashboard","pathname":"/operations/dashboards-and-reports/recall/recall-netlogon-exploit-visibility-dashboard","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Dashboards and Reports"},{"label":"Recall"}]},{"id":"IY2XPFCCy2RNyyvB3JNG","title":"Recall host dashboard","pathname":"/operations/dashboards-and-reports/recall/recall-host-dashboard","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Dashboards and Reports"},{"label":"Recall"}]},{"id":"pFyyWNdYUkWFb2kcpzOr","title":"Detection specific guidance","pathname":"/operations/detection-specific-guidance","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"}]},{"id":"jrb9halMA92dAFZS9Xr8","title":"Suspicious Remote Desktop","pathname":"/operations/detection-specific-guidance/suspicious-remote-desktop","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Detection specific guidance"}]},{"id":"R4Tzrbcxfk5FpBlHu5m2","title":"Hidden HTTPS Tunnel - detection showing proxy IP as target","pathname":"/operations/detection-specific-guidance/hidden-https-tunnel-detection-showing-proxy-ip-as-target","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Detection specific guidance"}]},{"id":"rspBfN7Z3rTaO5A2PM93","title":"Data Gathering - detected between Brain and Sensor","pathname":"/operations/detection-specific-guidance/data-gathering-detected-between-brain-and-sensor","siteSpaceId":"sitesp_UtbXl","description":"Vectra detected data gathering between the brain and the sensor, triggering an alert.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Detection specific guidance"}]},{"id":"np9RP7vZieYUwhrt6rxy","title":"Suspect Protocol Activity detection descriptions","pathname":"/operations/detection-specific-guidance/suspect-protocol-activity-detection-descriptions","siteSpaceId":"sitesp_UtbXl","description":"This page will explain the different Suspect Protocol Activity (SPA) detections which can appear in the platform and serves as one pager content for the SPA detections.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Detection specific guidance"}]},{"id":"kbmTsqWUIXnVTXABwhQb","title":"Turla and Snake malware","pathname":"/operations/detection-specific-guidance/turla-and-snake-malware","siteSpaceId":"sitesp_UtbXl","description":"Vectra Notice: Turla and Snake Malware","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Detection specific guidance"}]},{"id":"mKXeSmpnTCVCjgZfKv3o","title":"Suspicious Remote Execution","pathname":"/operations/detection-specific-guidance/suspicious-remote-execution","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Detection specific guidance"}]},{"id":"vgPxivVIdYQz1ubNigk4","title":"Intel AMT (Active Management Technology) detections","pathname":"/operations/detection-specific-guidance/intel-amt-active-management-technology-detections","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Detection specific guidance"}]},{"id":"ZJxl0cz5ZpY1ff2GIWcD","title":"Licensing","pathname":"/operations/licensing","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"}]},{"id":"AH8T1iailfgikfl2NES3","title":"Vectra licensing metrics (all products)","pathname":"/operations/licensing/vectra-licensing-metrics-all-products","siteSpaceId":"sitesp_UtbXl","description":"This article explains what metric is used when licensing Vectra products.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Licensing"}]},{"id":"jDCdw2fYlzj1cmB7DvGM","title":"Backup / Restore / DR","pathname":"/operations/backup-restore-dr","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"}]},{"id":"PceGAWWa5rJ1Swhoipa1","title":"Backup and restore (v8.5+)","pathname":"/operations/backup-restore-dr/backup-and-restore-v85","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"}]},{"id":"2gPp2iwIucCX5YdHA2t7","title":"Introduction and changes","pathname":"/operations/backup-restore-dr/backup-and-restore-v85/introduction-and-changes","siteSpaceId":"sitesp_UtbXl","description":"Backup and Restore introduction and changes from earlier versions.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Backup and restore (v8.5+)"}]},{"id":"jZRYnKjBmoUkip9gnwW2","title":"Backup and restore FAQ","pathname":"/operations/backup-restore-dr/backup-and-restore-v85/backup-and-restore-faq","siteSpaceId":"sitesp_UtbXl","description":"Frequently asked questions about backup and restore.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Backup and restore (v8.5+)"}]},{"id":"HXTbZychnv0BxdsMTS1o","title":"Migration from earlier versions","pathname":"/operations/backup-restore-dr/backup-and-restore-v85/migration-from-earlier-versions","siteSpaceId":"sitesp_UtbXl","description":"Guidance for customers migrating from earlier versions of backup and restore.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Backup and restore (v8.5+)"}]},{"id":"8DKuFJtRPy8WUXjopCnC","title":"Scheduling backups and running manual backups","pathname":"/operations/backup-restore-dr/backup-and-restore-v85/scheduling-and-manual-backups","siteSpaceId":"sitesp_UtbXl","description":"How to schedule backups and run backups manually.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Backup and restore (v8.5+)"}]},{"id":"e8Pri4Rou35hyseyTYll","title":"Configuring external targets","pathname":"/operations/backup-restore-dr/backup-and-restore-v85/configuring-external-targets","siteSpaceId":"sitesp_UtbXl","description":"How to configure external targets including SCP, SFTP, and S3. Brain to Brain backups. Rotating old backups. Testing, renaming, and removing external backup targets.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Backup and restore (v8.5+)"}]},{"id":"SAVJP8Iz9u94oRugLQA8","title":"Restoring backups","pathname":"/operations/backup-restore-dr/backup-and-restore-v85/restoring-backups","siteSpaceId":"sitesp_UtbXl","description":"Guidance for restoring backups and deleting older backup versions.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Backup and restore (v8.5+)"}]},{"id":"FZGrgZVxlsw9oOL6twwA","title":"Troubleshooting and additional commands","pathname":"/operations/backup-restore-dr/backup-and-restore-v85/troubleshooting-and-additional-commands","siteSpaceId":"sitesp_UtbXl","description":"Additional backup and restore related commands and troubleshooting advice.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Backup and restore (v8.5+)"}]},{"id":"rHC2iipGRu17GkoBMxgL","title":"All commands (syntax examples)","pathname":"/operations/backup-restore-dr/backup-and-restore-v85/all-commands-syntax-examples","siteSpaceId":"sitesp_UtbXl","description":"Examples of all backup and restore related commands.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Backup and restore (v8.5+)"}]},{"id":"04EPORys5eoToAxUL4Nc","title":"Disaster recovery and migration (v8.5+)","pathname":"/operations/backup-restore-dr/disaster-recovery-and-migration-v85","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"}]},{"id":"bmLBoJ88KYOVHDNEICq5","title":"DR (Disaster Recover) process","pathname":"/operations/backup-restore-dr/disaster-recovery-and-migration-v85/dr-disaster-recover-process","siteSpaceId":"sitesp_UtbXl","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Disaster recovery and migration (v8.5+)"}]},{"id":"mNJlsaZdOHoEXMTWpa2k","title":"Migration process","pathname":"/operations/backup-restore-dr/disaster-recovery-and-migration-v85/migration-process","siteSpaceId":"sitesp_UtbXl","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Disaster recovery and migration (v8.5+)"}]},{"id":"nasO5KQ1pZMu5AidI6Bv","title":"Legacy details prior to v8.5","pathname":"/operations/backup-restore-dr/legacy-details-prior-to-v8.5","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"}]},{"id":"5RKhK7ffr1TECQhoBnVp","title":"Backup / Restore (prior to v8.5)","pathname":"/operations/backup-restore-dr/legacy-details-prior-to-v8.5/backup-restore-prior-to-v85","siteSpaceId":"sitesp_UtbXl","description":"This article provides guidance for restoring backups.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Legacy details prior to v8.5"}]},{"id":"P5nUN8cZ0wkD0jCVapNm","title":"Disaster recovery process (prior to v8.5)","pathname":"/operations/backup-restore-dr/legacy-details-prior-to-v8.5/disaster-recovery-process-prior-to-v85","siteSpaceId":"sitesp_UtbXl","description":"Cognito Disaster Recovery Process","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Legacy details prior to v8.5"}]},{"id":"U8HFHo5Kt9IhOr3p8bre","title":"Migrating to new Brain (prior to v8.5)","pathname":"/operations/backup-restore-dr/legacy-details-prior-to-v8.5/migrating-to-new-brain-prior-to-v85","siteSpaceId":"sitesp_UtbXl","description":"Migrating to a new brain","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Backup / Restore / DR"},{"label":"Legacy details prior to v8.5"}]},{"id":"UWcWmaU6z9kIhFyNgD2a","title":"Investigate","pathname":"/operations/investigate","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"}]},{"id":"aTwBEkA8yYdIl96IOVfq","title":"AI-Assisted Search","pathname":"/operations/investigate/ai-assisted-search","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Investigate"}]},{"id":"CZSEPRcJ4iFsXAjBtF4H","title":"SQL search","pathname":"/operations/investigate/sql-search","siteSpaceId":"sitesp_UtbXl","description":"This is documentation for the Private Preview of SQL Search. Please contact your Vectra account team if you are interested in joining the private preview.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Investigate"}]},{"id":"xwE2KTtcnEL22m7keb3x","title":"Vectra AI Platform Investigate FAQ","pathname":"/operations/investigate/vectra-ai-platform-investigate-faq","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Investigate"}]},{"id":"mtbjNNprrnkVi7J4R4e2","title":"Investigate API user guide","pathname":"/operations/investigate/investigate-api-user-guide","siteSpaceId":"sitesp_UtbXl","description":"Using the RUX Investigate (Metadata) API Manually (e.g., with Postman)","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Investigate"}]},{"id":"uA5M8XgmUhrawtkycFqe","title":"Investigate API metadata schema reference","pathname":"/operations/investigate/investigate-api-metadata-schema-reference","siteSpaceId":"sitesp_UtbXl","description":"Available Tables and Fields for RUX Investigate (Metadata) API Queries","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"Investigate"}]},{"id":"1GuMMioqtcIvPPHZ1gMK","title":"General","pathname":"/operations/general","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"}]},{"id":"yMO5x4OcAQHlKcsyn12J","title":"Attack Graph FAQ","pathname":"/operations/general/attack-graph-faq","siteSpaceId":"sitesp_UtbXl","description":"This article details the Attack Graph feature for entities in the Vectra UI.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"General"}]},{"id":"IvpsFKbZgRiGA6KGnpER","title":"AI-Triage in Detail","pathname":"/operations/general/ai-triage-in-detail","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"General"}]},{"id":"5dKe3ykJD8I9DpUNJRW1","title":"Suspect Protocol Activity detections (feature overview)","pathname":"/operations/general/suspect-protocol-activity-detections-feature-overview","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"General"}]},{"id":"VdpqkgVzhXKfaCfMkERY","title":"Using generic portal links (RUX)","pathname":"/operations/general/using-generic-portal-links-rux","siteSpaceId":"sitesp_UtbXl","description":"","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Operations"},{"label":"General"}]},{"id":"bEgNIayncCPCl9BYSyZ9","title":"AI and ML terminology","pathname":"/reference/ai-and-ml-terminology","siteSpaceId":"sitesp_UtbXl","description":"Definitions for common AI/ML terms used in Vectra docs.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"ER53InBcvYBqFPV0F8WU","title":"Vectra AI prioritization and scoring factors","pathname":"/reference/ai-driven-priortization-faq","siteSpaceId":"sitesp_UtbXl","description":"FAQ for AI-driven Prioritization (Urgency scoring) in Respond UX.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"bGNRv5OsK2VfEZPlBAPe","title":"Appliance support and EOS / EOL policy","pathname":"/reference/appliance-eos-eol-policy","siteSpaceId":"sitesp_UtbXl","description":"Appliance support policies, End-of-Sale (EOS) announcements, and End-of-Sale/End-of-Life (EOL) dates for Vectra appliances.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"YGVd7RRPbzq7bL9oglIm","title":"Bandwidth used between Sensor and Brain","pathname":"/reference/bandwidth-used-between-sensor-and-brain","siteSpaceId":"sitesp_UtbXl","description":"Expected bandwidth from Sensor to Brain and how to interpret low-bandwidth alerts.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"TScZFidEeQhDwInAsxpn","title":"How detection PCAPs are generated","pathname":"/reference/how-detection-pcaps-are-generated","siteSpaceId":"sitesp_UtbXl","description":"This article discusses how Detection PCAPs are created as part of Detect for NDR. Selective PCAP is a different feature.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"I5DSCVUGx9Hrte6rYY51","title":"In-App support","pathname":"/reference/in-app-support","siteSpaceId":"sitesp_UtbXl","description":"Enable and manage in-app support, including telemetry fields and outbound endpoints.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"R5uEiaMjKfeWqjprAWFW","title":"Metadata attributes","pathname":"/reference/metadata-attributes","siteSpaceId":"sitesp_UtbXl","description":"Reference PDFs for Vectra network and cloud metadata fields.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"VgrDVseCdKCEcdRkHVnK","title":"Vectra AI Platform network metadata attributes","pathname":"/reference/metadata-attributes/vectra-ai-platform-network-metadata-attributes","siteSpaceId":"sitesp_UtbXl","description":"The attached PDF document describes the Vectra AI Platform Network metadata.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Metadata attributes"}]},{"id":"1o7hShSlYC0SLgnV2jIK","title":"Vectra AI Platform Azure metadata attributes","pathname":"/reference/metadata-attributes/vectra-ai-platform-azure-metadata-attributes","siteSpaceId":"sitesp_UtbXl","description":"The attached pdf document describes the Vectra AI Platform Azure metadata; this metadata is available in Vectra's Respond UX (RUX) platform and visible in Investigate.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Metadata attributes"}]},{"id":"4UbRRomQcKvCdYN94ZFS","title":"Vectra AI Platform AWS CloudTrail metadata attributes","pathname":"/reference/metadata-attributes/vectra-ai-platform-aws-cloudtrail-metadata-attributes","siteSpaceId":"sitesp_UtbXl","description":"The attached pdf document describes the Vectra AI Platform AWS CloudTrail metadata; this metadata is available in Vectra's Respond UX (RUX) platform and visible in Investigate.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Metadata attributes"}]},{"id":"8AJwcTFH4p5a3rylfRkD","title":"Vectra AI Platform Azure AD and M365 metadata attributes","pathname":"/reference/metadata-attributes/vectra-ai-platform-azure-ad-and-m365-metadata-attributes","siteSpaceId":"sitesp_UtbXl","description":"The attached pdf document describes the Vectra AI Platform Azure AD and M365 metadata; this metadata is available in Vectra's Respond UX (RUX) and visible in Advanced Investigations.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Metadata attributes"}]},{"id":"SaexP8h3tHoetJr4WM3i","title":"Product Security","pathname":"/reference/product-security","siteSpaceId":"sitesp_UtbXl","description":"Product security statements and hardening guidance.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"SE1EnOtMtmeiXlQoxC1h","title":"Vectra stance on LPE (Local Privilege Escalation) appliance vulnerabilities","pathname":"/reference/product-security/vectra-stance-on-lpe-local-privilege-escalation-appliance-vulnerabilities","siteSpaceId":"sitesp_UtbXl","description":"This article describes Vectra's stance on Local Privilege Escalation (LPE) appliance vulnerabilities.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Product Security"}]},{"id":"9UiMReRN12J1jVgyLMQy","title":"Vectra statement on Ubuntu 20.04 LTS reaching EOL","pathname":"/reference/product-security/vectra-statement-on-ubuntu-2004-lts-reaching-eol","siteSpaceId":"sitesp_UtbXl","description":"This article provides details for customers who are concerned about the End of Support for Ubuntu 20.04 LTS used as the base OS in Vectra appliances.a","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Product Security"}]},{"id":"zIK4BXDdnsEhd4gh9NIN","title":"Detect for AWS compliance brief","pathname":"/reference/product-security/detect-for-aws-compliance-brief","siteSpaceId":"sitesp_UtbXl","description":"This document describes the steps Vectra takes to secure your data.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Product Security"}]},{"id":"OqZpNcqLvcb2PuGcbDF5","title":"Recall security and privacy statement","pathname":"/reference/product-security/recall-security-and-privacy-statement","siteSpaceId":"sitesp_UtbXl","description":"Recall security and privacy statement (PDF).","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Product Security"}]},{"id":"aNMdQmLF59y96tGDXmu2","title":"Vectra hardening (appliances)","pathname":"/reference/product-security/vectra-hardening-appliances","siteSpaceId":"sitesp_UtbXl","description":"How Vectra hardens appliances, including patching, encryption, and vulnerability management.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"},{"label":"Product Security"}]},{"id":"cLEy0ysCxaud5L3zlXjD","title":"RSPAN and ERSPAN support","pathname":"/reference/rspan-and-erspan-support","siteSpaceId":"sitesp_UtbXl","description":"RSPAN and ERSPAN compatibility for Vectra Sensors, including VLAN tag limits.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"3grOJfTVuETmSjSOu3M6","title":"Understanding Vectra host naming","pathname":"/reference/understanding-vectra-host-naming","siteSpaceId":"sitesp_UtbXl","description":"This article describes how Vectra automatically names Hosts in the Vectra Platform (Brain) to ease analyst workflow and track Hosts by name rather than just a transient IP.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"ccc42daf45bcf3d8beeee4c71aacf97713b76e71","title":"Vectra's coverage of MITRE ATT&CK and D3FEND","pathname":"/reference/vectra-coverage-of-mitre-attandck-and-d3fend","siteSpaceId":"sitesp_UtbXl","description":"See how Vectra maps detections to MITRE ATT&CK v18 and supports MITRE D3FEND countermeasures, with navigator layers and export files.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"227d0b19791bf73f49e25724776e6198885fe221","title":"Vectra UI supported browsers","pathname":"/reference/vectra-ui-supported-browsers","siteSpaceId":"sitesp_UtbXl","description":"Supported browsers and version support policy for the Vectra UI.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"QoGSrStL9RGB3EGkxd7h","title":"Why is metadata sharing important","pathname":"/reference/why-is-metadata-sharing-important","siteSpaceId":"sitesp_UtbXl","description":"How metadata sharing works, what data is shared, and why it matters.","breadcrumbs":[{"label":"Documentation","icon":"book-blank"},{"label":"Reference"}]},{"id":"3SKL7kaOhZFpCM4rfYQ3","title":"Release Notes","pathname":"/release-notes","siteSpaceId":"sitesp_J0IgS","emoji":"1f4dd","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"}]},{"id":"zvQz4u8tYK8GXgDWVkDM","title":"Mar 2026 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/mar-2026-release-notes-rux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"oarDvCsRHpQqpUdm8P79","title":"Feb 2026 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/feb-2026-release-notes-rux","siteSpaceId":"sitesp_J0IgS","description":"This release introduces an enhancement to the attack graph, as well as introduces dark mode capability.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"ypm7F94d9XnQEvpidmIa","title":"Jan 2026 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/jan-2026-release-notes-rux","siteSpaceId":"sitesp_J0IgS","description":"This release expands detection coverage, includes CVE fixes and other bug fixes.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"xana8zUIwj6M9BxtULhL","title":"Dec 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/readme-1","siteSpaceId":"sitesp_J0IgS","description":"December 2025 updates across Coverage, Clarity, and Control—new/refined detections, CrowdStrike EDR process correlation (private preview), and stronger Azure AD/Entra ID response.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"SLUuPpWWneRDLNQ7qvws","title":"Nov 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/november-2025-release-notes","siteSpaceId":"sitesp_J0IgS","description":"November 2025 release highlights—expanded native Cobalt Strike coverage, refined Kali/RMM detections, Traffic Lockdown (public preview), Operational Overview Report, and key admin updates.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"ipkZRf5hXzQJj4OFJyi8","title":"Oct 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/october-2025-release-notes","siteSpaceId":"sitesp_J0IgS","description":"October 2025 highlights: Introducing AI-Assisted Search, AI Scoring Prioritization Agent, Groups Based on Active Directory Membership, New REST API Documentation Is Live API.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"XC3J62bkbzJKFZijyBRf","title":"Sep 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/september-2025-release-notes","siteSpaceId":"sitesp_J0IgS","description":"September 2025 highlights: Sliver Command and Control Coverage, Azure Suspect VM Logging Change, Reduced Alert Volume with Enhanced AI-Triage, Attack Graph: Focused View.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"rSAb5lxSXP5udk9JNzXU","title":"Aug 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/aug-2025-release-notes-rux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"qiOVoGbV4gzQBeIodHJM","title":"Jul 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/jul-2025-release-notes-rux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"Ybz6bvKiFzR1qHHYehv9","title":"Jun 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/jun-2025-release-notes-rux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"96YLsaMPph2KnEyIC8UU","title":"May 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/may-2025-release-notes","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"dKtqvZaPNS9cUGmJeKKS","title":"Apr 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/april-2025-release-notes","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"UMXtdZ5EBDpxFzQ0hvUs","title":"Archived RUX Release Notes","pathname":"/release-notes/respond-ux-rux/archived-rux-release-notes","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"}]},{"id":"jLwJjZMHYz6a84rfq2hS","title":"2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/archived-rux-release-notes/2025-release-notes-rux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"},{"label":"Archived RUX Release Notes"}]},{"id":"MxYFrKlZqnqC5DwbO83X","title":"Mar 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/archived-rux-release-notes/2025-release-notes-rux/march-2025-release-notes","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"},{"label":"Archived RUX Release Notes"},{"label":"2025 Release Notes (RUX)"}]},{"id":"GcCONfqnVvjS6YvikhQc","title":"Feb 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/archived-rux-release-notes/2025-release-notes-rux/feb-2025-release-notes-rux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"},{"label":"Archived RUX Release Notes"},{"label":"2025 Release Notes (RUX)"}]},{"id":"Y6HKnQ2iMuWFzAynVFEH","title":"Jan 2025 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/archived-rux-release-notes/2025-release-notes-rux/january-2025-release-notes","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"},{"label":"Archived RUX Release Notes"},{"label":"2025 Release Notes (RUX)"}]},{"id":"oSCSzJtP0jrIbhVaC9P1","title":"2024 Release Notes (RUX)","pathname":"/release-notes/respond-ux-rux/archived-rux-release-notes/jan-dec-2024-release-notes-rux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Respond UX (RUX)"},{"label":"Archived RUX Release Notes"}]},{"id":"BRv6jNRbR5UjAqLUlrs6","title":"v9.10 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/v9.10-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"xktcbutT6sAo7da8d9EQ","title":"v9.9 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/v9.9-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"sBIbPKzJ1BGyJUlfrJFV","title":"v9.8 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/9.8-release-notes","siteSpaceId":"sitesp_J0IgS","description":"9.8: Rapid Release Improvements; Azure Detections; Traffic Lockdown; Operational Overview Report; Navigational Change; Syslog Cert Validation; SSH Login; GCP deployments via Terraform.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"8IbTbvD6uxuWCjGIO4J9","title":"v9.7 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/9.7-release-notes","siteSpaceId":"sitesp_J0IgS","description":"9.7: Rapid Release Improvements, Groups Based on Active Directory Membership on Quadrant UX, AI Scoring Prioritization Agent, HTTPS-Only Access for iDRAC and Embryo Status Page.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"nkAN5Ybr5fkFYmM86xRh","title":"v9.6 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/9.6-release-notes","siteSpaceId":"sitesp_J0IgS","description":"9.6 highlights: Netskope SASE Integration in Public Preview; Vectra Virtual Brain for Nutanix; JA4T/JA4TS Fingerprints; Attack Graph: Focused View; HTTPS-Only Access to Vectra UI.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"yv2eQ6tzPVtMR1vHPfdh","title":"v9.5 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/vectra-ai-platform-95-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"QijfnucjKbsDS9SdTKer","title":"v9.4 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/vectra-ai-platform-94-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"C4NDLuWgOUGPmrJZwDuj","title":"v9.3 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/vectra-ai-platform-93-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"I0Wei5IJvkWOF3QMXmPc","title":"v9.2 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/vectra-ai-platform-92-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"a9dIyOhLhhRqeT56IcUZ","title":"v9.1 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/vectra-ai-platform-91-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"hCsw4dN0BrGvcsdS5xDA","title":"Archived QUX Release Notes","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"}]},{"id":"GQbQFFhRc0hKhF7xn1S0","title":"v9.0 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-ai-platform-90-release-notes","siteSpaceId":"sitesp_J0IgS","description":"Vectra AI Platform - 9.0 Release Notes with new Dynamic Group support of QUX and launch of High Performance GCP Brains","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"gaqavoG6ArDzpVMJxwpq","title":"v8.10 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-ai-platform-810-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"bxj1B7p6TizTXZqgUmbO","title":"v8.9 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-ai-platform-89-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"gzy7f25OtvIUHAJ1O3aF","title":"v8.8 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-ai-platform-88-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"rQvTwERn7WyqBvoHLjYy","title":"v8.7 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-87-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"on7f6eTKw7AUSDIwK0lL","title":"v8.6 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-86-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"eJNgCe8GHZoKC4OCtwrZ","title":"v8.5 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-85-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"uhcFRrV7zsPPcWwD06Nu","title":"v8.4 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-84-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"Xsr4jdaQn22Rop6HweRw","title":"v8.3 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-83-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"NWJniSFAQA3N71j0aUt0","title":"v8.2 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-82-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"109PPQPmcnolZayH6CIv","title":"v8.1 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-81-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"607oMsNYaIX7gAJoXtKI","title":"v8.0 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-80-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"JVyxqyUE9C3nLnPJatLZ","title":"v7.9 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-79-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"z2QjxSUXVIXuRlsw1UkZ","title":"v7.8 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-78-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"x9fvYdGvDQfwNULf5QGu","title":"v7.7 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-77-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"jdP8B6oVgzQZjyxNXJq2","title":"v7.6 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-76-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"yFmvAZ4u9OS285R4bJui","title":"v7.5 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-75-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"flRi9LedEKfjxMjes6tC","title":"v7.4 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-74-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"MB6Bh1pSswrsHw4lbGrk","title":"v7.3 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-73-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"cyO98iU2dRBaP8Gl76fP","title":"v7.2 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-72-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"NOEnYKq5Cj0Da80e60CQ","title":"v7.1 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-71-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"hQhaSI9l8miqgBBGBbCo","title":"v7.0 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-70-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"Tv8DQ3RiodnzkLNlnM7Y","title":"v6.20 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-620-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"6fd8WKOvLlrAbMNgCgSC","title":"v6.19 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-detect-for-network-619-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"ya8WihgY1cfkeG1WSc37","title":"v6.18 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-618-release-notes","siteSpaceId":"sitesp_J0IgS","description":"Cognito Version 6.18 Release Notes","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"lMUf2ubIsqycZaK5yCwt","title":"v6.17 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-617-release-notes","siteSpaceId":"sitesp_J0IgS","description":"Cognito Version 6.17 Release Notes","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"81twGYZC7EogmvJKvb86","title":"v6.16 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/v6.16-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"JjgvLWULcxruIVvjwZ8t","title":"v6.15 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/v6.15-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"pz9WVz2mcMlBTXLPPL67","title":"v6.14 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/v6.14-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"fP8auNJSPH7HAe01emmq","title":"v6.13 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/v6.13-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"Lh6AugEiHQJefkZMyiQS","title":"v6.12 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/v6.12-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"2T2otCwssNwjXDDzea6K","title":"v6.11 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-611-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"bICR97mtqMQAL3gNlb7r","title":"v6.10 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/v6.10-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"GGJQNbKi7EU0GEFoYGOD","title":"v6.9 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-69-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"PvOcwmji4NuYHY9u1knd","title":"v6.8 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-68-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"gsvo4tgLqwIi3DoRRZmj","title":"v6.7 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-67-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"9uDJN2cXUbN1rl63UFB7","title":"v6.6 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/v6.6-release-notes-qux","siteSpaceId":"sitesp_J0IgS","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"Y7wsXvIusX3kUDrRId0d","title":"v6.5 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-65-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"qmSeTuMCVpLYAHslfKcZ","title":"v6.4 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-64-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"OpQXXDkBElGLpeO5aBBS","title":"v6.3 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-63-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"tVkwAm406qbBCWpucjES","title":"v6.2 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-62-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"nGlhKpXmIOr7a9yVA3Ai","title":"v6.1 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-61-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"TcGDEpplpRB338htzYWZ","title":"v6.0 Release Notes (QUX)","pathname":"/release-notes/quadrant-ux-qux/archived-qux-release-notes/vectra-cognito-60-release-notes","siteSpaceId":"sitesp_J0IgS","description":"","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Quadrant UX (QUX)"},{"label":"Archived QUX Release Notes"}]},{"id":"TqVALY68xi11BVBqDjUR","title":"Coming soon","pathname":"/release-notes/doc-site-updates/coming-soon","siteSpaceId":"sitesp_J0IgS","description":"As major changes happen to the documentation site, look for relevant updates here.","breadcrumbs":[{"label":"Release Notes","icon":"file-lines"},{"label":"Doc Site Updates"}]},{"id":"hREB4vvaF4gy8SBi79i4","title":"Welcome","pathname":"/api-reference","siteSpaceId":"sitesp_6TKp1","description":"Landing page for Vectra API documentation.","breadcrumbs":[{"label":"API Reference","icon":"terminal"}]},{"id":"zlasPqerMemL6Gvw3v08","title":"Live documentation","pathname":"/api-reference/respond-ux-rux/live-documentation","siteSpaceId":"sitesp_6TKp1","description":"Temporary page linking to the live v3.x API documentation site until it is migrated into the main Vectra documentation site in a future update.","breadcrumbs":[{"label":"API Reference","icon":"terminal"},{"label":"Respond UX (RUX)"}]},{"id":"njH9eu74kH4nq2PaW1uB","title":"Help Center","pathname":"/help-center","siteSpaceId":"sitesp_1RviA","breadcrumbs":[{"label":"Help Center","icon":"life-ring"}]}]}