Professional network forensics appliance for ultra-fast recording, indexing, searching and analysis of network data in real time!

NEOXPacketFalcon Logo
IT-Security - Made in Germany

PacketFalcon Compact - Professional Network Forensics Appliance - for up to 100Gbps

Up to 100G
Lossless Recording
up to 40Gbps
High-End Napatech FPGA NIC
High-End FPGA
Capture Cards
Icon - Network Media
For 1G - 100G
Storage Capacity
Storage Capacity
up to 61 TB
IEEE 1588v2 Precision Time Protocol (PTP)
IEEE 1588v2
Precision Time Protocol
Portable and Rackmountable
Portable &
Hardware based Nanosecond Timestamping
HW-based Nanosecond
Packet Slicing and Filtering
Packet Slicing &
Capture Filter
Cascading of several PacketFalcons possible
Optional Transport Case available
Transport Case

Networks continue to increase in speed and complexity. And security attacks will also evolve in terms of complexity and stealth capabilities. Thus, for optimal and secure IT service delivery, IT security teams must have permanent access to detailed traffic analysis. Network forensics provides this essential access and insight that security analysts need.

Our PacketFalcon products are powerful recorders for all types of network speeds, enabling IT organisations to analyse, monitor and accurately record traffic without compromise.

PacketFalcon provides permanent 24 x 7 access to 1G, 10G, 25G, 40G and 100G networks for detailed analysis, including forensic analysis of past events. PacketFalcon supports security teams by accurately and losslessly recording network traffic at key nodes using Network TAPs, indexing and analysing it in real time, enabling rapid investigation of anything happening on the network.

By indexing the data and providing simple and complex hardware and software filters (Berkeley Packet Filter), PacketFalcon enables security teams to quickly investigate and thus stop attacks – even when they occur in state-of-the-art high-speed networks such as 40G or 100G network topologies.

On the hardware side, the PacketFalcon impresses with its robust design, a choice of 7.6 TB, 15.3 TB, 30.7 TB or 61.4 TB disk storage, a high-performance gigabit capture card from Napatech and an optionally available hard-shell transport case.

The software used is Linux and the award-winning network forensics software from LiveAction. This makes it possible to analyse network traffic across locations via remote access and to quickly find errors.

Its high flexibility in terms of mobile and stationary applications makes it the ideal companion for every network analysis and forensics specialist.


  • Up to 40Gbps lossless recording
  • Acceleration of Mean-Time-To-Resolution (MTTR) through visualisation and interaction with meta data, communication flows and the packets themselves
  • Extensive insight into the functioning of networks and applications including detection/classification of applications
  • Analysis of network traffic in each remote segment, support for 1/10/25/40/100 Gigabit Ethernet and 802.11 Wireless
  • Voice and Video over IP quality metrics (MOS Score), including overview statistics and comprehensive analysis of signalling and RTP media streams
  • Packet-based analysis of communication relationships visualised in intuitive graphical displays
  • Integrated, reliable expert events, indication of anomalies via OSI layer 2-7
  • Patented drill-down function
  • Recording terabytes of traffic without data packet loss
  • Hardware-based timestamps with nanosecond accuracy
  • PTP support for external time synchronisation according to IEEE 1588v2
  • Cascading of multiple Packet Falcon systems possible
  • Simultaneous unlimited access via Web GUI (“Peek”)
  • Hardware-basiertes Packet Slicing und Capture Filter
  • 4GB/12GB hardware buffer for absorbing and analysing microbursts
  • PCAP or PCAPNG Support
  • Optional: hard case for transport

Use Cases

  • Accurate, robust and portable network forensics and analysis tool directly available at the customer site
  • Capture traffic from enterprise applications at distributed or remote locations to gain detailed and accurate insight into network status
  • Quick troubleshooting and resolution of network and application problems
  • Provide easy-to-use tools for field engineers and customers to capture local network traffic
  • Speed up troubleshooting of WLAN, VoIP and VoFi problems with Omnipeek features such as “Expert Analysis”.
  • Get an accurate picture of the impact of IT rollouts on your network through comprehensive reporting and monitoring at every stage of deployment
  • Detect in real time the impact of network problems on application performance and delivery
  • Enables both real-time examination of data and historical playback for forensic analysis
  • Improve the speed of implementation of your new initiative to recoup costs and achieve a faster ROI
  • By using a Network TAP to mirror traffic, PacketFalcon monitors packet data without affecting the performance of the production network

NEOXPacketFalcon Compact - Application Example with Network Packet Broker and Network TAPs - Topology
NEOXPacketFalcon Example Scenario

Hardware Overview

  • 2x redundant 400W 80 PLUS Platinum Certified power supply units
  • Quiet fans
  • 10G Ethernet Management Interface
  • High-speed FPGA Capture card for 1G/10G/25G/40G/100G
  • 4x SFP+ ports or 2x QSFP+/QSFP28 ports
  • Intelligent Platform Management Interface (IPMI) RJ45 LAN port
  • 2x 10G RJ45 LAN ports
  • 2x USB3.2 Gen 1 ports, D-Sub VGA display connector
  • IEEE 1588-2008 (PTPV2)
  • Operating system on a separate SSD M2
  • Storage capacity between 7.6 TB and 61.4 TB
  • 128/256 GB DDR4 RAM (optionally up to 512 GB RAM)
  • Dimensions (W x H x D): 43.7 x 4.3 x 42.9 cm, approx. 12 kg
  • Optional: Hard case with CNC-milled foam for transport


  • Napatech (Capture card)
    The NEOXPacketFalcon Compact can be equipped with one of the following network measurement and capture boards:

    • 1/10G (High Performance) FPGA Adapter (SFP/SFP+)
    • 25/40/100G (High Performance) FPGA Adapter (QSFP+/QSFP28)

You can find out more about Napatech’s capture cards here.

Preinstalled Software

The NEOXPacketFalcon comes with LiveAction’s leading software LiveCapture:

  • Lossless capture and recording up to 40Gbps
  • Powerful data preparation tools that allow IT technicians to focus on specific time periods and types of traffic.
  • Built-in analytics, including expert analysis and critical network metrics, such as top talkers and top logs, all of which help to accelerate the investigation of any attacks.
  • The network data is time-stamped with nanosecond accuracy when it arrives. GPS, PPS, PTP and other external time sources are supported.

You can find out more about LiveCapture here.

LiveCapture/Omnipeek Screenshots
LiveAction LiveCapture Screenshots

Technical Specifications

Width x Height x Depth43.7 cm x 4.3 cm x 42.9 cm
Weightc.a. 12 kg
Power supply unit2x 400W – 80 PLUS Platinum certified
Input Voltage110-240 VAC 50-60Hz

PacketFalcon Compact OPTIONS

NX-LC-10G-8TB-CTAMD EPYC™ 128 GB 7.6 TB 4x 1G/10G SFP+
NX-LC-10G-15TB-CTAMD EPYC™ 128 GB 15.3 TB 4x 1G/10G SFP+
NX-LC-10G-30TB-CTAMD EPYC™ 128 GB 30.7 TB 4x 1G/10G SFP+
NX-LC-10G-60TB-CTAMD EPYC™ 128 GB 61.4 TB 4x 1G/10G SFP+
NX-LC-40G-8TB-CTAMD EPYC™ 128 GB 7.6 TB 2x 40G QSFP+ / 8x 10G (Fan-out)
NX-LC-40G-15TB-CTAMD EPYC™ 128 GB 15.3 TB 2x 40G QSFP+ / 8x 10G (Fan-out)
NX-LC-40G-30TB-CTAMD EPYC™ 128 GB 30.7 TB 2x 40G QSFP+ / 8x 10G (Fan-out)
NX-LC-40G-60TB-CTAMD EPYC™ 128 GB 61.4 TB 2x 40G QSFP+ / 8x 10G (Fan-out)
NX-LC-100G-8TB-CTAMD EPYC™ 256 GB 7.6 TB 2x 100G QSFP28 / 2x 40G QSFP+ /
2x 25G (Adapter) / 8x 10G (Fan-out)
NX-LC-100G-15TB-CTAMD EPYC™ 256 GB 15.3 TB 2x 100G QSFP28 / 2x 40G QSFP+ /
2x 25G (Adapter) / 8x 10G (Fan-out)
NX-LC-100G-30TB-CTAMD EPYC™ 256 GB 30.7 TB 2x 100G QSFP28 / 2x 40G QSFP+ /
2x 25G (Adapter) / 8x 10G (Fan-out)
NX-LC-100G-60TB-CTAMD EPYC™ 256 GB 61.4 TB 2x 100G QSFP28 / 2x 40G QSFP+ /
2x 25G (Adapter) / 8x 10G (Fan-out)

PacketFalcon Compact UPGRADES

NX-LC-UPG-256A-CUpgrade the PacketFalcon system from 128 GB to 256 GB RAM
NX-LC-UPG-512A-CUpgrade des PacketFalcon-Systems from 128 GB to 512 GB RAM
NX-LC-UPG-512B-CUpgrade des PacketFalcon-Systems from 256 GB to 512 GB RAM
NX-LC-UPG-HSK-CHard case for transport

PacketFalcon Compact Hard Case for Transport
Hard case for transport

Kontaktieren Sie uns
Unser Online-Shop


Data Sheet

NEOXPacketFalcon Compact - Datenblatt-Download

We will be happy to consult you and look forward to hearing from you!