NEOXPacketFalcon – Portable Packet Capture Appliance

Your flexible and mobile platform for ultra-fast real-time recording, indexing, searching and analysis of network data!

Networks continue to increase in speed and complexity. Security attacks will continue to evolve in terms of complexity and stealth. Business operations will continue to be network-based. For optimal and secure IT service quality, IT security teams must have permanent access to detailed analyses of data traffic. Network forensics provides this essential access and insight that security analysts need.

Our PacketFalcon products are powerful recording devices for all types of speeds, enabling IT organizations to analyze, monitor and accurately record traffic without compromise. PacketFalcon allows permanent 24 x 7 access to 1G, 10G, 25G, 40G and 100G network media for detailed analysis, including forensic analysis of past events.

PacketFalcon helps security teams analyze by recording data at key network points while keeping the traffic that can result from this data collection as low as possible. By indexing the data and providing simple and complex filters (Berkeley Packet Filter), PacketFalcon enables security teams to quickly investigate and stop attacks, even when they occur on advanced high-speed networks such as 40G or 100G network topologies.

With the NEOX PacketFalcon, the proven LiveAction Deep Packet Inspection technology can be quickly and easily brought to remote network segments. With its robust construction and Linux as operating system, either 12 TB, 25 TB, 51 TB or 102 TB disk storage and 1/10/25/40/100G high performance Gigabit Capture Adapter, it is the ideal companion for the mobile network analysis and forensic specialist.

Hardware Overview

  • 17,3“ Full HD 1920 x 1080 Display
  • Robust aluminium housing
  • Quiet fans, 658 W Power supply
  • Keyboard, lockable as display protection during transport
  • 10G Ethernet Management Interface
  • High-speed FPGA measurement cards for 1/10/25/40/100G
  • USB 3.0, USB 2.0, serial port, hardware RAID 0,1,5,6,10
  • 250 GB SSD M2 for operating system
  • 16 pieces 2.5″ SSD/HDD removable frame
  • Storage capacity between 12 TB and 102 TB
  • 128 GB DDR4 RAM (optional up to 1024 GB RAM)
  • Hardware RAID 0,1,5,6,10
  • Dimensions (W x H x D): 43.5 x 37.3 x 17.8 cm, approx. 15 kg
  • Optional: Hard shell case with CNC milled foam for transport

Preinstalled software and hardware

The NEOXPacketFalcon is delivered with a combination of leading software and hardware solutions and contains the following components:

  • LiveCapture (Software)
    • Lossless capture and recording of 1G, 10G, 25G, 40G and 100G network traffic while ensuring full data integrity.
    • Powerful data preparation tools that allow IT technicians to focus on specific time periods and types of traffic.
    • Integrated analytics, including expert analysis and critical network metrics such as top talkers and top protocols, all of which contribute to accelerated investigation of potential attacks.
    • The network data is provided with a hardware time stamp with nanosecond accuracy on arrival. GPS, PPS, PTP and other external time sources are supported.

You can get more information about LiveCapture here.

Online Shop Neox Networks

PacketFalcon Brochure

PacketFalcon Datasheet

Datasheet PacketFalcon EN
  • Napatech (Capture card)
    The NEOXPacketFalcon can be used simultaneously with three of the following network measurement and capture cards:

    • 1/10G (High Performance) FPGA Adapter (SFP/SFP+)
    • 25/40/100G (High Performance) FPGA Adapter (QSFP+/QSFP28)

For more information about Napatech’s capture cards, click here.


  • Acceleration of Mean-Time-To-Resolution (MTTR) through visualization and interaction with meta data, communication flows and the packets themselves
  • Extensive insight into the functioning of networks and applications including application detection/classification
  • Analysis of network traffic in each remote segment, support for 1/10/25/40/100 Gigabit Ethernet and 802.11 wireless
  • Voice and Video over IP quality metrics (MOS Score), including overview statistics and comprehensive analysis of signaling and RTP media flows
  • Packet-based analysis of communication relationships, visualized in intuitive graphical displays
  • Integrated, reliable expert events, indication of anomalies via OSI Layer 2-7
  • Patented drill-down function
  • Recording of terabytes of traffic without packet loss
  • Hardware based time stamps with nanosecond accuracy
  • PTP support for external time synchronization according to IEEE 1588v2
  • Cascading of several PacketFalcon systems
  • Simultaneous unlimited access via Web GUI (“Peek”)
  • Packet Slicing and Capture Filter in hardware
  • 4GB/12 GB hardware buffer for absorbing and analyzing microbursts
  • PCAP or PCAPNG Support
  • Trolley included

We will be happy to consult you and look forward to hearing from you!