Configuring a NAT group

Configure a Network Address Translation (NAT) group to limit the number of public IP addresses that are required for your IBM® QRadar® managed hosts to communicate with the internet.

1. On the navigation menu ( ), click Admin.
2. In the System Configuration section, click System and License Management.
3. In the Display list, select Systems.
4. To configure a NAT group for the QRadar Console, follow these steps:
   1. Select the QRadar Console appliance in the host table.
   2. On the Deployment Actions menu, click Edit Host.
   3. Select the Network Address Translation check box.
   4. In the NAT Group list, select the NAT group that the console belongs to, or click the settings icon () to create a new NAT group.
   5. In the Public IP field, type the public IP address for the console, and then click Save.
5. Configure each managed host in the same network to use the same NAT group as the QRadar Console.
   1. Select the managed host appliance in the host table.
   2. On the Deployment Actions menu, click Edit Host.
   3. Select the Network Address Translation check box.
   4. In the NAT Group list, select the NAT group that the QRadar Console belongs to.
   5. In the Public IP field, type the public IP address for the managed host.
      Note: Unless an event collector is connecting to a managed host that uses NAT, configure the managed host to use the same the public IP address and the private IP address.
   6. Click Save.
6. On the Admin tab, click Advanced > Deploy Full Configuration.
   Important: QRadar continues to collect events when you deploy the full configuration. When the event collection service must restart, QRadar does not restart it automatically. A message displays that gives you the option to cancel the deployment and restart the service at a more convenient time.