We’re excited to announce an upcoming upgrade to our NSFOCUS on-premises DDoS protection product suite! The new version of our Anti-DDoS products will further enhance our capabilities to detect and protect against DDoS attacks, empowering our customers to tackle increasingly sophisticated threats.
What’s New in Version 4.5R90F06?
Enhanced Protection with ADS
Our Anti-DDoS System (ADS) is a powerful tool for mitigating DDoS traffic. With capabilities ranging from 200Mbps to 1000Gbps, it scales effortlessly and provides robust defenses against both large-scale and application-layer DDoS attacks through clustered deployment.
- Upgraded Carpet Bombing Protection Policies: The F06 version allows you to implement Carpet Bombing Protection Policies for your entire IP range, not just individual addresses. This flexibility makes it easier for you to configure your protection strategies according to your unique needs.(Read more: A Deep Dive into DDoS Carpet-Bombing Attacks)
- Automatic Detection of Suspicious Traffic: Previously, users manually imported SSL/TLS JA3 fingerprints to identify unusual traffic patterns. Now, our ADS can automatically recognize abnormal JA3 fingerprints through traffic learning. This enhancement allows you to swiftly apply rate limitations or block suspicious traffic without needing complex analysis tools.
- Comprehensive DNS Protection Enhancements: The F06 version introduces two new DNS protection algorithms, significantly boosting our defenses against DNS Flood attacks. You can now set up a DNS subdomain whitelist to guard against random subdomain attacks, with options for both manual imports and automatic learning from DNS request packets.
- Advanced SSL/TLS Access Control: With the new configuration for Server Name Indication (SNI) fields, our upgraded SSL/TLS keyword checking policy offers you improved access control, helping to ensure that only legitimate traffic reaches your servers.
Improved Detection with NTA
Our Network Traffic Analyzer (NTA) plays a crucial role in monitoring flow data and notifying ADS when an attack is detected.
- Broader DDoS Detection Capabilities: The F06 version allows you to detect DDoS attacks across your entire IP range, rather than being limited to individual IP addresses, significantly enhancing the efficiency of identifying carpet-bombing DDoS attacks. With this upgrade, NTA can announce ADS to divert traffic for the entire IP range.
- Connection-Based DDoS Detection: Our new feature monitors the rate of new connections and concurrent sessions, allowing you to identify application-layer DDoS attacks more effectively. This advancement closes the gap with competitors and strengthens your overall security posture.
With these latest features, NSFOCUS is committed to keeping your organization safe from evolving threats. Contact us today to learn about more features in the new version or schedule a demo and see how our upgraded Anti-DDoS products can benefit your business!
