NIPS aims to accurately monitor abnormal network traffic, automatically blocking various types of aggressive traffic in real-time, particularly application layer threats. It aims to take proactive measures instead of merely providing alerts at the time of or after detecting malicious traffic. When malicious traffic is detected and blocked, a threat log is recorded and displayed […]

This article provides a brief explanation of policy fine-tuning in ADS. Please note that fine-tuning the protection policy is a time-consuming process. This article focuses on how to check attack details in ADS based on attack events and optimize policies accordingly. Due to different versions of ADS, the screenshots shown in the article may differ […]

NSFOCUS WAF v.6080 provides protection for third-party API assets. The API security protection features assist clients in refining their inventory of API assets through a combination of proactive and reactive strategies. By integrating automatically generated API baselines and imported OAS files, NSFOCUS WAF conducts API compliance checks. NSFOCUS WAF supports parsing multi-protocol traffic for filtering […]

This article summarizes the preparation configuration of ADS diversion. The specific configuration details may vary depending on the information of the ADS on the client side, router information, and ADS version. The configuration content and order can be referenced from this article. 1. Before configuring diversion, it is necessary to configure IP address information on […]

NTA can monitor the CPU and memory usage, as well as traffic on the router interfaces where SNMP functionality is enabled. We will provide an example to explain the configuration for a better understanding of SNMP setup. Scenario: Configuring SNMP between the NTA management interface (IP: 10.66.249.47) and a switch (10.66.249.61). 1. Configuration on the […]

A brute-force attack involves systematically attempting every possible combination of letters, numbers, and symbols to discover a password. Websites requiring user authentication are susceptible to such attacks. Attackers may begin with dictionary words or slightly modified versions to expedite the process, exploiting common user password practices. These variations are known as dictionary attacks or hybrid […]

NTA must establish iBGP neighborship with a router to implement null route or BGP diversion. Only in this way can NTA advertise route update notifications for the diversion of attack traffic to a third-party device for cleaning. BGP configuration module allows you to configure parameters for establishing a BGP session. The procedure is as follows: […]

NSFOCUS NIPS provides the function of reading packet capture files through the monitoring interface. You can analyze network data based on these files. Only interfaces in security zones of the Monitor type can be used to playback data. If no monitoring interface is available, you must configure one first. Choose System > Troubleshooting > Packet […]

NTA analyzes traffic and detects exceptions based on flow data sent by the routers and switches. To provide a better understanding of how to send flow data for NTA analysis, we will illustrate flow configuration through an example. Additionally, we’ll guide you on key considerations during the configuration process. In the given network environment, a […]

NSFOCUS WAF security reports are divided into classification-specific alert reports and period-specific alert reports. You can acquire reports based on query conditions, such as websites, event types, statistic collection periods, and statistic collection time. 1. Generation procedure: Logs & Reports > Security Reports > Classification-Specific Alert Report or Period-Specific Alert Report > Choose the query […]