NTA

Enable Two-Factor Authentication (2FA) with Email Verification on NTA

July 12, 2024 | NSFOCUS

This article provides instructions on configuring and using email verification with password authentication to implement two-factor authentication (2FA) on NTA. The NTA version used in this article is V4.5R90F05. The email verification feature is unavailable if your device runs an earlier version. To use this feature, you must upgrade NTA to V4.5R90F05. Prerequisites To use […]

Introduction to NTA Auto-learning Function

June 28, 2024 | NSFOCUS

The implementation of DDoS attack alerting relies on setting alert thresholds. Setting the threshold too high may result in false negatives, while setting it too low may lead to a high number of false positives. Therefore, it is crucial to establish appropriate thresholds. NTA provides automatically learn, record, and analyze network traffic from the IP […]

NTA Model Limitation for Upgrade to Version 4.5R90F05

June 14, 2024 | NSFOCUS

The models that support upgrading to V4.5R90F05 are NX3-HD2100/HD2200/HD3000 /vNTA. Due to hardware device limitations (including but not limited to memory, data disk size, etc.) used in the NTA NX3-1000E/2000E model, upgrading the system to V4.5R90F05 is highly likely to result in the system not functioning properly. Therefore, upgrading the software version to V4.5R90F05 is […]

NTA Email Alert Configuration

April 19, 2024 | NSFOCUS

There are two separate email configurations on NTA which do not affect each other. One is the region/IP group email alert, the other is the global email alert. 1.  Region/IP Group Email Alert Configuration -> Objects -> Regions -> Edit Corresponding Region/IP Group Email addresses configured on the Region -> Basic Information page will receive […]

NTA and Router SNMP Configuration Example

March 15, 2024 | NSFOCUS

NTA can monitor the CPU and memory usage, as well as traffic on the router interfaces where SNMP functionality is enabled. We will provide an example to explain the configuration for a better understanding of SNMP setup. Scenario: Configuring SNMP between the NTA management interface (IP: 10.66.249.47) and a switch (10.66.249.61). 1. Configuration on the […]

NTA BGP Configuration Example

March 1, 2024 | NSFOCUS

NTA must establish iBGP neighborship with a router to implement null route or BGP diversion. Only in this way can NTA advertise route update notifications for the diversion of attack traffic to a third-party device for cleaning. BGP configuration module allows you to configure parameters for establishing a BGP session. The procedure is as follows: […]

NTA Flow Configuration Example

February 16, 2024 | NSFOCUS

NTA analyzes traffic and detects exceptions based on flow data sent by the routers and switches. To provide a better understanding of how to send flow data for NTA analysis, we will illustrate flow configuration through an example. Additionally, we’ll guide you on key considerations during the configuration process. In the given network environment, a […]

Preliminary Troubleshooting for Cloud Authentication Failure in ADS, NTA and ADSM

February 1, 2024 | NSFOCUS

If the virtual product uses cloud authentication, it needs to communicate with the cloud authentication center periodically every day to complete the authentication and ensure availability. You can confirm the authorization mode by checking the Authorization Mode of the license. For example, in the image below, NTA uses cloud authorization. If the product fails to […]

Troubleshooting for NTA and ADS Automatic Diversion

January 5, 2024 | NSFOCUS

When NTA detects abnormal traffic, it can notify ADS to divert the traffic. ADS sends route diversion notifications to the router, redirecting the traffic to ADS for cleaning. Based on this scenario, this article will summarize troubleshooting directions when traffic is not successfully diverted to ADS. 1. Check whether automatic diversion is triggered. You can […]

Introduction to NTA Automatic Diversion

December 28, 2023 | NSFOCUS

NTA supports configuring automatic diversion for Region/IP Group traffic alerts and Region/IP Group DDoS attack alerts. There are different diversion methods for various scenarios, including ADS Diversion, Flowspec Diversion, BGP Diversion, and Null-Route Diversion For the Region/IP Group traffic alert, the following conditions must be met to perform automatic diversion after the alert is triggered: […]