Function Description This function will be available in NTA V4.5R90F04 in Q2 2023. NTA allows online upgrades of the DDoS detection rule library for automatic protection. This function can meet most of the current customization requirements by providing the latest detection rules against new types of DDoS attacks. Configuration Procedure Obtain the upgrade package of […]

In computing, syslog is a standard for message logging.  It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, indicating the type of system generating the message, and is assigned a severity level. Computer system […]

WAF REST API is known as the secondary development interface, and can be called by third-party platforms/software for adding, deleting, modifying, and querying WAF as wells its site, policy, and other configurations. Basic Conventions Format conventions: WAF REST API requests and responses are in JSON format: The attribute (primary key) name and character string of […]

The NIPS policy matching mechanism is blocking first. That is, when traffic is matched against all policies, if one policy is matched whose action is set to block, traffic is blocked. When configuring IPS policies, it is recommended that they should not be overlapped. For example, security zones should not be overlapped, and address objects […]

Computer system designers may use syslog for system management and security auditing as well as general informational, analysis, and debugging messages. A wide variety of devices, such as printers, routers, and message receivers, across many platforms use the syslog standard. This permits the consolidation of logging data from different types of systems in a central […]

A Secure Sockets Layer (SSL) certificate is digitally signed and issued by a trusted certificate authority (CA) to an organization for authentication of server identities and encryption of data in transit. Therefore, SSL certificates can protect user privacy and information security. For a website with an SSL certificate issued by a CA, the browser marks […]

To protect HTTPS websites, the certificate used by these websites needs to be uploaded to NSFOCUS WAF. These certificates may be in different formats, such as .pfx, .crt, and .pem. NSFOCUS WAF, however, supports .cer certificates only. Therefore, the customer needs to extract the certificate information and private key from the original certificate file and […]

NIPS V5.6R10 has five types of rules to detect DDoS attacks, local privilege elevation, information gathering, suspicious network behaviors, and network monitoring events, respectively. They are described as follows. 1. Information gathering Information gathering is the first step of network intrusion. Attackers use various methods to scan and probe target hosts and identify paths to […]

Common Problems (1) Choose Monitor > Router, and find that no data is displayed or the router traffic data size is greatly different from that in the real situation.(2) The traffic of some region IP addresses is not monitored.(3) Before upgrading to NTA V4.5R90F02SP06, the router can monitor traffic data, but after the upgrade, no […]

WAF web decoding function can decode base64-encoded data. After that, WAF performs attack detection by identifying attack signatures and provides prevention. The web decoding function is configured per website. Web Decoding Configuration Step 1. Choose Security Management > Website Protection, select a website group, click Web Decoding, and then click Create in the upper-right corner […]