HTTP access control policies can prevent websites from unauthorized and malicious access by controlling over HTTP requests that protected resources respond to. NSFOCUS WAF inspects requests and takes actions when a request matches any of policies you specified. Multiple policies can be applied to a single website and evaluated in top-down order. Once a packet […]

The blocklist is matched based on the source IP address, destination IP address, or a combination of source and destination IP addresses of a packet. The blocklist works for TCP and UDP transport layer packets. That is to say, after an IP address is added to the blocklist, the ping is successful, but transport layer […]

ADS M supports standalone management and cluster management. In standalone management mode, ADS M manages a single ADS in an in-path or out-of-path deployment. In cluster management mode, ADS M manages multiple ADSs as a cluster for automatic synchronization of device configuration and protocol synchronization among these ADSs. The following describes how to configure stand-alone […]

With the increasing scale of SSL traffic, its disadvantages are becoming more and more obvious. In HTTPS communication, the client needs to start an SSL handshake with the server after the TCP handshake, which may cause SSL delay. In addition, the web server needs to encrypt and decrypt the data in transit, so the SSL […]

NSFOCUS WAF supports five actions for a specific protection policy. Take HTTP access control as an example. You can specify one of the following actions as required: Pass: Indicates that if an access request matches corresponding parameter settings, NSFOCUS WAF directly forwards it to the destination server without any more security inspections. Accept: Indicates that […]

In the reverse proxy mode, NSFOCUS WAF preserves the real source IP address in the X-forwarded-for header. In this mode, since the destination for clients is the WAF, the WAF will record the real client IP address in this request header and forward the header to the server, which helps keep the entire session. Test […]

The answer is YES! NSFOCUS NIPS can block SSH connections. You may have similar questions, for example, whether Nmap or sqlmap can be blocked by NIPS. The answer is YES, too! These questions can often be resolved by configuring application control profile. Follow these steps to enable SSH connection blocking: Step 1: Click Objects on […]

By default, NSFOCUS NIPS identifies the protocols and detects attacks on standard ports only. For example, File Transfer Protocol (FTP) operates on ports 20 and 21, Telnet protocol operates on port 23, and HTTP protocol uses port 80. However, the traffic using preceding protocols on non-standard ports will not be identified by NIPS by default, […]

1.CPU threshold The default threshold value is 80%. The system CPU usage is updated every 10 seconds. 2.Memory threshold: The default threshold value is 90%. The system memory usage is updated every 10 seconds. 3.CPU temperature threshold: The default threshold value is 90 °C. The equipment CPU temperature is updated every 10 seconds. 4.Motherboard temperature […]

After two NTAs are configured to operate as the master and backup NTAs for hot standby, the master NTA will synchronize the configuration to the backup one in real time. This will guarantee that the configuration of the backup NTA is consistent with that of the master NTA. The synchronized configuration information includes the following: […]