NIPS Blocklist Implementation and Whitelist Priority

agosto 4, 2022 | Adeline Zhang

The blocklist is matched based on the source IP address, destination IP address, or a combination of source and destination IP addresses of a packet. The blocklist works for TCP and UDP transport layer packets. That is to say, after an IP address is added to the blocklist, the ping is successful, but transport layer […]

Configuring Collaboration Between ADS and ADS M

julho 25, 2022 | Adeline Zhang

ADS M supports standalone management and cluster management. In standalone management mode, ADS M manages a single ADS in an in-path or out-of-path deployment. In cluster management mode, ADS M manages multiple ADSs as a cluster for automatic synchronization of device configuration and protocol synchronization among these ADSs. The following describes how to configure stand-alone […]

Configuring SSL Offload on NSFOCUS WAF

julho 18, 2022 | Jie Ji

With the increasing scale of SSL traffic, its disadvantages are becoming more and more obvious. In HTTPS communication, the client needs to start an SSL handshake with the server after the TCP handshake, which may cause SSL delay. In addition, the web server needs to encrypt and decrypt the data in transit, so the SSL […]

NSFOCUS WAF Protection Actions

julho 6, 2022 | Jie Ji

NSFOCUS WAF supports five actions for a specific protection policy. Take HTTP access control as an example. You can specify one of the following actions as required: Pass: Indicates that if an access request matches corresponding parameter settings, NSFOCUS WAF directly forwards it to the destination server without any more security inspections. Accept: Indicates that […]

Tips on X-FORWARDED-FOR

julho 6, 2022 | Jie Ji

In the reverse proxy mode, NSFOCUS WAF preserves the real source IP address in the X-forwarded-for header. In this mode, since the destination for clients is the WAF, the WAF will record the real client IP address in this request header and forward the header to the server, which helps keep the entire session. Test […]

Is NIPS Capable of Blocking SSH Connections?

julho 6, 2022 | Jie Ji

The answer is YES! NSFOCUS NIPS can block SSH connections. You may have similar questions, for example, whether Nmap or sqlmap can be blocked by NIPS. The answer is YES, too! These questions can often be resolved by configuring application control profile. Follow these steps to enable SSH connection blocking: Step 1: Click Objects on […]

Enabling Detection to Traffic Listened on Non-Standard Ports

julho 6, 2022 | Jie Ji

By default, NSFOCUS NIPS identifies the protocols and detects attacks on standard ports only. For example, File Transfer Protocol (FTP) operates on ports 20 and 21, Telnet protocol operates on port 23, and HTTP protocol uses port 80. However, the traffic using preceding protocols on non-standard ports will not be identified by NIPS by default, […]

Description of ADS Hardware Status Alerts

julho 6, 2022 | Jie Ji

1.CPU threshold The default threshold value is 80%. The system CPU usage is updated every 10 seconds. 2.Memory threshold: The default threshold value is 90%. The system memory usage is updated every 10 seconds. 3.CPU temperature threshold: The default threshold value is 90 °C. The equipment CPU temperature is updated every 10 seconds. 4.Motherboard temperature […]

What Information will Master/Backup NTAs Share

julho 6, 2022 | Jie Ji

After two NTAs are configured to operate as the master and backup NTAs for hot standby, the master NTA will synchronize the configuration to the backup one in real time. This will guarantee that the configuration of the backup NTA is consistent with that of the master NTA. The synchronized configuration information includes the following: […]

Search