NTA analyzes traffic and detects exceptions based on flow data sent by the routers and switches. To provide a better understanding of how to send flow data for NTA analysis, we will illustrate flow configuration through an example. Additionally, we'll guide you on key considerations during the configuration process. In...
Categoria: NTA
Preliminary Troubleshooting for Cloud Authentication Failure in ADS, NTA and ADSM
If the virtual product uses cloud authentication, it needs to communicate with the cloud authentication center periodically every day to complete the authentication and ensure availability. You can confirm the authorization mode by checking the Authorization Mode of the license. For example, in the image below, NTA uses cloud authorization....
Troubleshooting for NTA and ADS Automatic Diversion
When NTA detects abnormal traffic, it can notify ADS to divert the traffic. ADS sends route diversion notifications to the router, redirecting the traffic to ADS for cleaning. Based on this scenario, this article will summarize troubleshooting directions when traffic is not successfully diverted to ADS. 1. Check whether automatic...
Introduction to NTA Automatic Diversion
NTA supports configuring automatic diversion for Region/IP Group traffic alerts and Region/IP Group DDoS attack alerts. There are different diversion methods for various scenarios, including ADS Diversion, Flowspec Diversion, BGP Diversion, and Null-Route Diversion For the Region/IP Group traffic alert, the following conditions must be met to perform automatic diversion...
Differences between NTA Auto IP Diversion and Auto Group Diversion
You may have seen that there are two diversion modes in NTA alerts. They are Auto IP diversion and Auto group diversion. The Auto group diversion is triggered by the Region/IP Group Traffic Alert (at step 3 when configuring Regions or IP Groups). The Auto IP diversion is triggered by...
An Explanation of Traffic Abnormal in the NTA DDoS Attack Alert
Traffic Abnormal does not differentiate between alert types. Any instance where the total traffic volume for a single destination IP exceeds the threshold is considered a traffic anomaly.
