API Security Events Classification

maio 15, 2024 | NSFOCUS

The risk levels of API security events for NSFOCUS WAF version 6080 are categorized as follows: :Low Risk Events :Medium Risk Events :High Risk Events API Security Event Types: Event Type Description Abuse Attacks covered include JavaScript-related, account takeover, and CSRF. Sensitive Data Exposure Attacks covered include sensitive information leakage, anti-crawling, information leakage prevention, and […]

NTA Email Alert Configuration

abril 19, 2024 | NSFOCUS

There are two separate email configurations on NTA which do not affect each other. One is the region/IP group email alert, the other is the global email alert. 1.  Region/IP Group Email Alert Configuration -> Objects -> Regions -> Edit Corresponding Region/IP Group Email addresses configured on the Region -> Basic Information page will receive […]

NIPS Troubleshooting Steps for No Log

abril 12, 2024 | NSFOCUS

NIPS aims to accurately monitor abnormal network traffic, automatically blocking various types of aggressive traffic in real-time, particularly application layer threats. It aims to take proactive measures instead of merely providing alerts at the time of or after detecting malicious traffic. When malicious traffic is detected and blocked, a threat log is recorded and displayed […]

Policy Adjustment Based on Attack Events in ADS

abril 5, 2024 | NSFOCUS

This article provides a brief explanation of policy fine-tuning in ADS. Please note that fine-tuning the protection policy is a time-consuming process. This article focuses on how to check attack details in ADS based on attack events and optimize policies accordingly. Due to different versions of ADS, the screenshots shown in the article may differ […]

NSFOCUS WAF API Security Overview

março 29, 2024 | NSFOCUS

NSFOCUS WAF v.6080 provides protection for third-party API assets. The API security protection features assist clients in refining their inventory of API assets through a combination of proactive and reactive strategies. By integrating automatically generated API baselines and imported OAS files, NSFOCUS WAF conducts API compliance checks. NSFOCUS WAF supports parsing multi-protocol traffic for filtering […]

Preparation for ADS Diversion

março 22, 2024 | NSFOCUS

This article summarizes the preparation configuration of ADS diversion. The specific configuration details may vary depending on the information of the ADS on the client side, router information, and ADS version. The configuration content and order can be referenced from this article. 1. Before configuring diversion, it is necessary to configure IP address information on […]

NTA and Router SNMP Configuration Example

março 15, 2024 | NSFOCUS

NTA can monitor the CPU and memory usage, as well as traffic on the router interfaces where SNMP functionality is enabled. We will provide an example to explain the configuration for a better understanding of SNMP setup. Scenario: Configuring SNMP between the NTA management interface (IP: 10.66.249.47) and a switch (10.66.249.61). 1. Configuration on the […]

NSFOCUS NIPS Brute-Force Protection

março 7, 2024 | NSFOCUS

A brute-force attack involves systematically attempting every possible combination of letters, numbers, and symbols to discover a password. Websites requiring user authentication are susceptible to such attacks. Attackers may begin with dictionary words or slightly modified versions to expedite the process, exploiting common user password practices. These variations are known as dictionary attacks or hybrid […]

NTA BGP Configuration Example

março 1, 2024 | NSFOCUS

NTA must establish iBGP neighborship with a router to implement null route or BGP diversion. Only in this way can NTA advertise route update notifications for the diversion of attack traffic to a third-party device for cleaning. BGP configuration module allows you to configure parameters for establishing a BGP session. The procedure is as follows: […]

NSFOCUS NIPS Packet Playback

fevereiro 22, 2024 | NSFOCUS

NSFOCUS NIPS provides the function of reading packet capture files through the monitoring interface. You can analyze network data based on these files. Only interfaces in security zones of the Monitor type can be used to playback data. If no monitoring interface is available, you must configure one first. Choose System > Troubleshooting > Packet […]

Search