SSL Certificate Replacement on NSFOCUS ADS
January 20, 2023
A Secure Sockets Layer (SSL) certificate is digitally signed and issued by a trusted certificate authority (CA) to an organization for authentication of server identities and encryption of data in transit. Therefore, SSL certificates can protect user privacy and information security. For a website with an SSL certificate issued by a CA, the browser marks […]
NSFOCUS WAF Website Certificate Generation Method
January 13, 2023
To protect HTTPS websites, the certificate used by these websites needs to be uploaded to NSFOCUS WAF. These certificates may be in different formats, such as .pfx, .crt, and .pem. NSFOCUS WAF, however, supports .cer certificates only. Therefore, the customer needs to extract the certificate information and private key from the original certificate file and […]
NIPS V5.6R10 Rule Types
January 6, 2023
NIPS V5.6R10 has five types of rules to detect DDoS attacks, local privilege elevation, information gathering, suspicious network behaviors, and network monitoring events, respectively. They are described as follows. 1. Information gathering Information gathering is the first step of network intrusion. Attackers use various methods to scan and probe target hosts and identify paths to […]
NTA Traffic Troubleshooting
December 30, 2022
Common Problems (1) Choose Monitor > Router, and find that no data is displayed or the router traffic data size is greatly different from that in the real situation.(2) The traffic of some region IP addresses is not monitored.(3) Before upgrading to NTA V4.5R90F02SP06, the router can monitor traffic data, but after the upgrade, no […]
Introduction to NSFOCUS WAF Web Decoding Function
December 22, 2022
WAF web decoding function can decode base64-encoded data. After that, WAF performs attack detection by identifying attack signatures and provides prevention. The web decoding function is configured per website. Web Decoding Configuration Step 1. Choose Security Management > Website Protection, select a website group, click Web Decoding, and then click Create in the upper-right corner […]
Security Concept for Software Supply Chain (Part 2) — Assessable Capabilities of Software Supply Chain Compositions
December 14, 2022
To deal with threats from supply chains and ensure the security of their own IT infrastructure, companies shall set a list of software compositions to sort out the supply chain products, identify and manage key software suppliers, control security risks through security assessments at all stages of the life cycle of supply chains, and reduce […]
New Feature – Protection Group-Specific NTI of ADS V4.5R90F04
December 9, 2022
Function Description This function will be released on ADS Version 4.5R90F04 in Q1 2023. The group-specific NTI is supported in ADS V4.5R90F04 as a supplement to the existing protection method.Before using this function, choose Advanced > NTI > NTI Configuration and set Enable to Yes. The group-specific NTI policy supports Traffic Control by Dst IP […]
New Feature – Protection Group-Specific ACL Rules in ADS R90F04
December 2, 2022
Function Description This function will be released on ADS Version 4.5R90F04 in Q1 2023. As global ACL rules may not be suitable for some scenarios, ADS R90F04 supports custom access control rules for a protection group for more refined control. The underlying implementation of ACL rules in ADS R90F04 is refactored, significantly improving the performance. […]
Detection of Constituent Proportions of Outbound Traffic for DDoS Attacks
November 15, 2022
Function Description This function will be released on NTA Version 4.5R90F04 in Q1 2023. In the earlier versions, the NTA identifies outbound DDoS attacks by traffic thresholds set for region IP addresses. Some customers with small-traffic businesses hope the NTA can detect constituent proportions of outbound traffic for DDoS attacks. If the outbound traffic of […]
Introduction of RESTful APIs for NIPS Version 5610 and 5611
October 28, 2022
A RESTful API means that API works in REST standard. RESTful API requires the front end to send requests in one predefined format, so the server only needs to use one unified interface to process. NSFOCUS NIPS can use RESTful API to get the device information or change settings. API tools need to be authorized […]