RFC 9234 introduces a novel mechanism that leverages the BGP Role to prevent and detect...

L3 IP TTL, L3 IP min TTL, L3 IP max TTL, L3 IP Total Length, L3 IP min Total Length and L3 IP max Total Length information elements can now be collected and used as filters in NFA’s Data Explorer.
The data obtained from the above elements are primarily related to network performance and detecting network attacks. Here are some use cases:
Routing changes observability. The TTL should remain constant between two hosts in the backbone; if it does not, it could mean that the routing has changed. The detection of unauthorized NAT configured on end devices, where the unexpectedly low TTL in flows is a potential sign of the unauthorized NAT presence. The TTL Expiry attacks detection based on many flows with the ipTTL value set to 1, etc.
In turn, monitoring packet length helps network administrators identify performance issues caused by fragmented IP packets or small-size packets.
An SNMP context name, or simply “context”, is a collection of management information accessible by an SNMP entity. If a management information has been defined under a specific context by an SNMPv3 entity, then any management application can access that information by providing that context name. Although not compulsory, there are a lot of cases when one may use SNMP contexts: security, separate logical entities on a physical one, etc.
Unlimited devices, unlimited interfaces, unlimited sites. Endless IP flow analysis capabilities! We’ll warn you when your trial ends, so you can decide whether to move further. Click the button below to get started.
Noction Flow Analyzer v23.07 has just been released. The new version brings a number of new features and improvements...
Noction Intelligent Routing Platform (IRP) v4.2 has just been released. This update introduces an array of exciting...
Noction Flow Analyzer v23.05 is here. This version comes with a number of new features and enhancements: New Filtering...