facebook
irp demo
Request Noction IRP Demo

Request a personalized demo/review session of our Intelligent Routing Platform

irp trial
Start Noction IRP Trial

Evaluate Noction IRP, and see how it meets your network optimization challenges

nfa demo
Noction Flow Analyzer Demo

Schedule a one-on-one demonstration of our network traffic analysis product

nfa trial
Free Noction Flow Analyzer Trial

Test drive NFA today with your own fully featured 30-day free trial

Introducing NFA v 22.08 – featuring packet TTL and length-related information elements, SNMPv3 contexts in requests and more.

We’re excited to announce that our latest Noction Flow Analyzer v 22.08 has just been released, offering:

New packet TTL and length-related information elements

L3 IP TTL, L3 IP min TTL, L3 IP max TTL, L3 IP Total Length, L3 IP min Total Length and L3 IP max Total Length information elements can now be collected and used as filters in NFA’s Data Explorer.

The data obtained from the above elements are primarily related to network performance and detecting network attacks. Here are some use cases:

Routing changes observability. The TTL should remain constant between two hosts in the backbone; if it does not, it could mean that the routing has changed. The detection of unauthorized NAT configured on end devices, where the unexpectedly low TTL in flows is a potential sign of the unauthorized NAT presence. The TTL Expiry attacks detection based on many flows with the ipTTL value set to 1, etc.
In turn, monitoring packet length helps network administrators identify performance issues caused by fragmented IP packets or small-size packets.

NFA22-08-image1

The use of SNMPv3 contexts in requests

An SNMP context name, or simply “context”, is a collection of management information accessible by an SNMP entity. If a management information has been defined under a specific context by an SNMPv3 entity, then any management application can access that information by providing that context name. Although not compulsory, there are a lot of cases when one may use SNMP contexts: security, separate logical entities on a physical one, etc.
NFA22-08-image

Other notable features and improvements include:

  • The status of the device’s last SNMP request is now displayed in the Inventory;
  • Interface descriptions added to the Data Explorer’s Narrow by section;
  • Added option to display interface names in charts and the Data Explorer table;
  • Updated Clickhouse dependency to the latest LTS 22.3.x version.

Try NFA free for 30 days. Cancel anytime.

Unlimited devices, unlimited interfaces, unlimited sites. Endless IP flow analysis capabilities! We’ll warn you when your trial ends, so you can decide whether to move further. Click the button below to get started.

SUBSCRIBE TO NEWSLETTER

You May Also Like