[License Type]
NX3-HD2200、NX3-HD2100、NX3-HD3000、NX5-HD3500、NTA VM
[Source Version]
V4.5R90F07
[Target Version]
V4.5R90F07SP01
[Matching Versions of Collaborative Devices]
ADS: V4.5R90F07, V4.5R90F07SP01
ADSM: V4.5R90F07, V4.5R90F07SP01
ADBOS: V4.5R90F07SP01
MF: V4.5R90F01SP10,V4.5R90F01SP11,V4.5R90F01SP12
[Function Description]
1. Added watermark-based authentication method for vNTA
2. Product upgrade package - Security hardening applied
3. Monitored object - Query performance optimization
4. Region / IP group configuration - Usability optimization
5. Added support for manual FlowSpec in diversion allowlist
6. Bug fixes

[Important Notes]
1. The web-based manager is inaccessible during system updating.
2. All engines are stopped during system updating.
3. After updating is complete, users need to refresh the web page as prompted.
4. During the upgrade, it is normal that the web-based manager displays an error message "502 Bad Gateway" or directly denies your access request.
Please refresh the web-based manager 5 minutes later, and then check Product Version in About. If the version is V4.5R90F07SP01, the upgrade succeeds.

[Bug list]
1. NTA-16071 [syslog] When triggering a traffic anomaly alarm, the netmask field should be filled with 0
2. NTA-16240 [HA] Configuration synchronization fails after communication password modification
3. NTA-16239 [HA] Communication password containing the $ character will cause configuration synchronization failure
4. NTA-16163 [syslog] F07 mirror production equipment, component detection, network segment detection alarms, etc. syslog sending fails
5. NTA-15949 [Hygon] In DPI mode, when querying the IP address via serial port, if there is a "does not exist" message, it will print
6. NTA-16241 [User Accounts] Occasionally, custom-permitted users do not display permission options.
7. NTA-16066 [DPI] During C621 alarm process, the traffic analyzer analyzeSystem engine is restarted. After restarting, a HOPOPT will be added to the protocol in the alarm.
8. NTA-16067 [Log] In Phytium DPI-PG mode, /var/log/dump-traffic.log has flow error logs printed.
9. NTA-15952 [NTP Service] After NTP anomaly recovery, the time is adjusted forward by more than 5 minutes, and the ttserver is not restarted.
10.NTA-15814 [Web] In the alarm details exported report, the alarm details do not include the source autonomous system, source prefix, and interface fields.
11.NTA-15812 [DFI] After switching the router's custom SNMP OID memory usage calculation method, the mem_usage value is calculated incorrectly.

[License Type]
NX3-HD2200、NX3-HD2100、NX3-HD3000、NX5-HD3500、NTA VM
[Source Version]
V4.5R90F06,V4.5R90F06SP01,V4.5R90F06SP02
[Target Version]
V4.5R90F07
[Matching Versions of Collaborative Devices]
ADS: V4.5R90F07
ADSM: V4.5R90F07
ADBOS: V4.5R90F07
MF: V4.5R90F01SP10,V4.5R90F01SP11,V4.5R90F01SP12
[Function Description]
1. Added the traffic anomaly detection feature, including source IP access frequency anomaly detection, geolocation anomaly detection, protocol proportion anomaly detection, attack signature anomaly detection, and threat access anomaly detection.
2. Support for displaying the SSD/CF card status.
3. Support for displaying the common patch version.
4. Optimized the device reliability.
5. Removed the requirement that the start time of the updated license must be later than that of the existing license.
6. Fixed known bugs.

[Important Notes]
1. The web-based manager is inaccessible during system updating.
2. All engines are stopped during system updating.
3. After updating is complete, users need to refresh the web page as prompted.
4. During the upgrade, it is normal that the web-based manager displays an error message "502 Bad Gateway" or directly denies your access request.
Please refresh the web-based manager 5 minutes later, and then check Product Version in About. If the version is V4.5R90F07, the upgrade succeeds.

[Bug list]
1. NTA-14584 [x86] Disabling the tcp_tw_recycle kernel parameter is recommended.
2. NTA-14601 [web] When the high-level alert setting is left blank, the page displays an error message "Sorry, the server cannot handle this request."
3. NTA-14599 [RSAS scan] RSA key security is enhanced.
4. NTA-14593 [Alert configuration template] The flowspec redirect_ip configuration is not verified.
5. NTA-14588 [Phytium] Forwarding SNMP trap audit logs fails.
6. NTA-14587 [Collaboration with ADBOS] After NTA's system time is changed in the web-based manager, the logs of newly triggered alerts fail to be forwarded.
7. NTA-14579 [Web] The audit logs for enabling or disabling alert plug-ins are inaccurate.
8. NTA-14585 [Web page] The layout of the Top 5 DDoS Alerts information under Monitor > View is abnormal.
9. NTA-14631 The dual-power supply detection occasionally reports alternating Down and Up logs.
10. NTA-15477 [Phytium] When the NTPD server address is unreachable, restarting the system causes the system time to jump forward by 8 hours.
11. NTA-15454 [Third-party interface] snmpwalk cannot retrieve the ifSpeed or ifphysAddress information of NTA's 10G interface.
12. NTA-15790 [Phytium - Third-party interface] Some OIDs cannot retrieve data.
13. NTA-15485 [NTP service] If either the primary or secondary server address becomes unreachable, a running log records that the NTP service is temporarily unavailable.
14. NTA-15458 [Phytium] Online upgrading of the threat intelligence database fails.
15. NTA-15765 [Web] The maximum number is not applied when IP groups are configured in bulk.