API Management 10.4 | Using API Gateway | Policies | Managing Threat Protection Policies
 
Managing Threat Protection Policies
 
Configuring Global Denial of Service Policy
Configuring Denial of Service by IP Policy
Managing Denied IP List
Configuring Rules
Registering a Mobile Device or Application
Configuring Alert Settings
Threat protection policies prevent malicious attacks on applications that typically involve large, recursive payloads, and SQL injections. You can limit the size of things, such as maximum message size, maximum number of requests, maximum node depth and text node length, in the XML document.
The threat protection policies apply to an API globally for all requests coming into API Gateway. These policies are executed only for requests coming to the external port of API Gateway. You can configure the global threat protection rules to filter requests that API Gateway receives. You can also configure API Gateway to send an alert when a request violates a rule. When a rule is configured to send an alert and a violation occurs, API Gateway logs the details and generates an alert. The alert message contains detailed information that includes the IP address from which the request was sent, user information, and the name of the rule filter that matched.
API Gateway applies rules in the order in which they are displayed on the Global policies screen. Because a violation of a denial rule causes API Gateway to stop processing a request, it is important to prioritize the rules based on the order in which you want them to be evaluated. The server processes denial rules before alert rules.
You must have the API Gateway's manage threat protection functional privilege assigned to perform this task.
*Global Denial of Service
*Denial of Service by IP
*Rules
In addition, the API Gateway administrator can configure the necessary mobile devices and applications, configure alert options, and manage the IPs that are denied access.
Note: If you have deployed API Gateway in a paired gateway deployment scenario with multiple instances of API Gateway connected using a load balancer for threat protection, when you make a change in enforced rules on one of the API Gateway instances you have to restart the other instances to synchronize the rule enforcement across all the API Gateway instances.

Copyright © 2015- 2019 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release