Layer7 API Management

Expand all | Collapse all

Is there any IP Blacklisting capability that we can enable at the API Gateway  level?

  • 1.  Is there any IP Blacklisting capability that we can enable at the API Gateway  level?

    Posted Jan 02, 2018 10:07 PM

    As part of the audit processes of the API Gateway logs, we have noticed that there has been calls made from IPs not recognized as valid clients to the set of APIs we have enabled.

    We consider those calls attacks looking to harvest on potential non secured services of flaws of the Gateway.

     

    Since those calls generates some traffic and potentially consume resources I would like to have the alternative to blacklist the IPs originating those calls from the beginning with the least resources consumption required.

     

    Can you suggest the best approach to it, I would like to have some IP blacklisting capability. 

    Example of the calls I want to block 



  • 2.  Re: Is there any IP Blacklisting capability that we can enable at the API Gateway  level?
    Best Answer

    Posted Jan 02, 2018 10:53 PM

    Hi Henriquez,

     

    Perhaps you can take a look at the "Restrict Access to IP Address Range Assertion" to block the IPs and implement the mentioned assertion in a global policy at the message-received stage, as this is is before the resolution of service.

     

    Restrict Access to IP Address Range Assertion - CA API Gateway - 8.3 - CA Technologies Documentation 

     

    Global Policy Fragments - CA API Gateway - 9.3 - CA Technologies Documentation 

     

    Hope this helps