Riskfort (CA Risk Authentication) server may be bombarded with Risk Evaluate requests (during login) from a specific Client IP address (possibly rogue) impacting the performance of Riskfort server. In such a situation there is a need to cap the number of Risk Evaluate requests that are possible to the back end Riskfort server in given time interval.
Release : 9.1 (Applicable to all the supported releases)
Component : RiskMinder(Arcot RiskFort)
Note: The IP address block should happen at the Network Firewall level. Riskfort server will process any request it gets and provides an Advise. The below rule will only help to give Stepup when IP velocity threhold is reached, it will not block. To block the transaction the rule should be given the DENY advise rather INCREASEAUTH.
A Riskfort Rule to INCREASEAUTH when number of Evaluate Requests (Logins) from a specific IP exceeds a threshold.