Riskfort Rule to limit logins based on Client IP Address
Article ID: 135619
Updated On:
Products
CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort)
CA Strong Authentication
CA Rapid App Security
CA Risk Authentication
CA Advanced Authentication
Issue/Introduction
Riskfort server may be bombarded with Risk Evaluate requests (during login) from a specific Client IP address (possibly rogue) impacting the performance of Riskfort server. In such a situation there is a need to cap the number of Risk Evaluate requests that are possible to the back end Riskfort server in given time interval.
Environment
Release : 3.1
Component : RiskMinder(Arcot RiskFort)
Cause
Denial of service due to repetitious Evaluate Risk requests from a specific Client IP address.
Resolution
A Riskfort Rule to INCREASEAUTH when number of Evaluate Requests (Logins) from a specific IP exceeds a threshold.
Additional Information
None.
Feedback
Yes
No
Powered by
