PingIntelligence

Prerequisites

Complete the following before configuring the Axway API Gateway:

  • Confirm the Axway version PingIntelligence 4.0 works with Axway 7.5.3 or later.urq1569832138468

  • OAuth token store: If you wish to detect username based attacks, make sure that OAuth token store is configured in Axway.

  • Install PingIntelligence software

    PingIntelligence should be installed and configured. Refer to the PingIntelligence deployment guide for your environment.

  • Verify that ASE is in sideband mode

    Check that ASE is in sideband mode by running the following ASE command:

    /opt/pingidentity/ase/bin/cli.sh status
    API Security Enforcer
    status                  : started
     mode : sideband
    http/ws                 : port 80
    https/wss               : port 443
    firewall                : enabled
    abs                     : enabled, ssl: enabled
    abs attack              : disabled
    audit                   : enabled
    sideband authentication : disabled
    ase detected attack     : disabled
    attack list memory      : configured 128.00 MB, used 25.60 MB, free 102.40 MB

    If ASE is not in sideband mode, then stop ASE and change the mode by editing the /opt/pingidentity/ase/config/ase.conf file. Set mode as sideband and start ASE.

  • Enable sideband authentication: For a secure communication between Axway and ASE, enable sideband authentication by entering the following ASE command:

    # ./bin/cli.sh enable_sideband_authentication -u admin –p
  • Generate sideband authentication token

    A token is required for Axway to authenticate with ASE. To generate the token in ASE, enter the following ASE command:

    # ./bin/cli.sh -u admin -p admin create_sideband_token

    Save the generated authentication token for further use.

  • Port for AAD

    If you are using AAD to automate API definition updates on PingIntelligence, open the following ports:

    • Open the management port to fetch API definitions from Axway. The default port is 8075.

    • Open port 8010 in ASE for AAD to add API definitions.

To connect PingIntelligence ASE with Axway API Gateway, complete the following steps:

  • Import the Axway Policy in Axway Policy Studio

  • Deploy the Axway Policy

  • Import the APIs from the Management VM to Axway API Manager.