Prerequisites

Complete the following before configuring PingAccess:

Confirm the PingAccess version

The PingIntelligence policy supports PingAccess versions 5.x and 6.x. If you are using any other version, contact Ping Identity support.
Install PingIntelligence software

PingIntelligence software should be installed and configured. For more information on PingIntelligence deployment, see PingIntelligence setup and PingIntelligence manual deployment.

Verify that ASE is in sideband mode

Check ASE is in sideband mode by running the following command in ASE command line.

/opt/pingidentity/ase/bin/cli.sh status
API Security Enforcer
status                  : started
 mode : sideband
http/ws                 : port 80
https/wss               : port 443
firewall                : enabled
abs                     : disabled, ssl: enabled
abs attack              : disabled
audit                   : enabled
sideband authentication : disabled
ase detected attack     : disabled
attack list memory      : configured 128.00 MB, used 25.61 MB, free 102.39 MB
google pubsub           : disabled
log level               : debug
timezone                : local (UTC)

If ASE is not in sideband mode, then stop ASE and change the mode by editing the /opt/pingidentity/ase/config/ase.conf file. Set mode as sideband and start ASE.

Enable sideband authentication

For secure communication between PingAccess and ASE, enable sideband authentication by entering the following ASE command.
```
# ./bin/cli.sh enable_sideband_authentication -u admin –p
```
Generate sideband authentication token

A token is required for PingAccess to authenticate with ASE. To generate the token, enter the following ASE command.
```
# ./bin/cli.sh -u admin -p admin create_sideband_token
```
Save the generated authentication token for further use.

PingIntelligence

Prerequisites