Configuring Docker evaluation sideband deployment

Configure the Docker package for sideband deployment.

Before you begin

Download PingIntelligence sideband policies and documentation from the Ping Identity Downloads site.

About this task

You can optionally configure the Docker evaluation environment for a sideband deployment with an application programming interface (API) Gateway. The Docker evaluation package ships with sample API swagger definition files that can be adapted to support your API Gateway environment.

To configure the Docker package for sideband deployment:

Steps

Open the config directory and edit the poc.config file to set mode as sideband.

Example:

The following is a sample poc.config file:

# API Security Enforcer mode.
# allowed values: inline, sideband
ase_mode=inline

# initial training period in hours
training_period=1

# poc mode for training
poc_mode=true


 Below Configuration is applicable only when ase_mode is set to sideband 


# API gateway ip address or dns name
gateway_ip=
# API gateway port
gateway_port=443
# set gateway protocol if API gateway is configured with ssl
# else set it to tcp
# allowed values: tcp, ssl
gateway_protocol=ssl

The following table describes the parameters.

Parameter Description

ase_mode

Defines the deployment mode of ASE. Possible values are inline and sideband. The default value is inline.

training_period

Training period of AI engine in hours. The minimum value is 1 hour.

poc_mode

Defines the mode in which ABS artificial intelligence (AI) engine trains its models. The default value is true.

You should keep the value as true. If you change it to false, it could take longer to set all the attack thresholds.

gateway_ip

Configure the Uniform Resource Locator (URL) for API gateway.

gateway_port

Port number of API gateway URL

gateway_protocol

API gateway protocol. Possible values are ssl or tcp.