PingIntelligence

Configuring Docker evaluation sideband deployment

Configure the Docker package for sideband deployment.

Before you begin

Download PingIntelligence sideband policies and documentation from the Ping Identity Downloads site.

About this task

You can optionally configure the Docker evaluation environment for a sideband deployment with an application programming interface (API) Gateway. The Docker evaluation package ships with sample API swagger definition files that can be adapted to support your API Gateway environment.

To configure the Docker package for sideband deployment:

Steps

  • Open the config directory and edit the poc.config file to set mode as sideband.

    Example:

    The following is a sample poc.config file:

    # API Security Enforcer mode.
    # allowed values: inline, sideband
    ase_mode=inline
    
    # initial training period in hours
    training_period=1
    
    # poc mode for training
    poc_mode=true
    
    
     Below Configuration is applicable only when ase_mode is set to sideband 
    
    
    # API gateway ip address or dns name
    gateway_ip=
    # API gateway port
    gateway_port=443
    # set gateway protocol if API gateway is configured with ssl
    # else set it to tcp
    # allowed values: tcp, ssl
    gateway_protocol=ssl

    The following table describes the parameters.

    Parameter Description

    ase_mode

    Defines the deployment mode of ASE. Possible values are inline and sideband. The default value is inline.

    training_period

    Training period of AI engine in hours. The minimum value is 1 hour.

    poc_mode

    Defines the mode in which ABS artificial intelligence (AI) engine trains its models. The default value is true.

    You should keep the value as true. If you change it to false, it could take longer to set all the attack thresholds.

    gateway_ip

    Configure the Uniform Resource Locator (URL) for API gateway.

    gateway_port

    Port number of API gateway URL

    gateway_protocol

    API gateway protocol. Possible values are ssl or tcp.