Activating API cybersecurity
The API Security Enforcer (ASE) provides real-time application programming interface (API) cybersecurity using the list of attacks generated by the PingIntelligence for APIs AI Engine.
Before you begin
To activate real-time API cybersecurity, you must enable the ASE firewall.
About this task
To enable or disable ASE’s API cybersecurity feature:
Steps
-
To enable ASE’s API cybersecurity:
-
Run the
enable_firewallcommand in the ASE command-line interface (CLI).Example:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin enable_firewall Firewall is now enabled
-
After enabling API Security, run the
statusCLI command to verify cybersecurity is enabled.Example:
/opt/pingidentity/ase/bin/cli.sh status Ping Identity Inc., API Security Enforcer status : started http/ws : port 80 https/wss : port 443 firewall : enabled abs : disabled abs attack : disabled audit : enabled ase detected attack : disabled attack list memory : configured 128.00 MB, used 25.60 MB, free 102.40 MB
-
-
To disable ASE’s API cybersecurity:
-
Run the
disable_firewallCLI command.Example:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin disable_firewall Firewall is now disabled
-
Run the
statusCLI command to verify that cybersecurity is disabled.Example:
/opt/pingidentity/ase/bin/cli.sh status Ping Identity Inc., API Security Enforcer status : started http/ws : port 80 https/wss : port 443 firewall : disabled abs : disabled abs attack : disabled audit : enabled ase detected attack : disabled attack list memory : configured 128.00 MB, used 25.60 MB, free 102.40 MB
-