API DoS and DDoS threshold - PingIntelligence for APIs

API DoS and DDoS threshold - PingIntelligence for APIs - 4.4

PingIntelligence

bundle

pingintelligence-44

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 4.4

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-44

pingintelligence

private

ContentType_ce

Page created: 6 Nov 2020 |

Page updated: 12 May 2021

| 2 min read

4.4 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment PingIntelligence for APIs Product Monitoring and Management User task Administration

API DoS and DDoS threshold 11

API Flow Control reports on API Security Enforcer configured flow control thresholds that are exceeded. The reporting is done on the following parameters:

Client Spike – inbound client traffic rate
Server Spike – aggregate traffic to an API service
Connection Queued – connection requests queued due to server at concurrent connection limit
Bytes-in Spike – WebSocket aggregate inbound traffic exceeds limit
Bytes-out Spike - WebSocket aggregate outbound traffic exceeds limit

Note: API DoS and DDoS threshold and reporting is only available when ASE is deployed in inline mode.

For a specified API, the flow control API provides a summary of thresholds exceeded and detailed reporting on each flow control threshold exceeded:

{
 "company": "ping identity",
 "name": "api_flowcontrol",
 "description": "This report contains flow control information for the specified API",
 "earlier_date": "Thu Jan 25 18:00:00:000 2018",
 "later_date": "Fri Dec 28 18:00:00:000 2018",
 "api_name": "atm_app_private",
 "server_spike_ip_count": 0,
 "summary": {
 "client_spike": 990,
 "server_spike": 0,
 "connection_queued": 0,
 "connection_quota_exceeded": 0
 },
 "details": {
 "client_spike": [
 {
 "request_time": "Mon Jan 29 13:43:20:227 2018",
 "connection_id": "2081496566",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "1902346354",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "1999376747",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "2009947644",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "934081844",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:227 2018",
 "connection_id": "2081496566",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "1902346354",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "1999376747",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "2009947644",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "934081844",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 }
 ],
 "server_spike": [],
 "connections_queued": [],
 "connection_quota_exceeded": []
 }
}