Prerequisites - PingIntelligence for APIs

Prerequisites - PingIntelligence for APIs - 5.1

PingIntelligence

bundle

pingintelligence-51

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.1

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-51

pingintelligence

private

ContentType_ce

Page created: 1 Nov 2021 |

Page updated: 3 May 2022

| 2 min read

Product PingIntelligence for APIs 5.1 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment Administration User task Configuration Configuration Integration

Complete the following before configuring the Axway API Gateway:

Confirm the Axway version PingIntelligence 4.0 works with Axway 7.5.3 or later.
OAuth token store: If you wish to detect username based attacks, make sure that OAuth token store is configured in Axway.
Install PingIntelligence software

PingIntelligence should be installed and configured. Refer to the PingIntelligence deployment guide for your environment.

Verify that ASE is in sideband mode

Check that ASE is in sideband mode by running the following ASE command:

/opt/pingidentity/ase/bin/cli.sh status
API Security Enforcer
status                  : started
mode                    : sideband
http/ws                 : port 80
https/wss               : port 443
firewall                : enabled
abs                     : enabled, ssl: enabled
abs attack              : disabled
audit                   : enabled
sideband authentication : disabled
ase detected attack     : disabled
attack list memory      : configured 128.00 MB, used 25.60 MB, free 102.40 MB

If ASE is not in sideband mode, then stop ASE and change the mode by editing the /opt/pingidentity/ase/config/ase.conf file. Set mode as sideband and start ASE.

Enable sideband authentication: For a secure communication between Axway and ASE, enable sideband authentication by entering the following ASE command:
```
# ./bin/cli.sh enable_sideband_authentication -u admin –p
```
Generate sideband authentication token
A token is required for Axway to authenticate with ASE. To generate the token in ASE, enter the following ASE command:
```
# ./bin/cli.sh -u admin -p admin create_sideband_token
```
Save the generated authentication token for further use.
Port for AAD
If you are using AAD to automate API definition updates on PingIntelligence, open the following ports:
- Open the management port to fetch API definitions from Axway. The default port is 8075.
- Open port 8010 in ASE for AAD to add API definitions.

To connect PingIntelligence ASE with Axway API Gateway, complete the following steps:

Import the Axway Policy in Axway Policy Studio
Deploy the Axway Policy
Import the APIs from the Management VM to Axway API Manager.