Enabling and disabling real-time API cybersecurity - PingIntelligence for APIs

Enabling and disabling real-time API cybersecurity - PingIntelligence for APIs - 5.2

PingIntelligence

bundle

pingintelligence-52

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.2 (Latest)

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-52

pingintelligence

private

ContentType_ce

API Security Enforcer (ASE) provides real-time API cybersecurity to stop hackers. Violations are immediately blocked, and attack information is sent to the API Behavioral Security (ABS) engine.

Note:

Real-time API cybersecurity is activated only when ASE firewall is enabled. For more information on enabling the ASE firewall, see CLI for inline ASE.

To enable API cybersecurity:

Run the enable_firewall command in the command-line interface (CLI):

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin enable_firewall
Firewall is now enabled

To verify that cybersecurity is enabled, run the status command:

/opt/pingidentity/ase/bin/cli.sh status
Ping Identity Inc., API Security Enforcer
status : started
http/ws : port 80
https/wss : port 443
firewall : enabled 
abs : disabled
abs attack : disabled
audit : enabled
ase detected attack : disabled
attack list memory : configured 128.00 MB, used 25.60 MB, free 102.40 MB

To disable API cybersecurity:

Run the disable_firewall command:

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin disable_firewall
Firewall is now disabled

To verify that cybersecurity is enabled, run the status command:

/opt/pingidentity/ase/bin/cli.sh status 
Ping Identity Inc., API Security Enforcer 
status : started 
http/ws : port 80 
https/wss : port 443 
firewall : disabled 
abs : disabled 
abs attack : disabled 
audit : enabled 
ase detected attack : disabled 
attack list memory : configured 128.00 MB, used 25.60 MB, free 102.40 MB