The Intrusion Prevention and Detection System, known as IPDS, module introduces an array of advanced security tools to safeguard your applications at the load balancer level. This includes the use of Blacklists, Denial-of-Service (DoS) protection, and Real-time Blackhole List (RBL) rules.
These rules are applied in the initial phase of the packet flow through the balancer, contributing to its performance enhancement. Refer to the following Flow Chart to understand this process:
The Blacklists section empowers users to manage lists of source IP addresses, allowing filtering, denying, or allowing traffic towards the actual servers. The module comes preloaded with country-specific lists for immediate application. SKUDONET consistently updates these predefined lists. Additionally, users can personalize blacklists by creating plain-text lists of IP addresses. The process for creating custom blacklists is detailed in the subsequent section: Creating a Custom Blacklist.
The IPDS module offers management of Blacklists and Whitelists for each configured farm service. This enables blocking or allowing IP addresses accordingly. Here’s an overview of the available lists:
Name. Blacklist descriptive name. Clicking on the name provides access to the list editing form.
Type. Indicates whether the list is obtained from a Local or Remote source.
Policy. Deny for blacklists and Allow for whitelists. Whitelist rules take precedence over blacklist rules. If a client IP matches a whitelist, evaluation concludes, and the client IP bypasses the blacklist module.
Farms. The Farm list to which the rule is applied. This field may be expanded using the small square icon at the right of the Farms column header. By default, it is limited to 20 characters. If the list of farms is longer than 20 characters, some of them may be hidden. Use that small square-shaped icon to expand the view.
Status. Farm status is represented by the following status color codes:
- Green. Means Enabled. The rule is enabled and in use by a farm.
- Red. Means Disabled. The rule is not enabled. If it is being used by a farm, it won’t have any effect.
Actions. Allowed actions per Blacklist are:
- Create Blacklist. Show the blacklist creation form.
- Start. Start the list from a URL only if it’s a remote list.
- Stop. Stop the list from a URL only if it’s a remote list.
- Update. Update the blacklist from the URL. Only if it’s a remote list.
- Delete. Remove the blacklist. Only if it’s created by the user.
- Edit. Edit the blacklist.
- Enable/Disable rule. This icon (green triangle or green square) is used to Enable or Disable the blacklist rule.
Next step: Creating a Custom Blacklist.