Can we block ip addresses dynamically in OpenAM

This topic has 3 replies, 3 voices, and was last updated 4 years, 7 months ago by indira.

  • Author
    Posts
  • #15973
     indira
    Participant

    Hi Guys,

    Im looking at a scenario if multiple users trying to access application from a same ip address. Is there a way ip address addresses can be blocked dynamically for any fraudulent activities. I can see under Authorization i can block specific ips, but is there a way OpenAM does risk analysis and blocks fraudulent ip addresses. I did try adaptive risk where a user attempts wrong passwords and goes through 3rd level of validation.

    #15989
     Andrew Potter
    Participant

    It’s fair to say that OpenAM does not do analytics. However, you can use a scripted authz policy/authn module to query an external datasource of ‘dodgy’ IPs and deny the request if the IP is found. That datasource would be populated by a custom ‘analytics engine’ – typically a 3rd party.
    However, that engine could, in theory, be written by you in the scripted components.
    You may need special consideration for clients behind proxies as it’s possible that these may all present the same IP?

    #16144
     Scott Heger
    Participant

    OpenAM has an Adaptive Risk authentication module (See https://backstage.forgerock.com/docs/openam/13.5/admin-guide#adaptive-auth-module-conf-hints). With that it provides an IP Address Range check and an IP Address History check. See if that provides you what you are looking for.

    #16160
     indira
    Participant

    Thanks @shegergmail-com. Im actually looking at ip addresses dynamically.Im looking at scripted auth or traverse logs to Splunk or any other tool.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?