Threat Protection Policies

Threat protection policies prevent malicious attacks from client applications that typically involve large, recursive payloads, and SQL injections. You can limit the size of things, such as maximum message size, maximum number of requests, and maximum node depth and text node length, in the XML document. You can configure the global threat protection policies and rules for all the incoming requests that comes through the external port of webMethods API Gateway. These policies and rules are enforced by webMethods API Gateway based on your configuration.

You must have the webMethods API Gateway's manage threat protection functional privilege to configure the following policies and rules.

• Global Denial of Service
• Denial of Service by IP
• Rules

In addition, the webMethods API Gateway administrator can configure the necessary mobile devices and applications for which you want to deny the access, configure and customize the deny and alert rules, and manage the denied IPs.

Basically, when you configure the threat protection policy in a clustered setup, you specify the limitations (such as number of requests and concurrent request) that an webMethods API Gateway instance in the cluster can handle during a specified time interval. Hence, if you add X number of API Gateway instances, the limitations set in the configuration also increases by X times.

For example, if you have two webMethods API Gateway instances and set the limitations as 100 requests per minute, then the webMethods API Gateway instances should be able to handle 200 requests per minute. When you add one more webMethods API Gateway instance, the processing capacity also increases to 300 requests per minute. Here, the webMethods API Gateway cluster used for Threat Protection does not act as a single unit.