The Intrusion Prevention and Detection System (IPDS) module provides enhanced security tools to protect your applications at the load balancer level. This protection is currently achieved through Blacklists, DoS protection, and RBL rules.
The rules are applied early in the packet flow through the balancer, improving its performance. The flow diagram below illustrates this process:
The Blacklists section allows users to filter, deny, or allow traffic based on the clients’ source IP addresses. This module comes preloaded with country-specific lists that Relianoid keeps up to date. Users can also create custom blacklists by generating plain text lists of IP addresses. Instructions for creating customized blacklists are detailed in the next section: Create a custom Blacklist.
The IPDS module manages Blacklists and Whitelists for each configured farm service, allowing IP addresses to be blocked or allowed respectively. This section outlines the available lists:
Name. The descriptive name of the blacklist. Clicking on the name opens the list editing form.
Type. Indicates if the list is from a Local or Remote location.
Policy. Specifies Deny for blacklists and Allow for whitelists. Whitelist rules are evaluated before blacklist rules. If a client IP matches a whitelist, it bypasses further blacklist evaluation.
Farms. Lists the farms to which the rule is applied. This field can be expanded using the small square icon next to the Farms column header. By default, it is limited to 20 characters. If the list of farms exceeds this limit, some entries may be hidden. Use the square icon to expand the view.
Status. Indicates the farm status with the following color codes:
- Green. Means Enabled. Indicates Enabled. The rule is active and applied to a farm.
- Red. Means Disabled. Indicates Disabled. The rule is inactive. If used by a farm, it has no effect.
Actions. The actions available for each blacklist include:
- Create Blacklist. Opens the blacklist creation form.
- Start. Activates the list from a URL (applicable only to remote lists).
- Stop. Deactivates the list from a URL (applicable only to remote lists).
- Update. Refreshes the blacklist from the URL (applicable only to remote lists).
- Delete. Removes the blacklist (applicable only to user-created lists).
- Edit. Modifies the blacklist.
- Enable/Disable rule. Toggles the blacklist rule using the green triangle (enable) or green square (disable) icons.