The Intrusion Prevention and Detection System or IPDS module offers a set of enhanced security tools to protect your applications at load balancer level. Currently, this is performed using Blacklists, DoS protection and RBL rules.
The rules are applied in a early phase of the packet flow through the balancer, thus icreasing its performance. In the next Flow Diagram you can see how it happens:
The Blacklists section lets users use the clients source IP addresses lists to filter, deny or allow traffic from them to the real servers. The module is preloaded with per country lists ready to be applied. Zevenet keep the preloaded list up to date. In addition, the blacklists can be customized by generating a plain text list of IP addresses. The creation of custimized blacklist is explained on next section: create a custom Blacklist
The IPDS module is able to manage Blacklists and Whitelists for every farm service configured. That means IP addresses blocked or allowed respectively. This section shows the available lists:
NAME. Blacklist ID. If you click on the name you will enter the list editing form.
TYPE. Whether the list is obtained from a Local or Remote location.
POLICY. Deny for strictly blacklists and Allow for whitelists.
STATUS. Red for unused lists and Green for applied ones in farms.
ACTIONS. Allowed actions for the status of the Blacklist:
- Edit. Edit the list. Only if it’s created by the user.
- Delete. Remove the blacklist. Only if it’s created by the user.
- Update. Update list from URL. Only if it’s a remote list.
- Create Blacklist. Show the form to create a new blacklist.
- Update List. Force a download and update of the remote blacklist.
Next step, create a custom Blacklist.