13.30 Rate Limiting Options

IMPORTANT:The Rate Limiting Options policy is not available in Advanced Authentication as a Service (SaaS) version

In this policy, you can configure settings to restrict the number of HTTPS API requests that a user can make from an IP address in a second to the Advanced Authentication server.

With this policy, you can enhance the security of the server, protect against DoS attacks by limiting the incoming requests, and enhance the performance of browser and clients. In addition, it prevents overloading the server with too many user requests at the same time. The rate limit is not applied to the initial ten requests to the server.

To configure the rate limit settings, perform the following steps:

  1. Set Enabled to ON to enable this policy.

  2. Specify the maximum number of requests that are routed to the server in Maximum request rate per IP per second.

    For example, if you set three, then the server gets a maximum of three requests per second from each IP address.

    NOTE:This option is applicable if there is no load balancer between the Advanced Authentication servers and Clients. In case, you have a load balancer and requests to Advanced Authentication servers come from a single IP address (load balancer), then it is recommended to configure the rate limiting on your load balancer.

  3. Click Save.