IMPORTANT:The Rate Limiting Options policy is not available in Advanced Authentication as a Service (SaaS) version
In this policy, you can configure settings to restrict the number of HTTPS API requests that a user can make from an IP address in a second to the Advanced Authentication server.
With this policy, you can enhance the security of the server, protect against DoS attacks by limiting the incoming requests, and enhance the performance of browser and clients. In addition, it prevents overloading the server with too many user requests at the same time. The rate limit is not applied to the initial ten requests to the server.
To configure the rate limit settings, perform the following steps:
Setto to enable this policy.
Specify the maximum number of requests that are routed to the server in.
For example, if you set three, then the server gets a maximum of three requests per second from each IP address.
NOTE:This option is applicable if there is no load balancer between the Advanced Authentication servers and Clients. In case, you have a load balancer and requests to Advanced Authentication servers come from a single IP address (load balancer), then it is recommended to configure the rate limiting on your load balancer.