Help Center
Release Notes
Indusface
Help Center
Release Notes
Indusface
AppTrana
OverviewOnboarding to AppTranaComparison between Old Portal and New Portal
Dashboard
Groups & Assets
Manage Assets
WAAP
Behavioral DDoS ProtectionBOT PoliciesWAF StatusMalware Scanning for File UploadsGlobal Traffic Access SettingsASN Based IP WhitelistingBrowser ProtectionCore and Custom Rules
Vulnerability
Attacks
Bandwidth
Actions
Logs & Reports
License & Utilizatiion
Settings
Profile
Others
Indusface WAS
Additional Resources
Zero-Day Vulnerability Reports
Security Bulletins
Vulnerability data
Vulnerabilities 2024
Other Vulnerabilities
AppTrana API Integration
Indusface Partner APIsUpdate Origin Server Address through API Call

ASN Based IP Whitelisting

Introduction 

 

We maintain two databases: the Honeypot Database and the Criminal IP Database, both of which contain collections of malicious IPs. Through the Criminal IP Database, customers have the option to whitelist IPs based on their ASN.  

An Autonomous System Number (ASN) is an identifier associated with a collection of IP addresses. When a customer chooses to whitelist, certain IPs based on their ASN, those IPs are allowed even if they are listed in a criminal IP database. As a result, the associated risk score may be disregarded. This practice helps reduce false positives. 

Previously, we had made Criminal IP DB the default to all customers, this resulted in False Positives for some customers on Apptrana as Zscalar data center IPs are part of Criminal IP DB. 

To ensure such FPs do not occur again, we have whitelisted all Zscalar IPs from Criminal IP DB check 

This is done for all applications on AppTrana : Zscalar ASNs are whitelisted. 

 

How to Whitelist Criminal/Malicious IP 

 

  • Navigate to WAAP > List of Rules & Policies > BOT Policies > Protection Policies > IP Reputation
  • Click Configure
  • Enter the ASN name, click Add +, and then click Save
  •  Once the ASN is added, IPs that associated with the ASN are whitelisted and ready for criminal DB check. 

 

Was this helpful?

Powered by Product Fruits