Dome9 is pleased to announce 2 new capabilities to our API:
1. IP Lists API
Dome9 users can now utilize IPlists programmatically – with full CRUD operations. This is especially useful when there is a need to automate trust with external entities or IP addresses that are not part of an existing AWS security group(s). Examples include your monitoring infrastructure, an external WAF/ CDN service or your remote backup service.
Note: Previously you could ‘hack’ this through usage of our DNS objects. But this new API approach is more straight forward for that function.
2. Blacklists TTL
Another frequently requested feature was to define TTL for our Global Blacklist. This means that blacklist items can now be set for a limited time span, which is a great match for IDS integrations (where IP addresses are usually blocked for several minutes/ hours/ days)
Dome9 Central’s Scheduler is in charge of purging the expired blacklist items from your policies automatically. Users no longer need to manually/ programmatically perform that function.
If you don’t have a full-blown IDS system in place – please take a look at the simple HoneyPort project which could be set up in a matter of minutes: http://www.dome9.com/blog/dynamic-blacklisting-meets-the-honeyport-honeypot
If you are not familiar with Dome9 API – here is the place to start: http://developer.dome9.com/
We look forward for your feedback,