Follow

How To: Check if client IP address(es) are included in Threat Intelligence Categories

Description

This article helps verify the source IP category on Silverline's IP Intelligence vendor website 

  • Can it be confirmed if certain IPs are included in the Threat Intelligence Categories?
  • Some clients are unable to access the proxy with TI profile attached, how can I verify if the source IP is benign or not?

 

Environment

  • Silverline DDoS 
    • Proxy
  • Silverline WAF
    • Proxy
  • Threat Intelligence

 

Procedure

Silverline utilizes the intelligence gathered from a 3rd-party vendor to identify malicious actors based on the client IP reputation. 

To verify an IP address reputation:

  1. Visit BrightCloud Threat Intelligence IP Lookup
  2. Type the source IP address to be checked
    • Only a single IP can be checked per query
  3. Validate the CAPTCHA
  4. The vendor will show the intelligence information for the specified IP
    • Including the timestamp the database was last updated

NOTE: If an IP address is included in any of the categories, it can be requested to be removed directly from the vendor page How to Request Brightcloud to remove an IP being blocked by Threat Intelligence

 

Related Content

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request