Will DDOS attack count against the quota in APIGEE

As part of apigee evaluation we are checking if there is DDOS attack on our apigee instance will it be counted against the quota limit. Basically we are checking how does this quota limit affected for anamoly cases like DDOS attack, Request throttling, etc.,

Solved Solved
0 6 499
1 ACCEPTED SOLUTION

@munimanjunath kalapati ,

Short Answer, Yes. Any request to Apigee In & Out will be counted against the limits.

Long Answer, It depends on case to case basis. For more information, please get in touch with Apigee point of contact of your organization for more information if you are already a customer of Apigee. If not, Please get in touch with Apigee sales for more information.

-------------------------------

Anil Sagar

5997-screen-shot-2017-11-23-at-75916-pm.png Learn Apigee Concepts in 4 Minutes HandsOn

View solution in original post

6 REPLIES 6

sydub7
Participant IV

In a request flow, Quota policy is preferably placed after oAuth Policy. By this time the Spike Arrest policy which is typically placed at the very beginning of the flow must have taken care of throttling. This is my understading.

spikearrest will definitely kick in but my question is about no. of api calls allowed based on what I purchased for apigee. Currently I am in a plan where I will be allowed

  • 300 million API calls per month

Will all these DDOS attack calls counted against this count

@munimanjunath kalapati ,

Short Answer, Yes. Any request to Apigee In & Out will be counted against the limits.

Long Answer, It depends on case to case basis. For more information, please get in touch with Apigee point of contact of your organization for more information if you are already a customer of Apigee. If not, Please get in touch with Apigee sales for more information.

-------------------------------

Anil Sagar

5997-screen-shot-2017-11-23-at-75916-pm.png Learn Apigee Concepts in 4 Minutes HandsOn

hireshoban
Participant I

Your short answer scares me. So there is no way to block a malicious user/s and we end up paying the price?

@Sriram , You can block them in Apigee Edge layer from reaching to target systems. If you would like to block them at Apigee layer, You might need to consider Apigee Sense.

sidd-harth
Participant V

Hi @Shoban Sriram, why don't you have a look at Apigee Sense.

It uses sophisticated machine learning algorithms to continuously analyze billions of API calls, identify adaptive threats and take action against bad "bots", which is 20-25% of all internet traffic.

BTW it is not open source & it only works with Apigee Cloud.

For licensing or trail, @Anil Sagar can connect you with Sales team .