Distil Networks has just announced the release of their Universal ACL (Access Control List), which uses device fingerprinting to block traffic, providing companies a wider range of ways to block malicious users from their online applications. “A key piece of feedback we got from our Bot Defense Council was that they were spending too much time managing ACLs in their firewall or WAF, so we set out to reimagine what a modern ACL could be,” Rami Essaid, CEO of Distil Networks, said of their company’s most recent development.
“Traditionally, ACLs have been centered around IP addresses, but Advanced Persistent Bots simply rotate through IP addresses or hide behind proxy networks. With our Universal ACL, customers can set a policy with a very specific set of information, then apply it to a specific path, domain or API. They can even put someone in a ‘penalty box,’ which can then automatically deprecate after say 48 hours. There’s no need to worry about what IPs are associated with, say North Korea. We manage all that for you. This is the easy button for controlling how you whitelist and block different types of traffic hitting your websites and APIs.”
In other words, Distil’s Universal ACL allows for blacklisting based on not only IPs, but countries, organizations, tokens, hi-def fingerprints, user agents, or referrers. This provides their customers with more security options and reduces the time and manpower needed to manage the long lists of blocked addresses generated as threat actors migrate from one IP to the next. In addition, the ability to generate control lists that deprecate after a set amount of time can help to avoid blocking legitimate users with IPs that previously belonged to a bad bot or malicious user. With Distil’s policy-based approach, customers create ACL policies blocking, for example, an organization, country, or host provider, and apply it to a set domain, URL, API, or Distil Networks account.