Enforcement details
Enforcement logic of the Security Gate

The enforcement logic configuration of the Security Gate service is part of the Airlock Anomaly Shield configuration. The Airlock Anomaly Shield machine learning service (ML-Service) is the active part in the computation of anomaly indicator values – the machine learning output. The Security Gate service requires additional configuration to act with exception and action handling based upon the machine learning model output.

ML-Enforcement-Logic-Details
  • Description:
  • 1.
    The session anomaly indicator values are applied against the anomaly indicator thresholds.
  • 2.
    The resulting anomaly indicator pattern is applied against the configured enforcement rules.
  • This determines which actions are to be executed.
  • 3.
    The configured exception rules define the exception and action handling e.g. by blocking a request.
  • In this case, blocking the request has been originally triggered by an Airlock Anomaly Shield indicator value.

Enforcement is part of regular request processing in the Security Gate. The enforcement logic always uses the most recent available session anomaly indicator values to avoid latency issues.