The IP reputation policy information point (PIP) uses the IP reputation database to determine the reputation of the IP address of a request. Based on the IP address reputation, you can write a policy to grant or prohibit access to the requesting IP address. The IP reputation PIP is pre-configured with IBM® Security Access Manager for Mobile.
IP addresses that have reputations engage in certain activities that qualify them for reputations. The IP reputation database contains classification information about IP addresses. When the IP reputation PIP requests information, the database returns a score for each classification that the IP address might have. The score ranges from 0 - 100. As the value increases, the likelihood that the IP address has a reputation corresponding with that score increases.
The score for each classification is compared to a threshold score that you can configure. You can also use the default score of 50. The IP address has a reputation if the score that belongs to any number of classifications is greater than or equal to the threshold score. For example, if an IP address is suspected to be a spammer, the database may return a value of 95 for the spam classification. If this value is greater than or equal to the threshold score you choose to use, the IP reputation PIP returns a Spam classification for the requesting IP address.
You can write a policy to either grant access to or prohibit access from IP addresses with specified classifications. To use the IP reputation PIP, use the ipReputation attribute in a policy.
IP reputation can also be used to influence an access decision when the IP matcher is used.