Perimeter Security 101: Taylor Swift helps with IP Reputation.

I searched for the word 'Reputation'. I used Google, other search providers are available...Taylor Swift seemed to figure heavily in the responses...she has an album it seems.

Who knew?

Not me, until now. Sorry, Taylor!

Taylor (we are not on first-name terms, at all) is likely a good example of this. She is well known and has a reputation as a singer (according to ChatGPT: Taylor Swift is a highly acclaimed American singer-songwriter known for her versatile music spanning multiple genres, including pop, country, and rock).

A great reputation!

How does that work when she connects to your web service? Unfortunately, it does not tell you:

'Hi, it's Taylor'.

When she connects, she will be anonymized as an address on the Internet. How can you tell if that user has been doing bad stuff?

Great question.

The Internet is a big place, you can get lists of Internet Addresses that have been up to no good. You can then do a lookup and say

'You look like a troublemaker sonny!' You can then make a decision, either to let that user connect, drop the traffic or do something else.

In 2019, more than 96% of bad IP addresses showed malicious activities more than once.

Yikes!

NetScaler has access to this list, it's a simple policy command and could form part of your layered security model on your permitter.

What is the outcome?

You can easily tap into this option with NetScaler and add a bit of extra inspection when 'The World' connects to your service/application.

It won't defeat everyone, but there is likely a range of different people connecting and your layered security policy will be multifaceted.

Why wouldn't you use it?