Secure an infrastructure
Once you’ve created an edge firewall and secured your application, you can use Origin Shield to secure your infrastructure by blocking threats.
Origin Shield works as a list of IP/CIDR addresses used in Azion’s Edge, thus providing assurance of safe IPs to allow access. The list is maintained by Azion and available via Azion Console and API, but each client must create automation to guarantee their security policies are always up-to-date with the Origin Shield addresses.
Step 1. Enable Origin Shield
To access the Origin Shield list, you must have:
- The Network Layer Protection module enabled.
- Be subscribed to the Origin Shield add-on.
- Contact the sales team to subscribe to this feature.
Step 2. Access the list of addresses
- Access Azion Console > select Network Lists.
- Select Azion Origin Shield.
- On the List field, you can copy the IP addresses list.
- Access Real-Time Manager (RTM) > select Network Lists.
- Select Azion Origin Shield.
- On the List field, you can copy the IP addresses list.
- Run the following
GETrequest in your terminal, replacing[TOKEN VALUE]with your personal token
curl --location 'https://api.azionapi.net/network_lists' \
--header 'Accept: application/json; version=3' \
--header 'Authorization: Token [TOKEN VALUE]'
- You’ll receive a response similar to this:
{ "count": 4, "total_pages": 1, "schema_version": 3, "links": { "previous": null, "next": null }, "results": [ { "id": 2345, "last_editor": "last.editor@azion.com", "last_modified": "2023-03-27T21:19:27.996870Z", "list_type": "ip_cidr", "name": "Azion Origin Shield", "country_list": [], "ip_list": [ "192.168.0.5" ] } ]
}
- On the
ip_listfield, you’ll receive all IPs added by Azion. You can copy the IP addresses list.
Step 3. Automate new address additions
After having access and checking the list of IP addresses provided by Origin Shield, you can create an automation with Rules Engine, ensuring your infrastructure is always protected with the most recent version of safe IPs.
Contributors
