Verify Request Throttling

The External Security Facility (ESF) can be configured to throttle the handling of large volumes of incoming Verify (user authentication/signon) requests. This is intended to reduce the effectiveness of Denial-of-Service (DoS) type attacks, and of brute force attempts to login. By default, throttling starts when there are more than 100 requests received per second. The severity of the throttling (how long Verify requests are delayed) is based on the number of requests made per second.

You can configure the number of requests at which the throttling occurs in the Security Facility Configuration for the region. In the Configuration Information field, type:

[Operation]
verify throttle threshold=number

Where number is the number of requests above which requests are throttled. To disable throttling, set the number to 0.

When throttling occurs and auditing is configured, a message is logged with an event category of 2 and a type 6 (code 2 6).