As an enhanced security measure, TCPWave has implemented a RESTAPI rate-limiting feature to ensure relative stability when unexpected things happen. If one client causes a spike in traffic for some reason, the API has to continue running smoothly for other users instead of crashing. A misbehaving (or malicious script) could be hogging resources or the API systems struggling, and they need to cut down the rate limit for “lower priority” traffic. Sometimes it is just because a poorly written network automation tool starts an unintentional DDoS against the TCPWave IPAM. The standards implemented by TCPWave leverage RFC 6585 and provide an HTTP status 429 to the individual client that breaches a threshold. The thresholds that are enforced to control an attack are defined in the global policies of the TCPWave IPAM.  Contact us to learn more about securing your DDI infrastructure and adopting the hybrid clouds model without compromising on availability and information security.