Introducing the New F5 Bot Defense Self-Service UI
Bot Defense Advanced protects web and mobile application endpoints from automated attacks by identifying and mitigating malicious or bad bots. As the requirements of applications change due to ever evolving threats, users now have the power to make changes to their policies from within the Distributed Cloud Console by using the Bot Defense Self-Service Policy Management UI. However, as always, you can contact your F5 team for assistance in modifying your Bot Defense Policies.
For more information about Bot Defense Advanced features, see Bot Defense Overview
Step 1: Sign Up for Bot Defense Advanced
A customer's F5 account team will help their Bot Defense infrastructure and policies configured to protect their applications.
NOTE: User permissions must include one or more of the following permissions. If a user does not have any of these roles, they should contact their Bot Defense administrator or TAM.:
- f5xc-bot-defense-admin role
- f5xc-bot-defense-user role
- f5xc-bot-defense-monitor role
- f5xc-bot-defense-report role
Step 2: Decide What You Want to Protect
Users should then decide which endpoints they want to protect with Bot Defense. For information about what to consider when configuring web and mobile endpoints, see the following information:
Step 3: Configure Your Bot Defense Infrastructure
Important: If F5 Operations has already configured a user's Bot Defense infrastructure, they can skip this step.
Users can now manage their configure their Bot Defense infrastructures from the F5 Distributed Cloud Console. A Bot Defense deployment can consist of multiple Test and Production infrastructures (subscription limits will determine how many can be added / managed).
To configure a Bot Defense infrastructure, configure the following settings:
- Traffic type
- Infrastructure type
- Region
- Access control list
For detailed instructions, see Configure the Bot Defense Infrastructure.
Step 4: Configure Your Bot Policies
Bot Defense Advanced provides three system policies that allow users to control system configuration settings:
The F5 Operations team performs an analysis of a customer's endpoints and creates the initial version of each policy. Users can then deploy the policies in the Bot Defense Test infrastructure provided by F5. If preferred, users can also work with your F5 Operations Team to manage their policies.
Important: F5 strongly recommends that users deploy and thoroughly test policy updates in the Test infrastructure provided by F5 before deploying to Production infrastructure.
Step 5: Test Your Configuration
Deploy your policies in the Test infrastructure provided to you by F5 to test your Bot Defense deployment and help ensure that Bot Defense policies are properly configured, that JavaScript tags are injected in your application pages correctly, or that you have correctly integrated the mobile SDK.
Step 6: Deploy Policies in Your Production Environment
Important: F5 strongly recommends that you deploy and thoroughly test policy updates in the Test infrastructure provided to you by F5 before you deploy in your Production infrastructure.
After you verify in your Test infrastructure that Bot Defense is configured correctly and correctly identifies automated traffic, you can deploy your policies yourself or work with your F5 Operations team to deploy your policies in your Production infrastructure.
Step 7: Enable Bot Defense on an HTTP Load Balancer
To configure Bot Defense on an HTTP load balancer, users must complete the following tasks on each HTTP load balancer where they want to enable Bot Defense:
- Enable the Bot Defense workspace on one or more HTTP load balancers.
- Configure how Bot Defense will inject JavaScript tags in the HTTP pages of the application.
- If protecting mobile endpoints, enable and configure the F5 Distributed Cloud Mobile SDK.
For detailed instructions, see Configure Bot Defense on an HTTP Load Balancer.
Step 8: Deploy Bot Detection Rules
Important: Bot detection rule self-service management is a limited availability feature. Contact your F5 account team for information.
F5 supplies customers with a set of initial bot detection rules. Most rules are turned off, with a subset of rules turned on by default. It is recommended for users to monitor their traffic for approximately two weeks to observe how rules that are turned on affect their traffic. After this time, users can now use the Distributed Cloud Console to turn rules on and off to make changes to how Bot Defense handles traffic.
Important: F5 recommends that you deploy each rule in a Test infrastructure before you deploy in your production infrastructure.
For information about bot detection rules, see Bot Detection Rules Overview.
Bot Defense Advanced Self-Service Policy Management Demo:
Related Resources:
- Deploy Bot Defense on any Edge with F5 Distributed Cloud (SaaS Console, Automation)
- Protecting Your Web Applications Against Critical OWASP Automated Threats
- Making Mobile SDK Integration Ridiculously Easy with F5 XC Mobile SDK Integrator
- JavaScript Supply Chains, Magecart, and F5 XC Client-Side Defense (Demo)
- Bots, Fraud, and the OWASP Automated Threats Project (Overview)
- Protecting Your Native Mobile Apps with F5 XC Mobile App Shield
- Enabling F5 Distributed Cloud Client-Side Defense in BIG-IP 17.1
- Bot Defense for Mobile Apps in XC WAAP Part 1: The Bot Defense Mobile SDK
- F5 Distributed Cloud WAAP
- Distributed Cloud Services Overview
- Enable and Configure Bot Defense - F5 Distributed Cloud Service
Employee