Proactive Bot Defense Using BIG-IP ASM
Bots are everywhere. Some of them are nice, desirable bots; but many of them are not. By definition, a bot is a software application that runs automated tasks (scripts) over the Internet. The desi...
Updated Jun 06, 2023
Version 2.0
Jeff_80625
Nimbostratus
NimbostratusJohn,
Using ASM on BIG-IP version 12.1.2 Build 1.0.271 Hotfix HF1, it looks to me like the TPS protection doesn't engage unless we have Proactive Bot Defense set to at least an operation mode of "During Attacks". My problem with this is protecting our REST services that work with native mobile clients that will not pass JavaScript/cookie challenges.
Is the only solution there to use the F5 SDK with the native mobile application so that it will interact with those challenges? If so, is there any solution for a financial institution who does not build their own mobile applications but would like to utilize ASM TPS DoS protection?