The API Security Paradox: Technical walkthrough F5 Distributed Cloud API security and Bot Defense
Introduction
In our 1st article in this series, The API Security Paradox: When Automation Becomes Both Solution and Threat, we went through how API security and Bot Defense come hand-in-hand. Automated threats have evolved from simple scrapers to sophisticated botnets capable of mimicking human behavior with alarming accuracy.
In this article, we show a technical demo of the security aspect of the Application Delivery and Security Platform (ADSP). We focus on the Bot Defense solution, which is leveraged with your existing API security solution.
Enabling both API security and Bot Defense improves your WAAP security posture. It uses both F5 holistic API security solutions as well as F5 Distributed Cloud Bot Defense connectors to provide a single pane of glass for your Bot analytics and API security.
API security solutions can be deployed across different deployments, SaaS, managed service, On-Premises (Hardware / VE) or containerized solutions.
Cameron discusses different API security implementations through the article, F5 API Security: Discovery and Protection. This article will focus on how adding Bot Defense improves your WAAP protection against automated threats.
Adding F5 Distributed Cloud Bot Defense
F5 Distributed Cloud Bot Defense can be integrated with API security implemented in different models,
- F5 Distributed Cloud load balancer [In this article]
- Enable API security.
- Enable Bot Defense.
- F5 BIG-IP with API protection [In the coming article]
- BIG-IP AWAF.
- BIG-IP APM.
- F5 Distributed Cloud Bot Connector.
- API security across different providers [Custom solution]
- Custom connector to F5 Distributed Cloud Bot Defense.
F5 Distributed Cloud load balancer with API security and Bot Defense.
In this scenario, we create F5 Distributed Cloud Load balancer with API security and Bot defense profiles enabled.
- Enable API security for discovery, monitoring, and protection.
-
Enable Bot Defense on selected API endpoints.
- Define the preferred download path for JS and the place to insert the Bot Defense related javascript code.
- List and create protected endpoints and preferred mitigation response.
- Per Endpoint configuration
Single pane of glass F5 Distributed Cloud Console
F5 Distributed Cloud Console help having a unified location to monitor, analyze application delivery and security dashboards.
As we observed in the configurations section, we apply all WAAP solutions through a single configuration page.
Now, we go through how we can monitor our deployed applications, analytics, and logs for API security and Bot Defense from a single place.
Performance dashboard
Using Performance dashboard, we can observe the application delivery analytics and statistics.
Not only that, but also we can observe the request / response latency to the origin servers, helping with troubleshooting and optimization activities.
Security Dashboard
Here, we can view our applied security solutions. In our case, we implemented both API security and F5 Distributed Cloud Bot Defense.
And, in case you’ve deployed multiple applications, there’s a summary view across all the environments.
We can also have a closer look at each aspect of our application security elements.
API endpoint focused view is available in the below graph,
- It shows API endpoints, methods, categories, and threat levels.
- Active API call summary and active APIs.
- Sensitive Data and attacked APIs.
Security analytics view is available in the below graph,
- It shows the detected event type, action taken, and request paths.
- It shows detected source IPs and countries.
Conclusion
As we see in the article, the deployment of F5 Distributed Cloud API security and Bot Defense is streamlined in F5 Distributed Cloud at configuration, observation, and analytics levels.
This enhance and simplify application delivery and security efforts across the organization, but maintaining the focus on proper application innovation and having a single pane of glass for your WAAP solution.
Related Content
Employee