Technical Articles
F5 SMEs share good practice.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner
Ted_Byerly
Legacy Employee
Legacy Employee

Prerequisites

This article assumes that you have access to the F5 Distributed Cloud and you are using BIG-IP version 14.1 to 16.x

If you have BIG-IP version 17.0 and wish to use the Native SaaS Service click here.

Log in to your tenant dashboard.  You should now see a new tile called Bot Defense.

 

XC_Console.png

 

 Click on the Bot Defense tile.  You are presented with the following screen:

 

xc _No_protected apps.png

 Verify the correct "Namespace" in the upper left and then click on “Add Protected Application.

The following screen appears, and you need to supply the highlighted information:

  • Name
  • Region
  • Connector Type

 

Ted_Byerly_2-1652304602478.png

Click Save and Exit.

Back in the Bot Defense management space, select the application you just created by clicking the dots, and then Download the template file, saving it where you can access it when configuring your BIG-IP.

 

Ted_Byerly_3-1652304602486.png

Now we will switch to your BIG-IP where your application is protected and hosted.  For this iApp template to work, you need to be on version 14.1 up to 16.x.  F5 has made this Bot Defense native as a SaaS service in version 17.0.  Covered in this article.

Select iApps, Templates and Import the template you downloaded from the F5 XC Bot console.

 

Ted_Byerly_4-1652304602497.png

Next select iApps, Application Services and Select Create.

 

Ted_Byerly_5-1652304602501.png

Give your application a name, select the template you installed and click Finished.

 

Ted_Byerly_6-1652304602505.png

In the following sections I have highlighted sections I want to call out. In addition, another article will be devoted to all the knobs and widgets on this page.  I am just discussing the minimum to easily deploy F5 XC Bot Defense.

In the JS Injection Configuration section you have fine controls over where and when you inject JS. You need to decided if you are going to have the BIG-IP handle the JS injections. If so, the path or URL, the locations, whether to Inject Telemetry and what pages to include or exclude.

Next is the Shape Endpoints Configuration.   This is where you decided what endpoints you want to protect from automated bots.  You supply the host, url or path, the method and the mitigation you desire, continue, redirect, block or drop. These pages typically are login pages.

Next is the Shape ISTL Endpoint Configuration.  This is used to protect from web scraping type of attacks.  Again you supply the host, path the methods, generally GET, and the mitigation action.

 

Ted_Byerly_7-1652304602522.png

In page two, you see your unique API request setting that the iApp has populated and you now select what virtual server you are going to apply the iApp and configuration against.

 

Ted_Byerly_8-1652304602536.png

When configured click “Finished

Below is an example of a demo configuration.

 

Ted_Byerly_9-1652304602539.png

That is how simple and quickly you have protected your application with F5's XC Bot Defense. Next we will switch back to the F5 XC Dashboard and see the mitigation taking place.

Navigate to Bot Defense, Overview, Monitor..

xc_bot_overview.png

 As you can see, F5's XC Bot Defense was able to successfully stop bot attacks from the endpoints you protected. You are able to see the Countries, the endpoints and the action, along with the number of bots versus human traffic.

Related links:

YouTube:

https://www.youtube.com/watch?v=JD43GNFKtpU

F5:

https://www.f5.com/cloud

https://www.f5.com/cloud/products/bot-defense

Version history
Last update:
‎25-Jan-2023 08:23
Updated by:
Contributors