Help
Technical Articles
F5 SMEs share good practice.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

How to easily protect your BIG-IP applications using F5's Distributed Cloud Bot Defense, natively

Ted_Byerly
Legacy Employee
Legacy Employee

on ‎31-May-2022 09:00 - edited on ‎02-Feb-2023 10:33 by Community Manager

Prerequisites

This article assumes that you have access to the F5 Distributed Cloud and you are using BIG-IP version 17.0.

If you have BIG-IP version 14.1 to 16.x you should follow the steps in this article.

Log in to your tenant dashboard.  You should now see a new tile called Bot Defense.

 

XC_Console.png
 
Click on the Bot Defense tile.  You are presented with the following screen:

Verify the correct "Namespace" in the upper left and then click on “Add Protected Application.”

xc _No_protected apps.png

 The following screen appears, and you need to supply the highlighted information:

  • Name
  • Region
  • Connector Type
Ted_Byerly_2-1652305513129.png

Click Save and Exit.

Back in the Bot Defense management space, select the application you just created by clicking the dots, and then Copy the App ID, Tenant ID and API Key to a convenient location, where you will need to access these values when configuring your BIG-IP SaaS Service.

 

Ted_Byerly_0-1652305904086.png

Login to your BIG-IP.

In version 17.0 you will notice a new tile down on the left side called SaaS Services. Click on Bot Defense.

 

Ted_Byerly_1-1652305904097.png

Click on Bot Defense, BD Profiles and click Create.

 

Ted_Byerly_2-1652305904101.png

In the following sections I have highlighted sections I want to call out. In addition, another article will be devoted to all the knobs and widgets on this page.  I am just discussing the minimum to easily deploy F5 XC Bot Defense.

  • In the first section you are going to fill in the fields with the keys you copied earlier form the F5 XC Bot defense page.
  • Select the BIG-IP to handle the JS injections and the path or URL.
  • Next are the endpoints you want to protect from automated bots.  You supply the host, url or path, the method, and the mitigation you desire, continue, redirect, block or drop. These pages typically are login pages and pages subjected to web scraping.
  • Select the Shape Protection pool F5 tells you to use.
  • Select the SSL Profile you are going to use.
  • Click Finished when done.

 

Ted_Byerly_3-1652305904116.png

That is how simple and quickly you have protected your application with F5's XC Bot Defense. Next we will switch back to the F5 XC Dashboard and see the mitigation taking place.

Navigate to Bot Defense, Overview, Monitor..

xc_bot_overview.png

 As you can see, F5's XC Bot Defense was able to successfully stop bot attacks from the endpoints you protected. You are able to see the Countries, the endpoints and the action, along with the number of bots versus human traffic.

Related links:

YouTube: https://www.youtube.com/watch?v=kHHDOyIQu1c

F5:

https://www.f5.com/cloud

https://www.f5.com/cloud/products/bot-defense

Lab:  Advanced WAF Demo v17 + LCC, ML, ATI, CSD, XC Bot Defense and GraphQL - VD Solutions

https://udf.f5.com/b/a5732e46-d2b9-45d8-9aff-d0d9de52fd0c#documentation

Version history
Last update:
‎02-Feb-2023 10:33
Updated by:
Community Manager
Contributors
Copyright © 2023 Khoros, LLC