Bot defense profile

Hi islam_nadim,

This may be a better question for F5 Support.
At a high level, from: https://clouddocs.f5.com/cli/tmsh-reference/v15/modules/security/security_bot-defense_profile.html

 balanced
         Allow limited access to non-malicious bots and verify
         browsers without affecting the user experience.

 

  relaxed
         Allow full access to non-malicious bots and perform non-
         intrusive browser verification.

From https://techdocs.f5.com/en-us/bigip-17-0-0/big-ip-asm-implementations/configuring-bot-defense.html

"Bot defense relaxed template
A relaxed bot defense profile defines a permissive security policy that performs basic non-intrusive verification of browsers; strong verification of mobile apps using Anti-Bot Mobile Security SDK; blocks malicious bots and allows all other clients. Malicious bots are detected mostly by using bot signatures. This template provides basic protection with very low risk of false positives.

Bot defense balanced template
A bot defense balanced template defines a moderate security policy that performs advanced verification of browsers; strong verification of mobile apps using Anti-bot Mobile Security SDK; blocks malicious bots; initiates a CAPTCHA challenge for suspicious browsers; limits the total request rate produced by unknown bots and allows trusted and untrusted bots. Malicious bots and suspicious browsers are identified by using both anomaly detection algorithms and bot signatures. This template provides an advanced protection level with reduced latency impact because browser verification is performed by injecting the challenge in the HTTP response."

 

If you have any follow up questions, I'd recommend reaching out to F5 Support, since the answer to your question depends on several things, and they'll be able to do more with more information/context from you.