Different between Dos Protection and Bot Defense

Question

Hi allWe have 2 question for ASM F5: What is different between DoS Protection and Bot Defense&nbsp;. Why F5 need use 2 separation it. ( attach picture version BIG-IP: 15.1)If we use Dos protection with TPS-based Detection and Bahabioral &amp; Stress : by Thresholds Mode : is Automatic. then how do you do calculate with value for block attack if we use automacticThank allHung Hoangplease explain hep me &nbsp;&nbsp;&nbsp;&nbsp;

ivan_chernenkii · Answer

Hello Hoang,&nbsp;Bots aren't always execute DoS attack to application. They can execute scraping, scalping, skewing, sniping and etc. These attack aren't always connected with high-rate traffic, like mostly in case of DoS. Also, it is good to have functionality to classify bots as good or bad. That is why ASM has these two different solutions: DoS Protection and Bot Defense.In case of "Automatic" mode ASM constantly counts baseline threshold, based on incoming traffic, and if baseline threshold is significantly reached, then it detects DoS attack. For more details you can look at https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-13-0-0/1.html.&nbsp;Thanks, Ivan

hoang_hung · Answer

Thanks Ivan so much&nbsp;Hung Hoang

Forum Discussion

Different between Dos Protection and Bot Defense

2 Replies

Recent Discussions

MAC address not showing up in LLDP packet

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Related Content

Beyond REST: Protecting GraphQL

L7 DoS Protection with NGINX App Protect DoS

Managing NGINX App Protect WAF for Beginners

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions

Cookie-based DDoS protection