F5 ASM – Bot Defense

I wrote about F5 BIG-IP ASM – Bot Protection two years ago when I was studying for the F5 BIG-IP ASM Certified Technology Specialist exam. It was great because I passed the exam. Today, I’m studying again for the recertification exam. Therefore, I’ve recorded two new videos about Bot Defense but, this time, with the BIG-IP version 14.1.2. You can watch two videos. The first one for blocking bot requests, and the second one for whitelisting bot requests.

The first video is about blocking bot requests. We can watch firstly how to create a bot logging profile and a bot defense profile. Secondly, we run the curl tool against a web service where we can watch the curl tool is identified as an Untrusted Bot, which is alarmed, and the Nikto vulnerability scanner is identified as Malicious Bot, which is blocked. Thirdly, we have configured the mitigation setting CAPTCHA for malicious bot where we can watch there is a challenge when we run the curl tool with the Nikto user agent. Finally, we have configured the TCP Reset mitigation setting for Nikto.

The second video is about whitelisting bot requests. We can watch firstly how to create a bot logging profile and a bot defense profile. Secondly, we run the curl tool against a web service where we can watch the curl tool is identified as an Untrusted Bot, which is alarmed. Thirdly, we have configured an exception for curl where we can watch traffic is not alarmed. Finally, we have configured rate limiting for Unknown Bot and we can watch that even though we have whitelisted the curl bot we can still ensure that it is rate-limited to prevent stress on the application.

Thanks, it’s your turn!

Commentaires