Manage Bot Defense Advanced

Important: Bot Defense Advanced Self-Service Policy Management is an Early Access feature.

As your IT infrastructure evolves, it might be necessary to make changes to your Bot Defense configuration, for example, to protect a new endpoint, add a new IP address to the allow list or to revert to a previous policy version.

The following sections provide information about how to view and update Bot policies, and how to view information about your Bot infrastructure. To make changes to your Bot infrastructure, contact the F5 Operations team.

Manage Your Bot Infrastructure

The following information explains how to view your current Bot infrastructure, including a list of clusters, configuration details and the status of each.

Important: To make changes to your Bot infrastructure, contact your F5 Operations team.

View Deployed Bot Infrastructure

To view your deployed Bot infrastructure, from the Bot Defense navigation menu, click Manage > Bot Infrastructure. If necessary, use Search to find the Bot infrastructure you want to view.

The Bot Infrastructure page includes the following columns:

• Bot Infrastructure Name: The names of your Bot infrastructures.

• Infra Traffic: The type of traffic for which the infrastructure is configured (Web or Mobile).

• Region: The region where the Bot Defense infrastructure is deployed. Only applicable for the F5 Cloud Hosted infrastructure type.

• Device: Names of the individual virtual or physical machines that host your Bot Defense infrastructure. Only applicable for F5 Hosted and On-Premises infrastructure types.

• Endpoint Policy: The name and version number of the Bot Endpoint policy deployed in the infrastructure.

• Allowlist Policy: The name and version number of the Bot Allowlist policy deployed in the infrastructure.

• Network Policy: The name and version number of the Bot Network policy deployed in the infrastructure.

• Infra Type: Whether the infrastructure type is F5 Cloud Hosted, F5 Hosted or On-Premises.

• Environment Type: Whether this is a Production or Testing environment.

• Firmware Version: The firmware version deployed in your Bot infrastructure.

  Note: Click the gear icon to select specific columns.

  

  Figure: Configuration Details

You can perform the following additional tasks from the Bot Infrastructure page:

• View Bot infrastructure configuration details.
• Show the status of your Bot infrastructure.
• Deploy updates to your bot policies.
• View your policy deployment history.

View Configuration Details

The following steps allow you to view configuration details for a specific Bot infrastructure.

1. From the Bot Defense navigation menu, click Manage > Bot Infrastructure.

2. In the Actions column, click the Action menu (…) next to a Bot infrastructure.

3. Click View Configuration to view the following information for the infrastructure you selected:

   • Name: The name of the Bot infrastructure.

   • Bot Endpoint Policy: The name, version number and traffic type (Web or Mobile) of the Bot Endpoint Policy deployed in the infrastructure.

   • Bot Allowlist Policy: The name and version number of the Bot Allowlist Policy deployed in the infrastructure.

   • Bot Network Policy: The name and version number of the Bot Network Policy deployed in the infrastructure.

   • Infrastructure Type:

     • Environment Type: Whether this is a Production or Testing environment.
     • Traffic Type: The type of traffic for which the infrastructure is configured (Web or Mobile).
     • Cluster State: Whether the cluster is currently Active or Inactive.
     • Infra Type: Whether this is a F5 Cloud Hosted, F5 Hosted or On-Premises infrastructure.
     • Infra Host Name: The destination host name of a regional Bot Defense cluster for traffic sent to Bot Defense for evaluation.
     • Firmware Version: The firmware version deployed in your Bot infrastructure.
     • Devices: A list of virtual or physical machines that host your Bot Defense infrastructure, such as Bot Defense Service Nodes (SSEs). Only applicable for F5 Hosted and On-Premises infrastructure types.
       • Device Name: Name of the individual virtual or physical machine that hosts your Bot Defense infrastructure.
       • Firmware Version: Version number of the firmware currently installed on the device.
       • IP Addresses: IP addresses for the network interfaces on your devices.
         • Traffic: IP address of the network used for data service (web site traffic).
         • WAN: IP address of the network used for the management service, Distributed Cloud Protection Manager.
         • Local: IP address of the network used for the Distributed Cloud Bot Defense Service Node Configuration Manager.
       • Certification Status: Expiration date of the SSL/TLS certificate on the device.
     • Ingress: A list of destination host names or IP addresses for regional Bot Defense clusters for traffic evaluated by Bot Defense. Applicable to F5 Cloud Hosted only.
     • Egress: A list of source IP addresses for the traffic that exits to your load balancer or CDN, or to the origin after being evaluated by Bot Defense. Applicable to F5 Cloud Hosted only.
     • IP Addresses: A list of source IP addresses or ranges of source IP addresses compiled by your F5 team. This serves as the network access control list for ingress traffic entering the Bot Defense infrastructure. Applicable to F5 Cloud Hosted only.
     

     Figure: Configuration Details

4. To exit, click Close.

Show Bot Infrastructure Status

The following steps allow you to view the status of a Bot infrastructure.

1. From the Bot Defense navigation menu, click Manage > Bot Infrastructure.

2. Click Refresh to retrieve the latest information about your Bot infrastructure.

   

   Figure: Refresh Status

3. In the Actions column, click the Action menu (…) next to a Bot infrastructure.

4. Click Show Bot Infrastructure Status. The following information appears for each machine in the infrastructure you selected:

   • Deployment Status: The status of the deployment process for your infrastructure. Either Success, In-Progress or Failed.

   • Policies: The name and version number of each policy deployed on your infrastructure.

   • Details: Additional information about the status of your infrastructure, such as errors or unusual events.

   • Last Deployed By: Person or entity that last updated your infrastructure.

   • Last Deployed On: Date that your infrastructure was last updated.

     

     Figure: Bot Infrastructure Status

5. To exit, click anywhere outside of the Bot Infrastructure Status panel.

View Policy Deployment History

Bot Defense Deployment History enables you to easily track policy updates for your Bot infrastructures. Use the filters at the top of the history list to sort by who deployed the policy, the policy type and the time period for which results are displayed.

1. From the Bot Defense navigation menu, click Manage > Bot Infrastructure.

2. In the Actions column, click the Action menu (…) next to a Bot infrastructure.

3. Click View Deployment History to view the date and time of each deployment update and whether the update was deployed by F5 or by one of your users.

4. Click a deployment update to view the name and version of each policy type (Endpoint Policy, Network Policy or Allowlist Policy) deployed in that update.

   

   Figure: View Deployment History

5. To exit, click anywhere outside of the Deployment History panel.

Manage Bot Policies

The Distributed Cloud Console lets you view and manage your currently deployed polices. For example, you can protect additional endpoints, change mitigation actions or update your routing information and then deploy new policy versions. You can also view previous policy versions. If you need help managing policies, contact your F5 Operations team.

Protect Additional Endpoints

After you initially deploy your Bot Endpoint Policy, as your IT environment evolves, it might be necessary to protect additional endpoints. To protect an additional endpoint, you must create a new version of the Bot Endpoint Policy.

1. From the Bot Defense navigation menu, click Manage > Bot Policies and then click Bot Endpoint Policy.
2. From the list of saved Bot Endpoint Policies, in the Actions column, click the Action menu (…) next to the most recent policy version.
3. Click Manage Configuration and then click Edit Configuration.
4. To add a new protected endpoint, in the Protected Endpoints section, click Add Item and then provide information about the endpoint. For information about specific configuration fields, see Configure the Bot Endpoint Policy.
5. When you finish adding endpoints, click Apply and then click Save Bot Endpoint Policy.
6. Choose one of the following options:
   • Save Final: The policy version is saved and added to the list of policy versions that you can deploy in your Bot infrastructure.
   • Save as Draft: You or another administrator can review and finalize this policy version later.
7. To deploy your new policy version, see Deploy Policy Updates.

View Policy Version History and Details

You can view history and policy details for previous versions of each Bot Policy type.

1. From the Bot Defense navigation menu, click Manage > Bot Policies and then click either Bot Endpoint Policy, Bot Allowlist Policy or Bot Network Policy.
2. From the list of saved policy versions, in the Actions column, click the Action menu (…) next to the version you want to view and then click Endpoint Policy Versions, Allowlist Policy Versions or Network Policy Versions, depending on the type of policy you want to view.
3. In the Policy Versions box, in the Actions column, click the Action menu (…) next to the version you want to view and click Manage Configuration to view details of a policy.
4. To exit, click the X on the Policy Versions panel to close the panel.

Download a Policy JSON File

For each of your individual policies, you can download a JSON file that contains the details of the policy.

To download the JSON file:

1. From the Bot Defense navigation menu, click Manage > Bot Policies and then click either Bot Endpoint Policy, Bot Allowlist Policy or Bot Network Policy
2. From the list of saved policies, in the Actions column, click the Action menu (…) and then click Policy Versions.
3. From the list of saved policy versions, in the Actions column, click the Action menu (…) and then click Download JSON. The JSON file downloads to the download location configured in your browser.
4. When the download completes, click the X on the Policy Versions panel to close the panel.

Change Mitigation Actions

After you initially deploy your Bot Endpoint Policy, it might be necessary to change the mitigation actions you configured for your endpoints. For example, if you initially deployed your Bot Endpoint Policy with the mitigation action set to Continue so traffic continues to the origin, when you decide to begin mitigating traffic, you might change the mitigation action to Redirect or Block so that automated traffic no longer reaches the origin.

1. From the Bot Defense navigation menu, click Manage > Bot Policies and then click Bot Endpoint Policy.

2. From the list of saved Bot Endpoint Policies, in the Actions column, click the Action menu (…) next to the most recent policy version.

3. Click Manage Configuration and then click Edit Configuration.

4. In the Action column, next to the protected endpoint you want to edit, click Edit.

   

   Figure: Edit a Protected Endpoint

5. Scroll to Mitigation action and select a new mitigation action.

6. Click Apply and then click Save Bot Endpoint Policy.

7. Choose one of the following options:

   • Save Final: The policy version is saved and added to the list of policy versions that you can deploy in your Bot infrastructure.
   • Save as Draft: You or another administrator can review and finalize this policy version later.

8. To deploy a new policy version, see Deploy Policy Updates.

Revert to a Previous Policy Version

It might be necessary to revert to a previous policy version if a recent change has created an unintended consequence or if a change in your IT environment makes a previous policy more desirable.

When you revert to a previous policy version, the current version remains available in the system if you decide that it is necessary to return to that latest policy version.

Policy changes take effect immediately, so before you revert to a previous policy version, make sure you know what the results of the change are.

1. From the Bot Defense navigation menu, click Manage > Bot Infrastructure.
2. In the Actions column, next to the Bot Infrastructure where you want to revert a previous policy version, click the Action menu (...) and then click Deploy Infrastructure.
3. For the policy you want to update, select the Policy Name and Deployment Version to which you want to revert.
4. Select the checkbox to acknowledge that you understand that Bot Defense deploys policy changes immediately.
5. Click Deploy. Then click Show Bot Infrastructure Status to view the deployment status for the Bot Infrastructure you updated.

---