Application Traffic Insight
About F5 Application Traffic Insight
F5 Application Traffic Insight (ATI) is a Proof-of-Value (PoV) tool that provides insight into unwanted user connections, devices, and behavior on your web application. With ATI, you can easily analyze traffic flow anomalies, determining both malicious and legitimate human and non-human (bots/automation) actors. ATI also presents you with upgrade options for comprehensive anti-bot and fraud detection solutions that F5 offers.
Deploying ATI is simple and can be completed in less than an hour. ATI can be deployed with any tag manager, with the BIG-IP, or with NGINX. ATI is also unique in that it gives you insight on actual traffic coming into your web application.
ATI leverages JavaScript (JS) on both the client-side and server-side (for BIG-IP and NGINX deployments ) to collect data from client-browsers, monitor data traffic, and detect bots. ATI is deployed asynchronously on the web pages of the application and therefore there is minimal impact on user experience and system performance
F5 recommends deploying ATI on all the web pages of your application. If for some reason a customer prefers not to deploy on all web pages, F5 recommends at least deploying on all login pages.
The diagram below shows the basic data flow for ATI.
Figure: Basic Data Flow for ATI
ATI Data Flow
-
During page load, the ATI JS is loaded asynchronously to collect all the required telemetry with minimum performance impact.
-
The ATI JS sends an API request with telemetry to the ATI service on the F5® Distributed Cloud. The device identifiers are computed on the Distributed Cloud and sent back to the client in the API response.
-
ATI JS writes the response in a cookie.
-
The ATI service sends the traffic insights to F5® Distributed Cloud Console and they are displayed to the user in the ATI dashboards.