Application Traffic Insight (ATI) Frequently Asked Questions
What is ATI?
ATI is a Proof-of-Value (PoV) tool that provides insight into the traffic coming into your application, and identifies legitimate and malicious/fraudulent activities. ATI can help your organization properly analyze the bot and fraud traffic coming to your web application, and presents you with upgrade options for how to move forward to mitigate problematic traffic.
ATI gives you insight into which end-users are accessing your web application and other valuable information such as from where they connect, session length, new vs. old devices, and user behavior when interacting with your application. You can analyze traffic flow anomalies to determine human and non-human (bots/automation) actors. ATI gives you a preview of the efficacy and accuracy of the comprehensive anti-bot and fraud detection solutions that F5 offers.
How can I get started with ATI?
Subscribe to the free ATI service via the free tier of F5® Distributed Cloud Console, talk to your F5 account rep, or email ATI_support@f5.com to get started with ATI today.
Is ATI really free?
Yes, ATI is free for all customers for a period of 60 days.
What are the benefits of ATI?
Customers can leverage ATI in support of multiple use cases:
- Comprehensive view into traffic insight.
- Determine what is human traffic and what is bot traffic.
- Determine malicious/fraudulent activity versus legitimate activity.
- An upgrade option for mitigating malicious/fraudulent activity.
- Accurate device identification and recognition of returning devices.
- Identifies devices even when malicious actors manipulate Layer 7 data.
What is unique about ATI?
ATI has the following unique features:
- ATI gives you a preview into the various security solutions that F5 offers.
- ATI is a Proof-of-Value (POV) tool.
- ATI can be used for free for a period of 60 days.
- Deployment is very easy and can be completed in an hour.
- You gain insight into your web application traffic that you might have not otherwise been aware of, such as bot and fraud activity happening on your system.
- ATI is built on signals developed over years of battling advanced persistent attackers targeting the world’s largest retailers and financial institutions.
How does ATI work?
When a user visits your website, ATI leverages the JS to collect information about the browser, device OS, hardware, and network configuration. In addition, ATI relies on network data to determine suspicious activities that are not executed by JS. These attributes and parameters feed into the ATI service built on industry-recognized AI and machine learning capabilities. The data is processed in real time, and ATI provides outputs insight in the Distributed Cloud Console dashboards regarding detected end-user devices and bots accessing your system, In the future, data on detected fraudulent activities will also be displayed.
Does ATI depend on any Volterra/F5 services?
No, ATI is an independent tool and not dependent on any other Volterra/F5 service.
Does ATI use browser attributes?
Yes, the ATI JS collects browser attributes. Indeed, F5 invests heavily and utilizes advanced AI to determine which attributes to collect, in order to attain the most valuable insights.
Does ATI include reporting/dashboards?
Yes, the ATI dashboard provides aggregated insights that can be used to assess and detect bot/automation, fraudulent activity, login friction, and other issues.
Does ATI collect personal information?
ATI does not collect personal information except for IP addresses. ATI does not capture data that users input into applications such as emails and credit card numbers. Data collection is limited to that which is necessary to deliver the ATI service.
What kind of data is collected by ATI?
The meta-data that is collected to provide insight into your web application traffic falls into five categories:
- Browser information, such as browser type, browser version, plugins, fonts etc.
- Hardware, such as whether the traffic is coming from a laptop or mobile device, etc.
- Type of operating system, such as Windows, Linux, etc.
- Network information, such as IP addresses, User Agents etc.
- Data from HTTP such as Client IP, Hostname, HTTP method, HTTP status code, URI, headers, and cookies.
Is data obfuscated and is it transmitted securely?
The JS that powers ATI is significantly obfuscated. This makes defeating it sufficiently difficult. The ATI JS collects the signals and processes data to assess bot activity and, in the future, also fraud activity. All data is transmitted securely to the F5 cloud after being base64 encoded and encrypted via TLS.
Are the API calls triggered by the ATI JS asynchronous?
Yes, the ATI JS is loaded asynchronously to avoid any performance impact during page loading. The execution of the ATI JS does not delay page loading.
What kind of latency is expected?
The ATI JS runs asynchronously, thus the browser continues running even if the request has not yet finished. The API response and network latency are expected to take approximately 200ms.
Do I need the ATI JS on all web pages?
This is strongly recommended. Injecting the ATI JS on all pages maximizes the probability of having an ATI response for every session. With ATI JS on every page, the lack of a ATI response cookie for a transaction is an indicator that the cookie has been removed from the browser, which is a likely indicator of fraud.
If for some reason a customer does not want to inject the ATI JS on all web pages, F5 recommends at least injecting the ATI JS on all login pages.
How big is the ATI JS?
60 KB when gzipped.