NetScaler Console service

Bot

A bot is a software program that automatically performs certain actions over and over at a much faster rate than a human. Over 35 percent of your web traffic comprises bots and 80 percent of organizations suffer from bot attacks. They can interact with a webpage, submit forms, click links, scan text, or download content. Bots can even access videos, post comments, and tweet on social media platforms. Some bots can even hold basic conversations with human users. These bots are known as chatbots.

A bot that performs a needful or helpful service such as customer service, chatbots, search engine crawlers are known as good bots. Some malicious bots can scrape or download content from a website, steal user credentials, spread spam content, and perform various other kinds of cyberattacks. These malicious bots are known as bad bots. It is essential to identify bad bots and protect your appliance from advanced security attacks. You can achieve this using a bot management system.

For more information on Bot, see Bot Management.

Configure bot detection techniques in NetScaler Console

Note:

You can also use the Unified Security dashboard to configure protections, enable analytics, and deploy the protections on your application. For more information, see Unified Security dashboard.

In NetScaler Console, you can:

  • Configure bot detection techniques and deploy them on the NetScaler instances build 13.0 36.27 or later with premium license.

  • View bot analytics by enabling the Bot Security Violations option for the existing virtual servers configured with bot detection techniques either through StyleBook or directly from the NetScaler instance.

Along with the existing StyleBook configuration, this enhancement further simplifies the process to configure the bot detection techniques and deploy on the NetScaler instances.

  1. Navigate to Settings > Analytics Configuration.

  2. Under Virtual Server Analytics Summary, click Configure Analytics.

  3. Select the virtual servers and click Enable Security & Analytics.

  4. In the Enable Security & Analytics page, under Security, click Bot Protections.

  5. Select the bot options, configure, and click Deploy on NetScaler(s).

    Deploy

    A dialog box appears that the current configuration replaces the existing configuration for the selected applications. Click Yes, continue.

    After the configuration is successfully deployed, the All Virtual Servers page shows the configuration details.

    Configuration details

    Click Bot Protections to view the configuration in read-only mode.

    Read-only mode

    Additionally, you can also customize the global bot configuration details such as:

    • Enable or disable the signature auto-update to get the latest signatures that provide better protection and traffic management from both good and bad bots.

    • Configure the trap URL that is effective in blocking attacks from automated bots.

  6. Under Advanced Settings (optional), click the Global BOT config to customize the settings, and then click Deploy on NetScaler(s).

    Global bot

    A dialog box appears that the current configuration replaces the existing configuration for the selected applications. Click Yes, continue.

You can also edit configuration by selecting the virtual server from the All Virtual Servers page and clicking the Edit Security & Analytics option.

Edit configuration

Points to note:

  • You can also enable Bot Security Violations to view bot analytics for the virtual servers that are already configured with bot detection techniques.

  • If you edit any configuration, the same gets replaced with the existing configuration and applied to all applications.

  • You can delete the configuration. In the All Virtual Servers page, click Bot Protections from the Appsec Protection column, and click Delete Config.

    Delete configuration

  • If you delete a configuration, it also gets removed immediately from all virtual servers that are using the configuration.

Configure bot security violations in NetScaler Console

You can also continue to enable Bot Security Violations on the existing virtual servers that are already configured with bot detection techniques either through StyleBook or directly from the NetScaler instance to view bot insights in NetScaler Console.

To enable Bot Security Violations:

  1. Navigate to Infrastructure > Instances > NetScaler and select the instance type. For example, VPX.

  2. Select the instance and from the Select Action list, select Configure Analytics.

  3. Select the virtual servers and click Enable Security & Analytics.

  4. On the Enable Analytics window:

    1. Select Bot Security Violations

    2. Under Advanced Option, select Logstream.

      Bot-insight

    3. Click OK.

      Note

      • If you are not on the Flexed license and you select virtual servers that are not licensed, then NetScaler Console first licenses those virtual servers and then enables analytics.

After enabling Bot Security Violations, navigate to Security > Security Violations. Under Bot, select the application and view details. For more details, see Application overview.

Bot