Prerequisites

The virtual service that you wish to protect with Bot Manager must already be configured on Alteon.

For the integrated Bot Manager to function, you must have at least the Perform package license installed on Alteon, and you must have a Standalone Bot Manager license.
Notes

You operate Bot Manager on a virtual service from within Alteon.

By default, Alteon checks only requests for dynamic information from the client. Alteon does not inspect requests for static information such as graphics files.

Although the configuration of the Bot Manager policy is performed on Alteon, the Bot Manager Dashboard and Analytics are available in the Bot Manager cloud portal.

Accurately configure the Alteon date and time. Radware recommends using NTP.

When both WAF and Bot Manger protection are enabled on the same virtual service, Alteon implements WAF protection on the traffic before initiating the Bot Manager flow.

Alteon must be configured with a DNS server to allow resolving of the closest Bot Manager endpoint (configured in the sideband policy as an FQDN server group).

The traffic to the Bot Manager engine is sent via the data port.
[Bot Manager Menu] botmng - Bot Manager Policy Menu on - Globally turn Bot Manager capability ON off - Globally turn Bot Manager capability OFF cur - Display current Bot Manager configuration |
Bot Manager Menu Options (/cfg/security/botmng)
Command Syntax and Usage |
---|
botmng |
| Prompts you to enter a Bot Manager policy ID and displays the Bot Manager Policy menu. To view this menu, see /cfg/security/botmng/botmng Bot Manager Policy Menu. |
on |
| Globally enables the Bot Manager feature for this Alteon. Bot Manager-side enforcement is governed by the terms of the license you have purchased. |
off |
| Globally enables the Bot Manager feature for this Alteon. |
cur |
| Displays the current Bot Manager configuration. |
When a client request reaches an application in Alteon which is protected by Bot Manager, Alteon extracts information from the request headers such as the user agent header (indicating whether the request comes from a computer, a mobile device, or a script) and the source IP address of the request. Alteon then sends this information in a JSON request via a sideband connection to the Bot Manager endpoint in the cloud and waits for a response. Bot Manager will respond with one of the following instructions:

Allow — Alteon allows the request to pass to the server.

Captcha — Alteon sends a Captcha challenge to which the client must respond (such as a request to select all images that include a bus). If this requirement is not satisfied, Alteon redirects the client request to a block page. If the challenge is met, Alteon forwards the client request to the server.

Block — Alteon redirects the request to a block page.

Fake Feed — Alteon allows the client request to pass to the server and includes the Bot Manager response to the request in the “ShieldSquare-Response” header, allowing the server to select the correct response to the client request.