Protect Your Cloudflare CDN Deployment with F5 Distributed Cloud Bot Defense

Across every industry—retail, travel/hospitality, digital technology, financial services, and many others—online fraud is a very real threat. These threats continually grow and change, bringing new evolutions of bot attacks, retooling, fraudulent payments, scams, phishing, smishing, and others to targets across web, mobile, and APIs.

In addition to protecting customers and enterprises, CDN and e-commerce operators also need to protect themselves—from intellectual property theft, sensitive data exposure, checkout abuses, and much, much more as the list of threats grows every day.

Fortunately, organizations that utilize Cloudflare CDN can also easily deploy F5® Distributed Cloud Bot Defense® to further mitigate a wide range of these risks

Cloudflare accelerates anything connected to the internet, making websites, APIs, corporate networks and distributed workforces safer and faster. As one of the world’s most connected cloud network, each of its hundreds of locations blocks attacks, accelerates traffic, and deploys serverless code. Deploying the powerful F5 Distributed Cloud Bot Defense within this network can further strengthen security and harden your websites, e-commerce platforms, mobile apps, and APIs.

Regardless of the platform on which a company’s resources are deployed, it’s not unusual for 90 percent or more of daily log-in attempts to be from non-human visitors—i.e., bot-based attack traffic. These bots (simple or complex) easily cycle through the millions and millions of stolen and leaked credentials that are already in the wild, one after another, over and over, throwing username and password combinations at your platform and hoping for even a tiny fraction to make it through. And they have a lot of material to work with, too—in 2020 alone, 1.86 billion credentials were stolen.

This process is called credential stuffing and it can be costly. All those automated login attempts are a constant, steady drain on bandwidth and server resources; and things can go from bad to worse if one of those bots is able to log-in with stolen credentials.

F5 Distributed Cloud Bot Defense delivers a powerful suite of innovative solutions that identify all manner of harmful, bot-driven network traffic and block it before it becomes a drain on your resources (or worse). Distributed Cloud Bot Defense is perfectly suited to protect enterprise sites, online banking channels, and e-commerce platforms since it is quickly and easily integrated into an organization’s Cloudflare CDN deployment.

Distributed Cloud Bot Defense protects web, mobile applications, and API endpoints from sophisticated attacks that would otherwise result in large-scale fraud. This automated solution determines in real-time if an application request is from a fraudulent source and then takes an enterprise-specified action, such as blocking, redirecting, or flagging it.

F5 stands out in the industry for our ability to rely on years of experience defending the world’s largest companies—meaning F5 has gathered vast quantities of highly detailed data from countless attempted attacks. With all this experience, F5 has unparalleled expertise in not just identifying whether any given request was made by a bot or human, but whether the request was made with malicious or benign intent.

F5 Distributed Cloud Bot Defense uses JavaScript and API calls to collect telemetry and mitigate malicious users within the context of the Distributed Cloud global network. Distributed Cloud Bot Defense is provided as a managed service and integrated into the Cloudflare CDN platform by using a Worker that can be configured directly from the Distributed Cloud console. (Cloudflare Workers derive their name from Web or Service Workers, the W3C standard API for scripts that run in the background in a web browser and intercept HTTP requests. Cloudflare Workers are written against the same standard API, but run on Cloudflare's servers, not in a browser.)

Once the Worker script and Distributed Cloud Bot Defense are enabled and configured, you can view and filter traffic and transaction statistics on the Bot Defense dashboard in Distributed Cloud Console to see which users are malicious and how they’re being mitigated.

As F5 analyzes transactions and scrutinizes attack campaigns, aggregate data analysis is applied to proactively recognize future attempts as well. When an attack campaign tries to bypass Distributed Cloud Bot Defense by somehow retooling (typically by updating software or leveraging new proxies), F5 is still able to identify the campaign based on hundreds of other signals. Most importantly, as soon as a new attack technique is observed on one customer, countermeasures are autonomously deployed, and details are shared. Hence, all other F5 Distributed Cloud Bot Defense users are also immediately inoculated.