Radware Bot Manager Virtual Appliance

Getting Started

This is a crisp and precise integration guide that will facilitate the integration of Radware Bot Management Solution for Web Applications, Mobile & APIs using Radware Bot Manager Virtual Appliance.

For website architectures that prohibit the use of public cloud infrastructure, you can deploy a Radware Bot Manager Virtual Appliance on a virtual machine (VM), so that it is co-located within your IT infrastructure.

Introduction

Creating Radware Bot Manager Account

  1. Before proceeding with the integration, you must create a Radware Bot Manager account. To create an account please Register​ here.

  2. Complete the registration by submitting the form with the required details.

  3. After successful registration, a verification email will be sent to your registered email.

  4. Click on the activation link and set your password.

  5. On successful activation, you will be redirected to the Radware Bot Manager portal.

Prerequisites 

  • Depending on your traffic bandwidth, we would request resources to set up the Radware Bot Manager Virtual Appliance setup. The setup typically needs a load balancer and a couple of machines (Preferably CentOS 7.0 ) for the Radware Bot Manager Engine to analyze the incoming traffic.

  • You will be sharing server details with the Radware Bot Manager Support team to set-up a virtual appliance on your servers.

  • If you wish to deploy Radware Bot Manager Virtual Appliance in any environments other than CentOS 7.0 like Ubuntu, RedHat, VMware, Fedora, etc, please share the details with botmanager_support@radware.com to help you further on this.

Write to botmanager_support@radware.com to know about the resources required to deploy the Radware Bot Manager virtual appliance in your infrastructure. 

Types of Virtual Appliance 

Depending on your business requirement or architectural support, you can choose one of the following appliance options. 

  1. Inline Virtual Appliance 

  2. Out of Path Virtual Appliance 

1. Inline Virtual Appliance 

In this option, you would just need to provide the resources (virtual machines) required to meet your traffic bandwidth and the Radware Bot Manager portal will create a custom kit to install Nginx reverse proxy instance to post the traffic to the Radware Bot Manager endpoint in your premises.

How it works in Active Protection mode?

  1. Data from the end user's browser/Mobile will be received by your Load Balancer.

  2. Your Load Balancer will redirect the data to the Radware Bot Manager Virtual Appliance residing in your infrastructure.

  3. Radware Bot Manager Virtual Appliance will asynchronously send the data to Radware Bot Manager's Bot Engine for analysis and synchronously send the response code header to your Origin server.

  4. The value of this response header will be one of the following and appropriate actions can be taken on the corresponding requests.

    1.  Allow the request

    2. Challenge CAPTCHA to the request

    3. Block the access request

    4. Feed fake data to the request

    5. Custom response 

  5. If the value of the 'ShieldSquare-Response' present in the HTTP header is 'Allow', the request will be sent to your origin server to serve the page to the end-user.

  6. For other values in the 'ShieldSquare-Response' present in the HTTP header, you can take appropriate action at the Origin server/ WAF/ CDN to challenge with CAPTCHA or Block or Feed fake data to the request, depending on your business requirement.

Advantages :

  • Minimal integration efforts as the installation are fully automated and secured 

  • Minimal latency between your origin server and Radware Bot Manager endpoint 

  • Fully secured data transit layer 

2. Out of Path Virtual Appliance 

In this option, you can choose to select any integration option (can be webserver plugin / SDK) to post the data to the Radware Bot Manager Virtual  Appliance set up in your premises. Radware Bot Manager portal will create a custom kit to install Radware Bot Manager Virtual Appliance locally in your premises.  

How it works in Active Protection mode?

  1. Data from the Browser/Mobile of end-user will be received by your load balancer.

  2. Your Load Balancer will redirect the data to your Origin Server which has Radware Bot Manager plugin integrated. 

  3. Radware Bot Manager plugin will synchronously send the data to Radware Bot Manager Virtual Appliance for response code and Radware Bot Manager Virtual Appliance in turn asynchronously sends the data to Radware Bot Manager bot engine for analysis.

  4. The value of this response header will be one of the following and appropriate actions can be taken on the corresponding requests.

    1.  Allow the request

    2. Challenge CAPTCHA to the request

    3. Block the access request

    4. Feed fake data to the request

    5. Custom response 

  5. If the value of the 'ShieldSquare-Response' present in the HTTP header is 'Allow', the request will be sent to your origin server to serve the page to the end-user.

  6. For other values in the 'ShieldSquare-Response' present in the HTTP header, you can take appropriate action at the Origin server/ WAF/ CDN to challenge with CAPTCHA or Block or Feed fake data to the request, depending on your business requirement.

Advantages 

  • Minimal latency between your origin server and Radware Bot Manager endpoint

  • Fully secured data transit layer 

  • Flexibility to have the integration out of your data path 

  • In monitor mode, Radware Bot Manager Bot Engine will append 'ShieldSquare-Response' HTTP Header for each request whose value will always be '0'. This indicates to allow all requests irrespective of human/bot behavior.

  • Write to botmanager_support@radware.com to get started with integration.