Forum Discussion
2 Replies
Sort By
- Ppp2016_241036NimbostratusWhat type of DDOS controls that ASM can offer? Is it application DDOS attack? Does anyone has experience and understand how it works internally? How does ASM determine if the request is from human or botnet? Thanks!!
- samstepCirrocumulus
Yes, it is the application DDoS attacks and ASM uses multiple ways of protection.
ASM determines if request is from humans by injecting a special JavaScript snippet into the pages you want to protect. This JavaScript detects things like mouse movements,page scrolls, key presses as well the speed of navigation between pages.
ASM can also send a CAPTCHA challenge to tell a human and a bot apart.
You can find the detailed answers to your questions in the F5 ASM manual here:
Hope this helps,
Sam