Likelihood to Recommend F5 Distributed Cloud Bot Defense is well suited for large Enterprises that face advanced bot attacks from Web Scraping, Credential Stuffing, Carding/Credit Card Stuffing, Fake Account Creation, and more where the collection of the Client-Side signals helps clearly show if the attackers are telling lies vs. other bot solutions that place a lot of the responsibility on their customers to tune bot scores.
Read full review Cb Protect is best suited somewhere where you want to maximize the lockdown of workstations. So moving past no local admin rights to blocking specific applications and peripherals. The idea would be to have a list of applications you want to run, and then anything else is not able to be used. As stated prior, if you have a very fluid environment where you are having all sorts of new applications installed frequently (I feel for you!!) this is still do-able, but it misses the general idea. I think especially in environments that are more sensitive to new applications, like banks, healthcare systems etc, this is a good fit. The ability to look at application levels, drift, unapproved software etc is very useful.
Read full review Pros Quickly helps mitigate the retooling and newer advanced bot attacks Excellent customer service from our f5 bot Defense team/partners Easy to do Traffic Analysis/False Positive reviews with their dashboard of data Our F5 Security/Solutions Architect and TAM is always there for us whenever we need them First class service by the F5 Distributed Cloud Bot DefenseSOC, the Tactics Team, the F5 Testing person that helps us, the mobile SDK experts, the Client-Side Signals experts and F5 management Industry best Threat Briefings Not only is F5 Distributed Cloud Bot Defense great at stopping the advanced bot attacks, they also have protection against any tampering or replay attacks. Read full review Controls file writes, executions of the scripts Defends from process injections, memory protection Visibility and lock down posibilities Read full review Cons On a technical side, we've had a lot of deployment issues. This is not a one-sprint solution. We ran into undocumented failure modes and had to rely on L2 and L3 customer support, delaying troubleshooting significantly [in our experience]. Accurate log ingestion is a larger challenge than one would want in a security tool. Read full review Perhaps more specific training. Read full review Support Rating Support is quick to respond. They help guide you through any issues you have and ensure everything has been resolved before disconnecting. Wait times can vary, but it depends on the time of day. Eventually, excellent support is reached, and you can learn a few things from them as well.
Read full review Implementation Rating F5 Distributed Cloud Bot Defense and our partners are great at helping us with in-depth Traffic Analysis of protected endpoints first in Monitoring Mode. After 7-14 days of Traffic Analysis/False Positive reviews, we can clearly tell when we are ready to place protected endpoints into Mitigation Mode.
Read full review Alternatives Considered We have tried a whole bunch of solutions before we got Shape bot defense solution. But non of them worked for us the way F5 Shape solution worked
Read full review The big difference between Protect and
Barkly /AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and then hitting a list of whitelisted programs to decide if you are able to run that or not, based on the policy you are in. There is a LOT of value in that. We actually are working on transitioning to Cisco Advanced Malware Protection (AMP). The main reason is cost (about the same cost as Cb Protect, but with (most of) the featureset of all 3 Carbon Black products for less than 1/3 of the total spend. AMP works differently, looking at a reputation service powered by Cisco's Talos cloud. You don't really have application whitelisting, but that also reduces how many "requests" you get for applications. So I'll have to find a different way to do whitelisting and USB blocking and the like, but I'm getting more visibility across my network and also built in antivirus (TETRA engine - ClamAV with some work).
Barkly is an add that we are looking to put in as it looks at behavior of programs. So specifically it watches for privilege elevation and the like. Thus far all the big name problem children (WannaCry, other ransomware problems) have been caught natively in
Barkly day 0.
Read full review Return on Investment [F5] Shape [Security] established a clear negative trend line in bot traffic to our retail site. [F5] Shape [Security's] anti-automation has moved our business out of reach for ROI for attackers. So far, [F5] Shape [Security] has not caused any incidents as a technology, and has stifled attacks which would have certainly landed as a Sev 2 without this protection. Read full review App Control can ensure Continuous Compliance. Solution can reduce expenses on different security software. Nowadays Zero Trust approach is very important for any organization and Application control is one of the main parts of it. Read full review ScreenShots