API Direct Integration
The Netacea API integration detects bot activity and performs mitigating actions in line with the client blocking strategy.
Netacea is a cloud-based system that analyzes all visitor activity to a web based system and identifies malicious visitors.
To enable companies to use Netacea to provide real-time, in-line protection for their web systems, Netacea has created a plugin architecture that can be implemented in all major technologies.
This plugin architecture handles interaction with the Netacea APIs and processing of responses to provide effective, low-latency mitigation against threats detected.
Netacea has built a range of plugins for major CDNs, load balancers and web platforms, but also enables customers to build their own plugin if required.
Creating a Netacea plugin involves interacting with two Netacea APIs:
- Monitor Ingest API – For visitor data capture.
- Alternatively, ingest logs can be shipped to an ingest point provided by Netacea.
- Protector API – To access Netacea’s evaluation of the current visitor and what action should be taken.
API endpoints for the Netacea APIs vary by customer. Your specific API endpoints will be communicated, along with your specific API keys as part of the onboarding process.
The API key should be included with every request to any Netacea API as a header value with the key “X-Netacea-API-Key”.
Any API calls made without an API key or with an invalid API key will be rejected.
The plugin process undertakes two distinct elements:
- 1.N/ Monitor: Passing of the visitor related data to the Netacea Detection Engine for analysis.
- This process is undertaken asynchronously in the response phase of request processing.
- Data can also be provided in batch – either to a Kinesis stream or to an S3 bucket.
- 2.N/ Protector: Querying of the Netacea Protector API to determine if any mitigations should be applied to this visitor.
- This process is undertaken synchronously in the request phase (the result is tracked against a visitor to minimize latency and the amount of API calls being made).
The diagram below shows the process that underlies a plugin.