Installation and Configuration
The Netacea F5 integration detects bot activity and performs mitigating actions in line with the client blocking strategy.
Last updated
The Netacea F5 integration detects bot activity and performs mitigating actions in line with the client blocking strategy.
Last updated
Copyright Netacea 2023
To successfully integrate using Netacea, please ensure you have:
Access to the relevant API keys and log shipping endpoints from Netacea.
In the F5 console, head to the System > Resource Provisioning menu item.
2. Make sure the ‘iRules Language Extensions (iRulesLX)’ is ticked and has adequate provisioning assigned - 'Nominal' should be chosen.
3. Under ‘Local Traffic > iRules’ the LX-specific menu items should be present.
Head to iRules > LX Workspaces
Click the ‘Import’ button.
3. Point the import to the workspace provided by Netacea, and call the workspace ‘Netacea'.
Note: When connecting through SSH you might end up in tmos
rather than bash. You can see this on the command line if it contains the word tmos
e.g.
username@(ip-172-31-10-207)(cfg-sync Standalone)(Active)(/Common)(tmos)#
In order to access the file location below you will need to switch to bash using the following command:
run /util bash
The nodejs library for iRules LX is NOT published to NPM (https://www.npmjs.com) and only resides on the F5 BIG-IP system. You can find further information on the f5 website here, as well as on NPM (https://www.npmjs.com/package/f5-nodejs).
Due to this fact, a few short steps are required to ensure the workspace works as expected.
SSH onto your F5 node via a terminal
Change into the directory where your workspace resides. e.g. /var/ilx/workspaces/Common/your_module_name_here/extensions/netacea
Once you are inside the Netacea module make a directory named node_modules
e.g. mkdir node_modules
Change into your newly created node_modules
directory and unzip the f5-nodejs files by running the command tar -xvzf /usr/share/packages/nodejs/f5-nodejs-6.tgz
This will install the f5-nodejs module into the desired node_module
folder and can be viewed in the F5 console.
From the LX Workspaces view - click on the named workspace. e.g. ‘Netacea’
Locate the config.json file and include the apiKey and secretKey for the workspace and click ‘Save File’ below
Click the ‘Reload from Workspace...’ button which will then update the files within the workspace.
4. Ensure that there is no orange highlighted ‘workspace files’ afterward. This signifies they've changed since the last reload of the plugin.
API keys are always added and saved before you move onto ‘Activate Plugin’ - otherwise, it will fail to start.
There are 5 fields that should be located in the NetaceaConfig.json file. An example can be found below:
From the LX workspaces view - click the ‘LX Plugins’ tab, and then the ‘Create’ button
2. Call the plugin 'Netacea' and choose the workspace we just imported.
It’s worth noting that the F5 worker can ‘INGEST’ from the mitigate iRule. Enabling netacea_mitigate means that you do not need to have netacea_ingest enabled, as the mitigate iRule will also handle Ingest. This means that a user only then needs to update the “mitigationType” located within NetaceaConfig.json to switch between ingest and mitigate without changing the iRule itself.
From the relevant virtual server view, choose the ‘Resources’ tab and then ‘manage’ iRule allocation.
2. Find the two Netacea iRules in the ‘Available' list, move the relevant iRule to the 'Enabled’ box, and set the desired priority. We recommend the highest priority where conflict will not occur.
netacea_ingest - this will just send request data to Netacea for analysis and will not take any action on live requests.
netacea_mitigate - this will send request data to Netacea and automatically mitigate identified threats according to your configuration.
F5 Datasheet - https://www.f5.com/pdf/products/big-ip-local-traffic-manager-ds.pdf
iRules LX overview - https://clouddocs.f5.com/api/irules-lx/
iRules LX API docs - https://clouddocs.f5.com/api/irules-lx/APIReference.html
iRulesLX Streaming guide here: https://readthedocs.org/projects/f5-agility-labs-irules/downloads/pdf/latest/