Follow

Traffic Analysis for Shape Defense

Description

In this article, we have provided some tips to analyze your traffic. 

 

Environment

  • Silverline Shape Defense 

 

Procedure

After going live with Shape Defense, confirm that Shape Defense is working as expected. Validate Shape Defense
Although this documentation provides some guidance, this is a creative process. Please explore your traffic reports and examine anything unexpected. Resolve all issues before you move to blocking mode.

Here we are providing some steps which can help you get started,

  1. Is any traffic marked as non-human?
  2. If yes, what is the automation Type of the non-human traffic? Automation Types
  3. Does the traffic marked as malicious have a diurnal pattern? Patterns like increases during the day and drops at night? This might be indication of human traffic.
  4. Look at the distribution of IPs and the countries they are from. Does this distribution look like its coming in from your user base?
  5. Look at the User-Agent field. Is there any suspicious User-Agents present? You can also identify wanted automation (Test Tools, SEO bots etc.) through this technique.

 

Please contact the SOC in case of any questions.

 

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request