We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Client Profile

  • Last updated on

Prerequisite

This feature is enabled only if you have subscribed to the Advanced Bot Protection service.

Overview

When Advanced Bot Protection is enabled, all incoming clients are automatically assigned a unique identifier using various parameters. These parameters include IP address and passive and active fingerprints. This unique identifier is used to track all actions by the client, build a profile of their activities, and calculate their riskiness (Risk Score). Risk Scores are calculated based on the previous behavior/history of the client. Various actions are configured in the specific Action Policy tab whenever the client crosses this threshold value.

The Barracuda Web Application Firewall cloud-based advanced analysis layer (available with the Advanced Bot Protection subscription) keeps track of all the client profiles submitted to it and builds a risk score for each client. This risk score is then used to perform the actions noted above.

For any Barracuda Web Application Firewall service, the client profile can be enabled only when Enable Client Profile Validation is set to Yes. This means that the request must be validated against the configured client’s fingerprint of that service. The details of each client’s risk score are recorded as logs and are available in the BASIC > Access Logs page.

Configure the Risk Score Levels for the Client

  1. Navigate to SECURITY POLICIES > Client Profile.
  2. For Enable Client Profile Validation, set to Yes to enable client risk score validation on client fingerprints.
    Recommended: Yes
  3. In the Client Risk Score Thresholds section, do the following:
    1. Suspicious Clients - Configure the risk score levels for suspicious clients.
      Range: 1 to 100
      Recommended: 60
    2. Bad Clients - Configure the risk score levels for bad clients.
      Range: 1 to 100
      Recommended: 80
  4. In the Exempted Clients section, do the following:
    1. Exempted Fingerprints - Click Add to add client fingerprints for exempted clients.
Last updated on