Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home FortiAppSec Cloud User Guide

    Pre-Provisioning Application resources

    Pre-Provisioning Application resources

    Once a ABP Application is created, the Pre-Provisioning process begins, prompting the Professional Engagement Team (PET) to analyze your application details, identify URLs for protection, and insert the required JavaScript for Advanced Bot Protection. While no action is needed from your end, if you wish to modify or add entries, please submit a request with Fortinet Support.

    There is no need to wait until the pre-provisioning process is complete to continue onboarding ABP. After you have created the ABP Application, you can begin configuring the ABP integration in the Fortinet Fabric device (such as FortiADC and FortiWeb). However, the Advanced Bot Protection functionality will not activate until your ABP Application is fully analyzed and Pre-Provisioned. For information on the next steps, see Integrating Advanced Bot Protection into the Fortinet Security Fabric.

    The three stages of pre-provisioning are the following:

    For information on pre-provisioning configurations, including features on the Configurations > Pre-Provisioning page in the web portal GUI, please refer to Pre-Provisioning.

    You can find the pre-provisioning status of all of your applications on ABP > Application under Status and Advanced Settings.

    For more detail on the Pre-provisioning status of a specific application, access its ABP Traffic Insights Dashboard by clicking on its Application Name, or by clicking on it's Status and selecting View Dashboard.

    Professional Engagement

    The Professional Engagement Team (PET) at Fortinet simplifies and improves the onboarding process for Advanced Bot Protection SaaS. By performing site surveys and pre-provisioning tasks, the PET ensures seamless integration and top performance. They also develop strategies to combat bot attacks and prepare the required JavaScript to gather client information.

    The following section provides an overview of the tasks performed by the PET.

    Professional Engagement process overview:

    1. Customer Onboarding and Alert System

      • When a customer adds their website domain to the Advanced Bot Protection web UI, the PET is immediately alerted and begins the onboarding process.

    2. Website Information Gathering

      • Site Survey: PET conducts an initial site survey to understand the structure and functionality of the customer's website.

      • Information Collection: The team collects detailed information about the website, including key pages, traffic patterns, and existing performance metrics.

    3. JavaScript Generation for Client-Side Data Collection

      • Custom JavaScript Creation: Based on the collected information, the PET generates customized JavaScript code tailored to the customer's website.
      • Specific Pages Targeting: The JavaScript is designed to collect data from specific pages crucial for bot protection.

    4. Performance Testing of JavaScript

      • Integration Testing: PET integrates the JavaScript into a test environment to ensure it functions correctly.
      • Performance Evaluation: The team conducts thorough performance tests to ensure the JavaScript does not negatively impact the website's performance.
      • Optimization: If any performance issues are detected, the PET optimizes the JavaScript code to resolve them.

    5. Information Storage and Accessibility

      • Data Storage: All collected data and performance test results are securely stored in a centralized system.

      • Easy Access: The stored information is organized for easy access and use by the PET and the customer for ongoing monitoring and adjustments.

    6. Save Information

      • Once the pre-provisioning steps are complete, the PET ensures that all data and configurations are accurately set up for Advanced Bot Protection.
      • The bot protection system then uses this data to train and set appropriate rules tailored to the customer's website.

    The PET is striving to enhance efficiency by developing automated features.

    Data Collection and Training

    After the professional engagement phase, we enter a period dedicated to thorough customer data collection and analysis. This data collection is essential for training our machine learning models, which helps to distinguish between legitimate user activity and malicious bot traffic accurately. During this time, we also establish initial security rules and models explicitly tailored to the customer's website. This process ensures that the bot protection system is finely tuned to effectively identify and mitigate potential threats, providing robust security from the start.

    The duration of this phase depends on the website's complexity and the volume of traffic data, typically ranging from 2 to 4 weeks. You can find the completion date displayed on your dashboard.

    Rules Deployment

    In this stage, we implement effective measures derived from the information and strategies gathered in earlier stages, and make final adjustments before deploying them on your website.

    The duration of this phase typically ranges from 3 days to 1 week, depending on the website's complexity and volume of traffic data. You can find the completion date displayed on your dashboard.

    Previous
    Next

    Pre-Provisioning Application resources

    Pre-Provisioning Application resources

    Once a ABP Application is created, the Pre-Provisioning process begins, prompting the Professional Engagement Team (PET) to analyze your application details, identify URLs for protection, and insert the required JavaScript for Advanced Bot Protection. While no action is needed from your end, if you wish to modify or add entries, please submit a request with Fortinet Support.

    There is no need to wait until the pre-provisioning process is complete to continue onboarding ABP. After you have created the ABP Application, you can begin configuring the ABP integration in the Fortinet Fabric device (such as FortiADC and FortiWeb). However, the Advanced Bot Protection functionality will not activate until your ABP Application is fully analyzed and Pre-Provisioned. For information on the next steps, see Integrating Advanced Bot Protection into the Fortinet Security Fabric.

    The three stages of pre-provisioning are the following:

    For information on pre-provisioning configurations, including features on the Configurations > Pre-Provisioning page in the web portal GUI, please refer to Pre-Provisioning.

    You can find the pre-provisioning status of all of your applications on ABP > Application under Status and Advanced Settings.

    For more detail on the Pre-provisioning status of a specific application, access its ABP Traffic Insights Dashboard by clicking on its Application Name, or by clicking on it's Status and selecting View Dashboard.

    Professional Engagement

    The Professional Engagement Team (PET) at Fortinet simplifies and improves the onboarding process for Advanced Bot Protection SaaS. By performing site surveys and pre-provisioning tasks, the PET ensures seamless integration and top performance. They also develop strategies to combat bot attacks and prepare the required JavaScript to gather client information.

    The following section provides an overview of the tasks performed by the PET.

    Professional Engagement process overview:

    1. Customer Onboarding and Alert System

      • When a customer adds their website domain to the Advanced Bot Protection web UI, the PET is immediately alerted and begins the onboarding process.

    2. Website Information Gathering

      • Site Survey: PET conducts an initial site survey to understand the structure and functionality of the customer's website.

      • Information Collection: The team collects detailed information about the website, including key pages, traffic patterns, and existing performance metrics.

    3. JavaScript Generation for Client-Side Data Collection

      • Custom JavaScript Creation: Based on the collected information, the PET generates customized JavaScript code tailored to the customer's website.
      • Specific Pages Targeting: The JavaScript is designed to collect data from specific pages crucial for bot protection.

    4. Performance Testing of JavaScript

      • Integration Testing: PET integrates the JavaScript into a test environment to ensure it functions correctly.
      • Performance Evaluation: The team conducts thorough performance tests to ensure the JavaScript does not negatively impact the website's performance.
      • Optimization: If any performance issues are detected, the PET optimizes the JavaScript code to resolve them.

    5. Information Storage and Accessibility

      • Data Storage: All collected data and performance test results are securely stored in a centralized system.

      • Easy Access: The stored information is organized for easy access and use by the PET and the customer for ongoing monitoring and adjustments.

    6. Save Information

      • Once the pre-provisioning steps are complete, the PET ensures that all data and configurations are accurately set up for Advanced Bot Protection.
      • The bot protection system then uses this data to train and set appropriate rules tailored to the customer's website.

    The PET is striving to enhance efficiency by developing automated features.

    Data Collection and Training

    After the professional engagement phase, we enter a period dedicated to thorough customer data collection and analysis. This data collection is essential for training our machine learning models, which helps to distinguish between legitimate user activity and malicious bot traffic accurately. During this time, we also establish initial security rules and models explicitly tailored to the customer's website. This process ensures that the bot protection system is finely tuned to effectively identify and mitigate potential threats, providing robust security from the start.

    The duration of this phase depends on the website's complexity and the volume of traffic data, typically ranging from 2 to 4 weeks. You can find the completion date displayed on your dashboard.

    Rules Deployment

    In this stage, we implement effective measures derived from the information and strategies gathered in earlier stages, and make final adjustments before deploying them on your website.

    The duration of this phase typically ranges from 3 days to 1 week, depending on the website's complexity and volume of traffic data. You can find the completion date displayed on your dashboard.

    Previous
    Next