By Device ID Specifies conditions for when to treat a device as an attacker.

For
automatic
thresholds, one threshold is used for all device IDs.
By Geolocation Specifies when to treat a particular country as an attacker. If
using automatic
thresholds, the system calculates thresholds for the top 20 geolocations,
setting different thresholds for every hour of the day. Thus, thresholds
calculated at 9:00AM are based on data from 8:00-9:00AM, and are used at
8:00AM next day.
By URL Specifies when the system treats a URL as under attack. For automatic
thresholds, one threshold is used for all URLs. (Heavy URLs are not
included in the calculations.)
Site Wide Specifies conditions for how to determine when the entire web site is
under
attack. For automatic thresholds, one threshold value is used for the entire
site.
At least one mitigation method must be selected before you can edit the detection
settings. If the
specified thresholds in the settings are reached, the system limits the number of
requests per second to
the history interval and uses the selected mitigation methods described here.
Option Description
Client Side Integrity
Defense
Sends a JavaScript challenge to determine whether the client is a legal
browser or an illegal script. Only used when the Operation Mode is set