Upload File

barracuda web application_firewall_wp_advantage

2
The Barracuda Web Application Firewall Advantage Barracuda Web Application Firewall technology secures and accelerates the Web infrastructure of many Fortune 500 companies. Barracuda Networks offers the largest range of Web application security products that suit the needs of global enterprises as well as small and medium sized business. With Web security expertise gained over more than eight years, Barracuda Networks offers the most comprehensive layer seven security solution against emerging threats including SQL injection, cross site scripting, and form tampering for legacy as well as Web 2.0 applications. Value Proposition Comprehensive protection Extensive input validation Data theft protection Integrated XML Firewall Built in authentication and authorization module Enhanced application delivery Load balancing Caching Compression Rate control and connection pooling Feature insights Comprehensive protection To provide comprehensive security for the Web infrastructure, Barracuda Web Application Firewalls provide an extensive set of capabilities. Basic Web Application Firewall capabilities Injection attacks: The Barracuda Web Application Firewall inspects each URL and forms parameters to ensure that the submitted data does not contain SQL injection, cross site scripting, or OS command injection attacks. Custom response: Administrators can configure the Barracuda Web Application Firewall response in the case of a security violation. In addition to sending out a response page, the Barracuda Web Application Firewall can also be configured to either terminate the connection or to redirect the client to another Web page. As a follow up, the erring client can also be blocked from accessing the Web application for a preset time interval. Reverse Proxy based capabilities Server cloaking: During the initial phase of an attack, hackers gather information about the type of server or database that a Web site is using. This helps them customize the attack. The cloaking capability of the Barracuda Web Application Firewall blocks information such as server banners and server errors, thereby denying the hacker this extremely useful information. Tampering protection: Encrypting or digitally signing application cookies protects them from client side modification. Form parameters marked as ‘read-only’ or ‘hidden’ can also be protected from being modified by the client, thus protecting against form tampering attacks. Advanced capabilities Replay protection: Connecting the cookie to the client submitting the cookie is one of the ways to prevent replay attacks. This attack is utilized by hackers to gain access to resources bypassing authentication mechanisms. Data theft protection: For applications that have sensitive data like credit card information or Social Security numbers, the Barracuda Web Application Firewall can be configured to inspect outgoing data and mask sensitive information or block the entire response. Brute force protection: Guessing passwords to gain access is a very old hacking technique, yet many applications do not provide security against this type of attack. The Barracuda Web Application Firewall counts accesses to restricted resources and block out clients if the server does not accept the supplied credentials. Anti-virus for file uploads: Many Web applications allow their clients to upload files for submitting their financial statements or job applications. The Barracuda Web Application Firewall scans these files for embedded virus or malware thus ensuring that clients’ computers do not get infected. Authentication and authorization: Access to Web applications can be controlled via the AAA module of the Barracuda Web Application Firewall. This module provides integration with LDAP and RADIUS databases and also provides support for client side certificates for two factor authentication. XML Security: Emerging Web 2.0 applications rely heavily on XML format for data transfer. XML is also used to transfer data between businesses via Web services. The Barracuda Web Application Firewall provides an integrated XML firewall to secure Web services and XML traffic to client applications by enforcing XML schema and WSDL. Additionally it provides basic XML protection such as recursive entity reference and large XML data. Security for FTP servers: The Barracuda Web Application Firewall also provides protection for FTP servers. It proxies the FTP traffic and can be configured to allow or deny access to various FTP operations such as restricting access to allow only downloads from an FTP server. 1 Easy management Multiple deployment options Active / passive security modes Integrated reporting Regular updates from Barracuda Central Affordability Single appliance with fully integrated functionality No per server costs

Upload: inspirit-brasil

Post on 29-Nov-2014

955 views

Category:

Technology


0 download

Report

DESCRIPTION

 

TRANSCRIPT

Page 1: Barracuda web application_firewall_wp_advantage

The Barracuda Web Application Firewall Advantage

Barracuda Web Application Firewall technology secures and accelerates the Web infrastructure of many Fortune 500 companies. Barracuda Networks offers the largest range of Web application security products that suit the needs of global enterprises as well as small and medium sized business. With Web security expertise gained over more than eight years, Barracuda Networks offers the most comprehensive layer seven security solution against emerging threats including SQL injection, cross site scripting, and form tampering for legacy as well as Web 2.0 applications.

Value Proposition

Comprehensive protection

Extensive input validation•Data theft protection•Integrated XML Firewall•Built in authentication and authorization module•

Enhanced application delivery

Load balancing•Caching•Compression•Rate control and connection pooling•

Feature insights

Comprehensive protection

To provide comprehensive security for the Web infrastructure, Barracuda Web Application Firewalls provide an extensive set of capabilities.

Basic Web Application Firewall capabilities

Injection attacks:• The Barracuda Web Application Firewall inspects each URL and forms parameters to ensure that the submitted data does not contain SQL injection, cross site scripting, or OS command injection attacks.

Custom response:• Administrators can configure the Barracuda Web Application Firewall response in the case of a security violation. In addition to sending out a response page, the Barracuda Web Application Firewall can also be configured to either terminate the connection or to redirect the client to another Web page. As a follow up, the erring client can also be blocked from accessing the Web application for a preset time interval.

Reverse Proxy based capabilities

Server cloaking:• During the initial phase of an attack, hackers gather information about the type of server or database that a Web site is using. This helps them customize the attack. The cloaking capability of the Barracuda Web Application Firewall blocks information such as server banners and server errors, thereby denying the hacker this extremely useful information.

Tampering protection:• Encrypting or digitally signing application cookies protects them from client side modification. Form parameters marked as ‘read-only’ or ‘hidden’ can also be protected from being modified by the client, thus protecting against form tampering attacks.

Advanced capabilities

Replay protection:• Connecting the cookie to the client submitting the cookie is one of the ways to prevent replay attacks. This attack is utilized by hackers to gain access to resources bypassing authentication mechanisms.

Data theft protection:• For applications that have sensitive data like credit card information or Social Security numbers, the Barracuda Web Application Firewall can be configured to inspect outgoing data and mask sensitive information or block the entire response.

Brute force protection:• Guessing passwords to gain access is a very old hacking technique, yet many applications do not provide security against this type of attack. The Barracuda Web Application Firewall counts accesses to restricted resources and block out clients if the server does not accept the supplied credentials.

Anti-virus for file uploads:• Many Web applications allow their clients to upload files for submitting their financial statements or job applications. The Barracuda Web Application Firewall scans these files for embedded virus or malware thus ensuring that clients’ computers do not get infected.

Authentication and authorization:• Access to Web applications can be controlled via the AAA module of the Barracuda Web Application Firewall. This module provides integration with LDAP and RADIUS databases and also provides support for client side certificates for two factor authentication.

XML Security:• Emerging Web 2.0 applications rely heavily on XML format for data transfer. XML is also used to transfer data between businesses via Web services. The Barracuda Web Application Firewall provides an integrated XML firewall to secure Web services and XML traffic to client applications by enforcing XML schema and WSDL. Additionally it provides basic XML protection such as recursive entity reference and large XML data.

Security for FTP servers:• The Barracuda Web Application Firewall also provides protection for FTP servers. It proxies the FTP traffic and can be configured to allow or deny access to various FTP operations such as restricting access to allow only downloads from an FTP server.

1

Easy management

Multiple deployment options•Active / passive security modes•Integrated reporting•Regular updates from Barracuda Central•

Affordability

Single appliance with fully integrated functionality•No per server costs•

Page 2: Barracuda web application_firewall_wp_advantage

Enhanced Application Delivery

The Barracuda Web Application Firewall not only offers security for the Web infrastructure, but it provides a complete application delivery platform. The following capabilities of the Barracuda Web Application Firewall ensure availability and scalability of the Web applications.

Load balancer:• The Barracuda Web Application Firewall has a built-in load balancer that can distribute incoming traffic to multiple servers, providing high availability, scalability, and performance for Web Applications.

SSL offloading:• Web servers hosting HTTPS Web sites utilize a significant amount of processing power in handling SSL encryption / decryption, and not for actually serving Web pages or processing Web forms. The Barracuda Web Application Firewall provides SSL offloading capabilities, which frees up the processing power of the servers, making them more efficient.

Rate control:• Rate of access to Web applications from different networks can be prioritized via the rate control capability of the Barracuda Web Application Firewall.

Application acceleration:• With integrated file caching, traffic compression, and connection pooling, the Barracuda Web Application Firewall provides a complete set of capabilities required to deliver the Web applications faster.

High availability:• Business-critical Web applications need to be online 24x7. As such, organizations cannot rely on deploying these applications on just one server. The Barracuda Web Application Firewall with integrated load balancer capabilities provides for high availability on the Web servers. In addition, the Barracuda Web Application Firewall can be configured in an active / passive cluster.

Ease of management

One Web application differs from another. To reduce the effort required to secure individual applications the Barracuda Web Application Firewall starts from a base security policy which can be easily tuned to suit the security requirements of an individual application.

Active / passive security:• Security rules can be configured in either active or passive mode. An active rule blocks the violating traffic and logs the incident in the Web firewall logs. In the case of a passive rule, the violating request is simply logged. During initial deployment, all rules are first configured as passive rules and after fine tuning the administrator makes them active.

Exception profiling:• The Barracuda Web Application Firewall allows heuristics-based tuning of the existing firewall rules. Based on violations, the Barracuda Web Application Firewall provides the administrator with a proposed recommendation on tuning the configuration.

Adaptive profiling:• The Barracuda Web Application Firewall can analyze the incoming traffic and build a profile of a particular Web application. The profile consists of all accessed URLs and allowed form parameters. This profile can then used to enforce strict security rules for the Web application.

Conversion of HTTP application to HTTPS application:• A HTTP based Web application can be converted into an HTTPS application without having to rewrite any code on the back end application with the Instant SSL capability of the Barracuda Web Application Firewall.

Delegated administration:• Administrative tasks and responsibilities for securing the different Web applications can be delegated amongst multiple administrators.

Reporting:• The Barracuda Web Application Firewall provides reports on attacks, Web traffic, administrative audits, and configuration.

Alerts:• Notifications of system alerts are sent out via SNMP traps or email. This allows administrators to be well informed about the security status of their applications.

Barracuda Central updates:• The Barracuda Networks’ security analysis team keeps abreast with all emerging threats and updates are made available to the Barracuda Web Application Firewalls.

Affordability

Models:• The Barracuda Web Application Firewalls are available in five models handling traffic from 10 Mbps to 1 Gbps and are suited for small to large deployments.

No per server fees:• Each model can secure multiple applications and is available at a competitive price point. Based on the throughput requirements, organizations can choose the model and secure varying number of servers.

For questions about the Barracuda Web Application Firewall, please visit http://www.barracuda.com/waf or call Barracuda Networks for a free 30-day evaluation at 1-888-ANTI-SPAM or +1 408-342-5400. For more information on our other security and productivity solutions, please visit http://www.barracuda.com/products.

Barracuda Networks The Barracuda Web Application Firewall Advantage

About Barracuda Networks Inc.Barracuda Networks Inc. combines premise-based gateways and software, cloud services, and sophisticated remote support to deliver comprehensive security, networking and storage solutions. The company’s expansive product portfolio includes offerings for protection against email, Web and IM threats as well as products that improve application delivery and network access, message archiving, backup and data protection.

Coca-Cola, FedEx, Harvard University, IBM, L’Oreal, and Europcar are among the more than 100,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to-deploy and manage solutions. Barracuda Networks is privately held with its International headquarters in Campbell, Calif. For more information, please visit www.barracudanetworks.com.

Barracuda Networks3175 S. Winchester Boulevard

Campbell, CA 95008United States

+1 [email protected] 2


Barracuda Intronis Backup - MSP · About Barracuda MSP As the MSP-dedicated business unit of Barracuda Networks, Barracuda MSP enables IT managed service providers to offer multi-layered

Barracuda® SATA Product Manual - 100686584static.highspeedbackbone.net/pdf/Seagate Barracuda Serial ATA Hard... · For information regarding data recovery ... Barracuda SATA Product

Load Balancing Barracuda Web Filterpdfs.loadbalancer.org/Web_Proxy_Deployment_Guide_Barracuda.pdf · Barracuda Web Filter Appliances Supported ... The IP address, subnet mask, default

Barracuda Faq

Web Application Protection Against Hackers and Security Vulnerabilities Barracuda Web Application Firewall

BARRACUDA YACHT DESIGN 76... · [email protected] BARRACUDA YACHT DESIGN C/ Alfonso Gómez, 9. 28037 Madrid. Spain. Tel +34·91·4400450 Fax: +34·91·4400454 YACHT DESIGNERS

Barracuda Web Filter Overview

Barracuda Web App Firewall DS US

Barracuda - 20k psi - Jetstream ® - 20k psi Powerful Hand-held Rotary Nozzles 20k psi models The Barracuda ... replaceable nozzle tips. Barracuda

Seagate Barracuda

Barracuda Xmas

1Barracuda Networks Confidential1 Web Application Protection Against Hackers and Vulnerabilities Barracuda Web Application Controllers

Barracuda Email Security Service. Barracuda Networks Introduction to Barracuda Email Security Service 2 Easy to Deploy Cloud-based email security Nothing

1. Barracuda Email Security Service - Overvie · 2014. 10. 31. · Barracuda Email Security Service - Overview Searching Barracuda Email Security Service The Barracuda Email Security

Barracuda Web Security Gateway Technology · 2019-07-31 · Barracuda Web Security Gateway Technology The Barracuda Web Security Gateway combines preventative, reactive, and proactive

Barracuda Web Filter 製品のご紹介

1. Barracuda Cloud Control - Overview · Barracuda Cloud Control - Overview Searching Barracuda Cloud Control Barracuda Cloud Control is a comprehensive cloud-based service that enables

Barracuda Load Balancer ADC - Softprom · Barracuda NG Firewall Barracuda Email Security Barracuda Web Security Barracuda Firewall Barracuda Web Application Firewall Barracuda Load

Barracuda Web Filter Introduction. Barracuda Networks Introduction to the Barracuda Web Filter 2 Gateway Web Security Integrated hardware/software appliance

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup

JP14001-Barracuda Networks, Inc. Detailed Product Offering … · 2019. 7. 31. · Part Number 5.2.6.7 Barracuda Web Security Gateway Product Line (on-premise and cloud options) Current

Barracuda Web Filter Overview. Introduction to the Barracuda Web Filter Integrated content filtering and Web security –Regulate leisure browsing Adult,

BARRACUDA WEB APPLICATION FIREWALL - Homeyen › download › datasheet › barracuda › ... · 2012-10-22 · The Barracuda Web Application Firewall provides award-winning protection

Barracuda 7200.11

BARRACUDA WEB APPLICATION FIREWALL - CDW

Barracuda Web Filter Introduction

Barracuda 7200.7 Plus Barracuda 7200.7

Broadneck High School Walker Addresses€¦ · Broadneck High School Walker Addresses 952 BARRACUDA COVE CT 952 BARRACUDA COVE CT 21409 ANNAPOLIS 953 BARRACUDA COVE CT 953 BARRACUDA

Barracuda Web Filter Demo Guide Version 3.3 GETTING STARTED What

Heart - Barracuda

Barracuda Web Security Gateway · 2019-07-31 · The Barracuda Web Security Gateway’s intuitive management interface delivers detailed, real-time visibility into network activity

How to Integrate CA SiteMinder with the Barracuda Web

Barracuda Web Filter

Barracuda Embedded Web-Server whitepapers

Barracuda Message Archiver PST Collector Guide 3static.highspeedbackbone.net/pdf/Barracuda Message Archiver PST... · Barracuda PST Collector Guide Copyright 2004-2012, Barracuda