SlideShare ist ein Scribd-Unternehmen logo

Barracuda web application_firewall_wp_advantage

INSPIRIT BRASIL
INSPIRIT BRASIL
Technologie
1 von 2
Downloaden Sie, um offline zu lesen
The Barracuda Web Application Firewall Advantage Barracuda Web Application Firewall technology secures and accelerates the Web infrastructure of many Fortune 500 companies. Barracuda Networks offers the largest range of Web application security products that suit the needs of global enterprises as well as small and medium sized business. With Web security expertise gained over more than eight years, Barracuda Networks offers the most comprehensive layer seven security solution against emerging threats including SQL injection, cross site scripting, and form tampering for legacy as well as Web 2.0 applications. Value Proposition Comprehensive protection Easy management • Extensive input validation • Multiple deployment options • Data theft protection • Active / passive security modes • Integrated XML Firewall • Integrated reporting • Built in authentication and authorization module • Regular updates from Barracuda Central Enhanced application delivery Affordability • Load balancing • Single appliance with fully integrated functionality • Caching • No per server costs • Compression • Rate control and connection pooling Feature insights Comprehensive protection To provide comprehensive security for the Web infrastructure, Barracuda Web Application Firewalls provide an extensive set of capabilities. Basic Web Application Firewall capabilities • Injection attacks: The Barracuda Web Application Firewall inspects each URL and forms parameters to ensure that the submitted data does not contain SQL injection, cross site scripting, or OS command injection attacks. • Custom response: Administrators can configure the Barracuda Web Application Firewall response in the case of a security violation. In addition to sending out a response page, the Barracuda Web Application Firewall can also be configured to either terminate the connection or to redirect the client to another Web page. As a follow up, the erring client can also be blocked from accessing the Web application for a preset time interval. Reverse Proxy based capabilities • Server cloaking: During the initial phase of an attack, hackers gather information about the type of server or database that a Web site is using. This helps them customize the attack. The cloaking capability of the Barracuda Web Application Firewall blocks information such as server banners and server errors, thereby denying the hacker this extremely useful information. • Tampering protection: Encrypting or digitally signing application cookies protects them from client side modification. Form parameters marked as ‘read-only’ or ‘hidden’ can also be protected from being modified by the client, thus protecting against form tampering attacks. Advanced capabilities • Replay protection: Connecting the cookie to the client submitting the cookie is one of the ways to prevent replay attacks. This attack is utilized by hackers to gain access to resources bypassing authentication mechanisms. • Data theft protection: For applications that have sensitive data like credit card information or Social Security numbers, the Barracuda Web Application Firewall can be configured to inspect outgoing data and mask sensitive information or block the entire response. • Brute force protection: Guessing passwords to gain access is a very old hacking technique, yet many applications do not provide security against this type of attack. The Barracuda Web Application Firewall counts accesses to restricted resources and block out clients if the server does not accept the supplied credentials. • Anti-virus for file uploads: Many Web applications allow their clients to upload files for submitting their financial statements or job applications. The Barracuda Web Application Firewall scans these files for embedded virus or malware thus ensuring that clients’ computers do not get infected. • Authentication and authorization: Access to Web applications can be controlled via the AAA module of the Barracuda Web Application Firewall. This module provides integration with LDAP and RADIUS databases and also provides support for client side certificates for two factor authentication. • XML Security: Emerging Web 2.0 applications rely heavily on XML format for data transfer. XML is also used to transfer data between businesses via Web services. The Barracuda Web Application Firewall provides an integrated XML firewall to secure Web services and XML traffic to client applications by enforcing XML schema and WSDL. Additionally it provides basic XML protection such as recursive entity reference and large XML data. • Security for FTP servers: The Barracuda Web Application Firewall also provides protection for FTP servers. It proxies the FTP traffic and can be configured to allow or deny access to various FTP operations such as restricting access to allow only downloads from an FTP server. 1
Barracuda Networks The Barracuda Web Application Firewall Advantage Enhanced Application Delivery The Barracuda Web Application Firewall not only offers security for the Web infrastructure, but it provides a complete application delivery platform. The following capabilities of the Barracuda Web Application Firewall ensure availability and scalability of the Web applications. • Load balancer: The Barracuda Web Application Firewall has a built-in load balancer that can distribute incoming traffic to multiple servers, providing high availability, scalability, and performance for Web Applications. • SSL offloading: Web servers hosting HTTPS Web sites utilize a significant amount of processing power in handling SSL encryption / decryption, and not for actually serving Web pages or processing Web forms. The Barracuda Web Application Firewall provides SSL offloading capabilities, which frees up the processing power of the servers, making them more efficient. • Rate control: Rate of access to Web applications from different networks can be prioritized via the rate control capability of the Barracuda Web Application Firewall. • Application acceleration: With integrated file caching, traffic compression, and connection pooling, the Barracuda Web Application Firewall provides a complete set of capabilities required to deliver the Web applications faster. • High availability: Business-critical Web applications need to be online 24x7. As such, organizations cannot rely on deploying these applications on just one server. The Barracuda Web Application Firewall with integrated load balancer capabilities provides for high availability on the Web servers. In addition, the Barracuda Web Application Firewall can be configured in an active / passive cluster. Ease of management One Web application differs from another. To reduce the effort required to secure individual applications the Barracuda Web Application Firewall starts from a base security policy which can be easily tuned to suit the security requirements of an individual application. • Active / passive security: Security rules can be configured in either active or passive mode. An active rule blocks the violating traffic and logs the incident in the Web firewall logs. In the case of a passive rule, the violating request is simply logged. During initial deployment, all rules are first configured as passive rules and after fine tuning the administrator makes them active. • Exception profiling: The Barracuda Web Application Firewall allows heuristics-based tuning of the existing firewall rules. Based on violations, the Barracuda Web Application Firewall provides the administrator with a proposed recommendation on tuning the configuration. • Adaptive profiling: The Barracuda Web Application Firewall can analyze the incoming traffic and build a profile of a particular Web application. The profile consists of all accessed URLs and allowed form parameters. This profile can then used to enforce strict security rules for the Web application. • Conversion of HTTP application to HTTPS application: A HTTP based Web application can be converted into an HTTPS application without having to rewrite any code on the back end application with the Instant SSL capability of the Barracuda Web Application Firewall. • Delegated administration: Administrative tasks and responsibilities for securing the different Web applications can be delegated amongst multiple administrators. • Reporting: The Barracuda Web Application Firewall provides reports on attacks, Web traffic, administrative audits, and configuration. • Alerts: Notifications of system alerts are sent out via SNMP traps or email. This allows administrators to be well informed about the security status of their applications. • Barracuda Central updates: The Barracuda Networks’ security analysis team keeps abreast with all emerging threats and updates are made available to the Barracuda Web Application Firewalls. Affordability • Models: The Barracuda Web Application Firewalls are available in five models handling traffic from 10 Mbps to 1 Gbps and are suited for small to large deployments. • No per server fees: Each model can secure multiple applications and is available at a competitive price point. Based on the throughput requirements, organizations can choose the model and secure varying number of servers. For questions about the Barracuda Web Application Firewall, please visit http://www.barracuda.com/waf or call Barracuda Networks for a free 30-day evaluation at 1-888-ANTI-SPAM or +1 408-342-5400. For more information on our other security and productivity solutions, please visit http://www.barracuda.com/products. About Barracuda Networks Inc. Barracuda Networks Inc. combines premise-based gateways and software, cloud services, and sophisticated remote support to deliver comprehensive security, networking and storage solutions. The company’s expansive product portfolio includes offerings for protection against email, Web and IM threats as well as products that improve application delivery and network access, message archiving, Barracuda Networks backup and data protection. 3175 S. Winchester Boulevard Campbell, CA 95008 Coca-Cola, FedEx, Harvard University, IBM, L’Oreal, and Europcar are among the more than 100,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to- United States deploy and manage solutions. Barracuda Networks is privately held with its International headquarters +1 408.342.5400 in Campbell, Calif. For more information, please visit www.barracudanetworks.com. www.barracuda.com info@barracuda.com 2

Empfohlen

Data power v7 update - Ravi Katikala
Data power v7 update - Ravi KatikalaData power v7 update - Ravi Katikala
Data power v7 update - Ravi Katikala
floridawusergroup
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
Jagadish Vemugunta
 
Web Access Firewall
Web Access FirewallWeb Access Firewall
Web Access Firewall
BalaBhaskaraRao CEH,CCNA Security,CHFI,Qualys Specialist
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to Datapower
Shilpin Pvt. Ltd.
 
Web Api services using IBM Datapower
Web Api services using IBM DatapowerWeb Api services using IBM Datapower
Web Api services using IBM Datapower
Sigortam.net
 
Bc product overview_v2c
Bc product overview_v2cBc product overview_v2c
Bc product overview_v2c
Saurav Aich
 
Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012
gaborvodics
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld
 

Empfohlen

Data power v7 update - Ravi Katikala
Data power v7 update - Ravi KatikalaData power v7 update - Ravi Katikala
Data power v7 update - Ravi Katikala
floridawusergroup
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
Jagadish Vemugunta
 
Web Access Firewall
Web Access FirewallWeb Access Firewall
Web Access Firewall
BalaBhaskaraRao CEH,CCNA Security,CHFI,Qualys Specialist
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to Datapower
Shilpin Pvt. Ltd.
 
Web Api services using IBM Datapower
Web Api services using IBM DatapowerWeb Api services using IBM Datapower
Web Api services using IBM Datapower
Sigortam.net
 
Bc product overview_v2c
Bc product overview_v2cBc product overview_v2c
Bc product overview_v2c
Saurav Aich
 
Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012
gaborvodics
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld
 
Vfm packetshaper presentation
Vfm packetshaper presentationVfm packetshaper presentation
Vfm packetshaper presentation
vfmindia
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide
Array Networks
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Amazon Web Services
 
move-anti-virus
move-anti-virusmove-anti-virus
move-anti-virus
Aakash Chaturvedi
 
IBM Datapower Gateways - Devops with UrbanCode Deploy
IBM Datapower Gateways - Devops with UrbanCode DeployIBM Datapower Gateways - Devops with UrbanCode Deploy
IBM Datapower Gateways - Devops with UrbanCode Deploy
Jared Putman
 
IBM Application Acceleration Data Sheet
IBM Application Acceleration Data SheetIBM Application Acceleration Data Sheet
IBM Application Acceleration Data Sheet
cathylums
 
CENTRALIZED MANAGEMENT APPLIANCES
CENTRALIZED MANAGEMENT APPLIANCESCENTRALIZED MANAGEMENT APPLIANCES
CENTRALIZED MANAGEMENT APPLIANCES
Array Networks
 
DATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
DATA STORAGE REPLICATION aCelera and WAN Series Solution BriefDATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
DATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
Array Networks
 
SECURE ACCESS GATEWAYS
SECURE ACCESS GATEWAYSSECURE ACCESS GATEWAYS
SECURE ACCESS GATEWAYS
Array Networks
 
Get more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IPGet more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IP
F5NetworksAPJ
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Jayesh Naik
 
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld
 
Why Security Teams should care about VMware
Why Security Teams should care about VMwareWhy Security Teams should care about VMware
Why Security Teams should care about VMware
JJDiGeronimo
 
Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on
CA Technologies
 
How to integration DataPower with Zos
How to integration DataPower with ZosHow to integration DataPower with Zos
How to integration DataPower with Zos
Shiu-Fun Poon
 
8-step Guide to Administering Windows without Domain Admin Privileges
8-step Guide to Administering Windows without Domain Admin Privileges8-step Guide to Administering Windows without Domain Admin Privileges
8-step Guide to Administering Windows without Domain Admin Privileges
BeyondTrust
 
VAS - VMware CMP
VAS - VMware CMPVAS - VMware CMP
VAS - VMware CMP
Mohamed El Shorbagy ☁☁☁
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionality
vivekbhat
 
DataPower Security Hardening
DataPower Security HardeningDataPower Security Hardening
DataPower Security Hardening
Shiu-Fun Poon
 
F5 Cloud Story
F5 Cloud StoryF5 Cloud Story
F5 Cloud Story
MarketingArrowECS_CZ
 
Barracuda WAF deployment in AWS
Barracuda WAF deployment in AWSBarracuda WAF deployment in AWS
Barracuda WAF deployment in AWS
Aravindan A
 
Azure F5 Solutions
Azure F5 SolutionsAzure F5 Solutions
Azure F5 Solutions
MarketingArrowECS_CZ
 

Weitere ähnliche Inhalte

Was ist angesagt?

Vfm packetshaper presentation
Vfm packetshaper presentationVfm packetshaper presentation
Vfm packetshaper presentation
vfmindia
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide
Array Networks
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Amazon Web Services
 
Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on
CA Technologies
 

Was ist angesagt? (20)

Vfm packetshaper presentation
Vfm packetshaper presentationVfm packetshaper presentation
Vfm packetshaper presentation
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
 
move-anti-virus
move-anti-virusmove-anti-virus
move-anti-virus
 
IBM Datapower Gateways - Devops with UrbanCode Deploy
IBM Datapower Gateways - Devops with UrbanCode DeployIBM Datapower Gateways - Devops with UrbanCode Deploy
IBM Datapower Gateways - Devops with UrbanCode Deploy
 
IBM Application Acceleration Data Sheet
IBM Application Acceleration Data SheetIBM Application Acceleration Data Sheet
IBM Application Acceleration Data Sheet
 
CENTRALIZED MANAGEMENT APPLIANCES
CENTRALIZED MANAGEMENT APPLIANCESCENTRALIZED MANAGEMENT APPLIANCES
CENTRALIZED MANAGEMENT APPLIANCES
 
DATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
DATA STORAGE REPLICATION aCelera and WAN Series Solution BriefDATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
DATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
 
SECURE ACCESS GATEWAYS
SECURE ACCESS GATEWAYSSECURE ACCESS GATEWAYS
SECURE ACCESS GATEWAYS
 
Get more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IPGet more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IP
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
 
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
VMworld 2013: Enhancing Workplace Mobility and BYOD with the VMware Mobile Se...
 
Why Security Teams should care about VMware
Why Security Teams should care about VMwareWhy Security Teams should care about VMware
Why Security Teams should care about VMware
 
Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on
 
How to integration DataPower with Zos
How to integration DataPower with ZosHow to integration DataPower with Zos
How to integration DataPower with Zos
 
8-step Guide to Administering Windows without Domain Admin Privileges
8-step Guide to Administering Windows without Domain Admin Privileges8-step Guide to Administering Windows without Domain Admin Privileges
8-step Guide to Administering Windows without Domain Admin Privileges
 
VAS - VMware CMP
VAS - VMware CMPVAS - VMware CMP
VAS - VMware CMP
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionality
 
DataPower Security Hardening
DataPower Security HardeningDataPower Security Hardening
DataPower Security Hardening
 
F5 Cloud Story
F5 Cloud StoryF5 Cloud Story
F5 Cloud Story
 

Ähnlich wie Barracuda web application_firewall_wp_advantage

Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Akamai Technologies
 
Barracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSBarracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWS
Amazon Web Services
 
Web filterdatasheet us
Web filterdatasheet usWeb filterdatasheet us
Web filterdatasheet us
kizado
 
Data power use cases
Data power use casesData power use cases
Data power use cases
sflynn073
 

Ähnlich wie Barracuda web application_firewall_wp_advantage (20)

Barracuda WAF deployment in AWS
Barracuda WAF deployment in AWSBarracuda WAF deployment in AWS
Barracuda WAF deployment in AWS
 
Azure F5 Solutions
Azure F5 SolutionsAzure F5 Solutions
Azure F5 Solutions
 
Descripcion Tecnica del Barracuda NG Firewall
Descripcion Tecnica del Barracuda NG FirewallDescripcion Tecnica del Barracuda NG Firewall
Descripcion Tecnica del Barracuda NG Firewall
 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)
 
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
 
VMworld 2015: Introducing Application Self service with Networking and Security
VMworld 2015: Introducing Application Self service with Networking and SecurityVMworld 2015: Introducing Application Self service with Networking and Security
VMworld 2015: Introducing Application Self service with Networking and Security
 
QualysGuard InfoDay 2013 - Web Application Firewall
QualysGuard InfoDay 2013 - Web Application FirewallQualysGuard InfoDay 2013 - Web Application Firewall
QualysGuard InfoDay 2013 - Web Application Firewall
 
Barracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSBarracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWS
 
Barracuda Web Filter Ip 20100629
Barracuda Web Filter Ip 20100629Barracuda Web Filter Ip 20100629
Barracuda Web Filter Ip 20100629
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?
 
f5_synthesis_cisco_connect.pdf
f5_synthesis_cisco_connect.pdff5_synthesis_cisco_connect.pdf
f5_synthesis_cisco_connect.pdf
 
VMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld 2015: No App is An Island
VMworld 2015: No App is An Island
 
Sba web sec_dg
Sba web sec_dgSba web sec_dg
Sba web sec_dg
 
Web filterdatasheet us
Web filterdatasheet usWeb filterdatasheet us
Web filterdatasheet us
 
Barracuda integration with aerohive
Barracuda integration with aerohiveBarracuda integration with aerohive
Barracuda integration with aerohive
 
Aerohive and Barracuda Whitepaper
Aerohive and Barracuda WhitepaperAerohive and Barracuda Whitepaper
Aerohive and Barracuda Whitepaper
 
University Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataUniversity Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical Data
 
WEB SERVERS
WEB SERVERSWEB SERVERS
WEB SERVERS
 
Data power use cases
Data power use casesData power use cases
Data power use cases
 
Protección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
Protección y acceso a tu información y aplicaciones en Azure y O365 – BarracudaProtección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
Protección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
 

Mehr von INSPIRIT BRASIL

Watchguard - How Cloud‐based Security Delivers   Up‐to‐the‐Minute Network Pro...
Watchguard - How Cloud‐based Security Delivers   Up‐to‐the‐Minute Network Pro...Watchguard - How Cloud‐based Security Delivers   Up‐to‐the‐Minute Network Pro...
Watchguard - How Cloud‐based Security Delivers   Up‐to‐the‐Minute Network Pro...
INSPIRIT BRASIL
 
New institucional INSPIRIT (ing)
New institucional INSPIRIT (ing)New institucional INSPIRIT (ing)
New institucional INSPIRIT (ing)
INSPIRIT BRASIL
 

Mehr von INSPIRIT BRASIL (20)

Netflow analyzer- Datasheet
Netflow analyzer- DatasheetNetflow analyzer- Datasheet
Netflow analyzer- Datasheet
 
INSPIRIT nova institucional
INSPIRIT nova institucionalINSPIRIT nova institucional
INSPIRIT nova institucional
 
Projeto Zoo INSPIRIT
Projeto Zoo INSPIRITProjeto Zoo INSPIRIT
Projeto Zoo INSPIRIT
 
XCS - Watchguard
XCS - WatchguardXCS - Watchguard
XCS - Watchguard
 
Watchguard - How Cloud‐based Security Delivers   Up‐to‐the‐Minute Network Pro...
Watchguard - How Cloud‐based Security Delivers   Up‐to‐the‐Minute Network Pro...Watchguard - How Cloud‐based Security Delivers   Up‐to‐the‐Minute Network Pro...
Watchguard - How Cloud‐based Security Delivers   Up‐to‐the‐Minute Network Pro...
 
Resultados da pesquisa INSPIRIT realizada no CNASI 2011
Resultados da pesquisa INSPIRIT realizada no CNASI 2011Resultados da pesquisa INSPIRIT realizada no CNASI 2011
Resultados da pesquisa INSPIRIT realizada no CNASI 2011
 
IT360 - Muito além do HelpDesk simples
IT360 - Muito além do HelpDesk simplesIT360 - Muito além do HelpDesk simples
IT360 - Muito além do HelpDesk simples
 
New-Desktop Central para IT Managers
New-Desktop Central para IT ManagersNew-Desktop Central para IT Managers
New-Desktop Central para IT Managers
 
New institucional inspirit (esp)
New institucional inspirit (esp)New institucional inspirit (esp)
New institucional inspirit (esp)
 
New institucional INSPIRIT (ing)
New institucional INSPIRIT (ing)New institucional INSPIRIT (ing)
New institucional INSPIRIT (ing)
 
M86 Security apresenta Secure Web Gateway
M86 Security apresenta Secure Web GatewayM86 Security apresenta Secure Web Gateway
M86 Security apresenta Secure Web Gateway
 
Trustwave - Segurança 360
Trustwave - Segurança 360Trustwave - Segurança 360
Trustwave - Segurança 360
 
NOVA - Apresentação Institucional INSPIRIT
NOVA - Apresentação Institucional INSPIRITNOVA - Apresentação Institucional INSPIRIT
NOVA - Apresentação Institucional INSPIRIT
 
Case Studies M86 Security - Ernst & Young (Web Security)
Case Studies M86 Security - Ernst & Young (Web Security)Case Studies M86 Security - Ernst & Young (Web Security)
Case Studies M86 Security - Ernst & Young (Web Security)
 
Overview -IT360 ManageEngine
Overview -IT360 ManageEngineOverview -IT360 ManageEngine
Overview -IT360 ManageEngine
 
Estudo Gartner - IT360 ManageEngine
Estudo Gartner - IT360 ManageEngineEstudo Gartner - IT360 ManageEngine
Estudo Gartner - IT360 ManageEngine
 
Forrester - Wave Community
Forrester - Wave CommunityForrester - Wave Community
Forrester - Wave Community
 
Coletânea de Cases - RIVERBED
Coletânea de Cases - RIVERBEDColetânea de Cases - RIVERBED
Coletânea de Cases - RIVERBED
 
INSPIRIT- Riverbed- Data protection and Disaster Recovery
INSPIRIT- Riverbed- Data protection and Disaster RecoveryINSPIRIT- Riverbed- Data protection and Disaster Recovery
INSPIRIT- Riverbed- Data protection and Disaster Recovery
 
TrustWave - Visão Geral da Solução
TrustWave - Visão Geral da SoluçãoTrustWave - Visão Geral da Solução
TrustWave - Visão Geral da Solução
 

Kürzlich hochgeladen

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Kürzlich hochgeladen (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

Barracuda web application_firewall_wp_advantage

  • 1. The Barracuda Web Application Firewall Advantage Barracuda Web Application Firewall technology secures and accelerates the Web infrastructure of many Fortune 500 companies. Barracuda Networks offers the largest range of Web application security products that suit the needs of global enterprises as well as small and medium sized business. With Web security expertise gained over more than eight years, Barracuda Networks offers the most comprehensive layer seven security solution against emerging threats including SQL injection, cross site scripting, and form tampering for legacy as well as Web 2.0 applications. Value Proposition Comprehensive protection Easy management • Extensive input validation • Multiple deployment options • Data theft protection • Active / passive security modes • Integrated XML Firewall • Integrated reporting • Built in authentication and authorization module • Regular updates from Barracuda Central Enhanced application delivery Affordability • Load balancing • Single appliance with fully integrated functionality • Caching • No per server costs • Compression • Rate control and connection pooling Feature insights Comprehensive protection To provide comprehensive security for the Web infrastructure, Barracuda Web Application Firewalls provide an extensive set of capabilities. Basic Web Application Firewall capabilities • Injection attacks: The Barracuda Web Application Firewall inspects each URL and forms parameters to ensure that the submitted data does not contain SQL injection, cross site scripting, or OS command injection attacks. • Custom response: Administrators can configure the Barracuda Web Application Firewall response in the case of a security violation. In addition to sending out a response page, the Barracuda Web Application Firewall can also be configured to either terminate the connection or to redirect the client to another Web page. As a follow up, the erring client can also be blocked from accessing the Web application for a preset time interval. Reverse Proxy based capabilities • Server cloaking: During the initial phase of an attack, hackers gather information about the type of server or database that a Web site is using. This helps them customize the attack. The cloaking capability of the Barracuda Web Application Firewall blocks information such as server banners and server errors, thereby denying the hacker this extremely useful information. • Tampering protection: Encrypting or digitally signing application cookies protects them from client side modification. Form parameters marked as ‘read-only’ or ‘hidden’ can also be protected from being modified by the client, thus protecting against form tampering attacks. Advanced capabilities • Replay protection: Connecting the cookie to the client submitting the cookie is one of the ways to prevent replay attacks. This attack is utilized by hackers to gain access to resources bypassing authentication mechanisms. • Data theft protection: For applications that have sensitive data like credit card information or Social Security numbers, the Barracuda Web Application Firewall can be configured to inspect outgoing data and mask sensitive information or block the entire response. • Brute force protection: Guessing passwords to gain access is a very old hacking technique, yet many applications do not provide security against this type of attack. The Barracuda Web Application Firewall counts accesses to restricted resources and block out clients if the server does not accept the supplied credentials. • Anti-virus for file uploads: Many Web applications allow their clients to upload files for submitting their financial statements or job applications. The Barracuda Web Application Firewall scans these files for embedded virus or malware thus ensuring that clients’ computers do not get infected. • Authentication and authorization: Access to Web applications can be controlled via the AAA module of the Barracuda Web Application Firewall. This module provides integration with LDAP and RADIUS databases and also provides support for client side certificates for two factor authentication. • XML Security: Emerging Web 2.0 applications rely heavily on XML format for data transfer. XML is also used to transfer data between businesses via Web services. The Barracuda Web Application Firewall provides an integrated XML firewall to secure Web services and XML traffic to client applications by enforcing XML schema and WSDL. Additionally it provides basic XML protection such as recursive entity reference and large XML data. • Security for FTP servers: The Barracuda Web Application Firewall also provides protection for FTP servers. It proxies the FTP traffic and can be configured to allow or deny access to various FTP operations such as restricting access to allow only downloads from an FTP server. 1
  • 2. Barracuda Networks The Barracuda Web Application Firewall Advantage Enhanced Application Delivery The Barracuda Web Application Firewall not only offers security for the Web infrastructure, but it provides a complete application delivery platform. The following capabilities of the Barracuda Web Application Firewall ensure availability and scalability of the Web applications. • Load balancer: The Barracuda Web Application Firewall has a built-in load balancer that can distribute incoming traffic to multiple servers, providing high availability, scalability, and performance for Web Applications. • SSL offloading: Web servers hosting HTTPS Web sites utilize a significant amount of processing power in handling SSL encryption / decryption, and not for actually serving Web pages or processing Web forms. The Barracuda Web Application Firewall provides SSL offloading capabilities, which frees up the processing power of the servers, making them more efficient. • Rate control: Rate of access to Web applications from different networks can be prioritized via the rate control capability of the Barracuda Web Application Firewall. • Application acceleration: With integrated file caching, traffic compression, and connection pooling, the Barracuda Web Application Firewall provides a complete set of capabilities required to deliver the Web applications faster. • High availability: Business-critical Web applications need to be online 24x7. As such, organizations cannot rely on deploying these applications on just one server. The Barracuda Web Application Firewall with integrated load balancer capabilities provides for high availability on the Web servers. In addition, the Barracuda Web Application Firewall can be configured in an active / passive cluster. Ease of management One Web application differs from another. To reduce the effort required to secure individual applications the Barracuda Web Application Firewall starts from a base security policy which can be easily tuned to suit the security requirements of an individual application. • Active / passive security: Security rules can be configured in either active or passive mode. An active rule blocks the violating traffic and logs the incident in the Web firewall logs. In the case of a passive rule, the violating request is simply logged. During initial deployment, all rules are first configured as passive rules and after fine tuning the administrator makes them active. • Exception profiling: The Barracuda Web Application Firewall allows heuristics-based tuning of the existing firewall rules. Based on violations, the Barracuda Web Application Firewall provides the administrator with a proposed recommendation on tuning the configuration. • Adaptive profiling: The Barracuda Web Application Firewall can analyze the incoming traffic and build a profile of a particular Web application. The profile consists of all accessed URLs and allowed form parameters. This profile can then used to enforce strict security rules for the Web application. • Conversion of HTTP application to HTTPS application: A HTTP based Web application can be converted into an HTTPS application without having to rewrite any code on the back end application with the Instant SSL capability of the Barracuda Web Application Firewall. • Delegated administration: Administrative tasks and responsibilities for securing the different Web applications can be delegated amongst multiple administrators. • Reporting: The Barracuda Web Application Firewall provides reports on attacks, Web traffic, administrative audits, and configuration. • Alerts: Notifications of system alerts are sent out via SNMP traps or email. This allows administrators to be well informed about the security status of their applications. • Barracuda Central updates: The Barracuda Networks’ security analysis team keeps abreast with all emerging threats and updates are made available to the Barracuda Web Application Firewalls. Affordability • Models: The Barracuda Web Application Firewalls are available in five models handling traffic from 10 Mbps to 1 Gbps and are suited for small to large deployments. • No per server fees: Each model can secure multiple applications and is available at a competitive price point. Based on the throughput requirements, organizations can choose the model and secure varying number of servers. For questions about the Barracuda Web Application Firewall, please visit http://www.barracuda.com/waf or call Barracuda Networks for a free 30-day evaluation at 1-888-ANTI-SPAM or +1 408-342-5400. For more information on our other security and productivity solutions, please visit http://www.barracuda.com/products. About Barracuda Networks Inc. Barracuda Networks Inc. combines premise-based gateways and software, cloud services, and sophisticated remote support to deliver comprehensive security, networking and storage solutions. The company’s expansive product portfolio includes offerings for protection against email, Web and IM threats as well as products that improve application delivery and network access, message archiving, Barracuda Networks backup and data protection. 3175 S. Winchester Boulevard Campbell, CA 95008 Coca-Cola, FedEx, Harvard University, IBM, L’Oreal, and Europcar are among the more than 100,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to- United States deploy and manage solutions. Barracuda Networks is privately held with its International headquarters +1 408.342.5400 in Campbell, Calif. For more information, please visit www.barracudanetworks.com. www.barracuda.com info@barracuda.com 2