Presentation is loading. Please wait.

Presentation is loading. Please wait.

Barracuda Web Application Firewall

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Barracuda Web Application Firewall"— Presentation transcript:

1 Barracuda Web Application Firewall
Web Application Protection Against Hackers and Security Vulnerabilities 1

2 Introduction Application-layer security for Web traffic
Fully application aware Application Delivery and Acceleration Web User Access Control Full-featured, scalable WAF Familiar Barracuda Networks interface / ease of use Economical – no per user fees

3 Data Center Assets Increasingly Vulnerable
Identity theft Data theft Worms Denial of Service SQL Injection Parameter tampering Business Implications Lost revenue Brand erosion Regulatory compliance: SOX, GLBA, HIPAA 74 percent of all Web application vulnerabilities disclosed in 2008 had no available patch to fix them by the end of 2008. Source: IBM X-Force

4 Challenges with Legacy Security Solutions
Network Firewalls Blindly allow HTTP/S Web traffic IPS/IDS Signature matching only, not application aware Cannot protect from zero-day attacks No protection for encrypted traffic Non deterministic protection Cannot “normalize” traffic to detect obfuscated attacks None Well known signatures only IPS / Network Firewalls Data Theft Application DoS Google Hacks Forceful Browsing Identity Theft Buffer overflow Parameter Tampering Stealth Commanding Injection Attacks Cross Site scripting Hidden field manipulation Cookie poisoning Application Firewall Application Threat THIS is the reason so many leading Fortune 500 companies and industry experts have concluded that application firewalls are now mandatory. When you step back and consider the facts, the conclusion is pretty straightforward. They know that (summarize points from this section): - Apps provide access to sensitive data… - Firewalls don’t protect… - IPS and patching… - Just fixing code is difficult, expensive and slow (leaves holes open for far too long while you’re figuring out what to do) CONCLUSION – Solution must be: “Firewall” – Needs to be something at the perimeter that blocks attacks BEFORE they get to the app – extension of defense-in-depth “Proactive” – Must block attacks before they are known, not reactively chase hackers by waiting for signatures, etc. “Signature-Based” products will never be able to solve this problem. What’s needed is a What is Missing? More insight and control into application structure: URLs, cookies, headers, FORMs, Session, SOAP actions, XML elements …

5 The solution: Layer 7 security
Firewall blocks only network attacks Web Applications Port 80/443 traffic goes through Barracuda Web Application Firewall The solution: Barracuda Web Application Firewall Understands web traffic Layer 4 and Layer 7 load balancing for Web servers Accelerates application delivery Protects against common web attacks Mitigates broken access control

6 Comprehensive Application Layer Protection
Full inspection of application data input Complete knowledge of expected values Real-time policy creation and enforcement INSPECTS FOR: Malicious Commands Illegal Keywords Hidden Field Tampering Parameter Tampering Altered HTTP Methods Max Length Exceptions Illegitimate URLs WSI Profile Validation XML Schema Validation Virus/Malware Injection Distribute DoS ENFORCES: Intended application logic Web site cloaking Legitimate crawling Valid parameter values Non-disclosure of sensitive data Appropriate session state SSL and Session security Valid URLs Rate Control Web Applications/Services Users

7 Barracuda Web Application Firewall Benefits
SECURE WEB APPLICATIONS SCALE UP AND SPEED UP GAIN VISIBIILITY VIA LOGS AND REPORTS ACHIEVE COMPLIANCE

8 Barracuda Web Application Firewall Benefits
SECURE WEB APPLICATIONS • Cloak server information • Protect against Layer 7 attacks • Data theft protection • Integrated XML protection SECURE WEB APPLICATIONS SCALE UP AND SPEED UP GAIN VISIBIILITY VIA LOGS AND REPORTS ACHIEVE COMPLIANCE

9 Barracuda Web Application Firewall Benefits
SCALE AND SPEED UP APPLICATION DELIVERY • Load balancing • Caching • Compression • Integrated access control - LDAP / RADIUS - Client certificates SECURE WEB APPLICATIONS SCALE UP AND SPEED UP GAIN VISIBIILITY VIA LOGS AND REPORTS ACHIEVE COMPLIANCE

10 Barracuda Web Application Firewall Benefits
GAIN VISIBILITY VIA LOGS AND REPORTS • Web firewall logs • Audit logs • Access logs • Traffic / attack reports SECURE WEB APPLICATIONS SCALE UP AND SPEED UP GAIN VISIBIILITY VIA LOGS AND REPORTS ACHIEVE COMPLIANCE

11 Barracuda Web Application Firewall Benefits
ACHIEVE COMPLIANCE • Role based access • LDAP authentication • PCI reports • Audit reports SECURE WEB APPLICATIONS SCALE UP AND SPEED UP GAIN VISIBIILITY VIA LOGS AND REPORTS ACHIEVE COMPLIANCE

12 Out of line as a one armed proxy
Typical Deployment Inline between the network firewall and the servers in Proxy or Bridge mode Both these deployments can be put in High Availability set up with two units in a pair Out of line as a one armed proxy

13 Summary Comprehensive Web application protection
Application delivery and acceleration Authentication and Authorization Logging, monitoring and reporting Achieve compliance: PCI, HIPAA, GLBA 13

Download ppt "Barracuda Web Application Firewall"

Similar presentations

Webgoat.

Webgoat.
Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview

Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.

Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Securing Web Applications: Cisco ACE Web Application Firewall Presenter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Securing Web Applications: Cisco ACE Web Application Firewall Presenter.
CONFIDENTIAL & PROPRIETARY 1 WAF and Identity and Access Management Integration The Next Step in the Evolution of Application Security Best Practices Jan.

CONFIDENTIAL & PROPRIETARY 1 WAF and Identity and Access Management Integration The Next Step in the Evolution of Application Security Best Practices Jan.
Department Of Computer Engineering

Department Of Computer Engineering
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Barracuda Networks Confidential 1 Barracuda Web Filter Overview 1 Barracuda Networks Confidential11 Barracuda Web Filter Overview.

Barracuda Networks Confidential 1 Barracuda Web Filter Overview 1 Barracuda Networks Confidential11 Barracuda Web Filter Overview.
Evolving Threats. Application Security - Understanding the Problem DesktopTransportNetworkWeb Applications Antivirus Protection Encryption (SSL) Firewalls.

Evolving Threats. Application Security - Understanding the Problem DesktopTransportNetworkWeb Applications Antivirus Protection Encryption (SSL) Firewalls.
1 Kyung Hee University Prof. Choong Seon HONG Network Control.

1 Kyung Hee University Prof. Choong Seon HONG Network Control.
Barracuda Load Balancer Server Availability and Scalability.

Barracuda Load Balancer Server Availability and Scalability.
Global Systems Division (GSD) Information and Technology Services Web Services Gateway Implementation Michael Doney Bobby Kelley Peter Lannigan John Parker.

Global Systems Division (GSD) Information and Technology Services Web Services Gateway Implementation Michael Doney Bobby Kelley Peter Lannigan John Parker.
Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

Similar presentations

Ads by Google