BARRACUDA WEB APPLICATION FIREWALL
MODEL
Barracuda Web Application Firewall
Powerful application-layer security for Web sites and Web servers
The Barracuda Web Application Firewall protects Web sites and
Web applications from attackers leveraging protocol or application
vulnerabilities to instigate data theft, denial of service, or defacement of
an organization’s Web site. Unlike traditional network rewalls or intrusion
detection systems that simply pass HTTP, HTTPS, or FTP trac for Web
applications, the Barracuda Web Application Firewall proxies this trac and
inspects it for attacks to insulate Web servers from direct access by hackers.
Comprehensive Web Site Protection
The Barracuda Web Application Firewall provides award-winning protection
from all common attacks on Web applications, including SQL injections,
cross-site scripting attacks, session tampering and buer overows. As a
full proxy, the Barracuda Web Application Firewall blocks or cloaks attacks,
while preventing sensitive outbound data leakage such as credit card or
Social Security numbers.
In addition, the Barracuda Web Application Firewall mitigates broken access
control to applications by preventing cookie tampering and corruption of
an application’s access control system. Unlike intrusion detection systems
that only analyze byte patterns, the Barracuda Web Application Firewall
terminates HTTP trac on behalf of the Web server to decode character
sets, remove padded spacing, and normalize against common obfuscation
techniques. For added security, the Barracuda Web Application Firewall
provides full PKI integration for use with client certicates to verify
identities of clients accessing the Web applications.
Advanced Trac Management and Acceleration
To minimize ongoing administration associated with protecting Web sites against application vulnerabilities, the Barracuda Web Application Firewall
automatically receives Energize Updates with the latest policy, security and attack denitions. In addition to the comprehensive security benets,
there are also application delivery capabilities such as SSL ooading, SSL acceleration and load balancing. These capabilities are designed to improve
the performance, scalability, and manageability of today’s most demanding data center infrastructures.
Clients
Barracuda Energize Updates
Barracuda Web Application Firewall Architecture
Policy Denitions
Logging and Monitoring
Security Updates Attack Denitions
Barracuda Web Application Firewall
Web Servers
Protocol
Termination
and Validation
Authentication
and
Authorization
Trac Inspection
and
Security Checks
Decryption
Data
Normalization
Load
Balancing
Caching
Encryption Compression
Data
Theft
Cloaking
The Barracuda Web Application Firewall monitors and tracks common
application attacks, performance statistics and bandwidth usage.
资源评论
