Traditionally, security has been considered a network issue, where system administrators lock down host computers through a network firewall. While a typical network firewall can help restrict traffic to HTTP and HTTPS, this traffic can contain command exploits leveraging vulnerabilities in the Web application itself that can result in data leakage, site defacement and other attacks by hackers that compromise both the privacy and integrity of vital data. Businesses of all sizes that operate their own Web applications should ensure that their Web sites are protected against application vulnerabilities.
The Barracuda Web Application Firewall provides complete protection of Web applications and is designed to enforce policies for both internal and external data security standards, such as Payment Card Industry Data Security Standard (PCI DSS). At the same time the Barracuda Web Application Firewall 460 and higher models feature a comprehensive set of application delivery capabilities designed to improve the performance, scalability and manageability of today’s most demanding data center infrastructures.
The Barracuda Web Application Firewall protects Web applications and Web services from malicious attacks, and can also increase the performance and scalability of these applications. The Barracuda Web Application Firewall offers every capability needed to deliver, secure and manage enterprise Web applications from a single appliance through an intuitive, real-time user interface.
- Single point of protection for inbound and outbound traffic for all Web applications
- Protects Web sites and Web applications against application layer attacks
- Delivers best practices security right out of the box
- Monitors traffic and provides reports about attackers and attack attempts
The Barracuda Web Application Firewall provides award-winning protection
from all common attacks on Web applications, including SQL injections,
cross-site scripting attacks, session tampering and buffer overflows.
Many applications are vulnerable to such attacks because application
developers do not consistently employ secure coding practices.
Barracuda Web Application Firewall is designed to combat all attack types that
have been categorized as significant threats, including:
- Cross Site Scripting (XSS)
- SQL injection flaws
- OS command injections
- Site reconnaissance
- Session hijacking
- Application denial of service
- Malicious probes/crawlers
- Cookie/session tampering
- Path traversal
- Information leakage
Online Web-based applications are increasingly at risk from
professional hackers who target such applications in order to commit
data theft or fraud. Being compromised can damage an enterprise’s
reputation, result in loss of customers and impact the organization’s
bottom line.
In addition, companies that transact online are faced with a host of
growing industry regulations such as the Payment Card Industry Data
Security Standard (PCI DSS), which mandates that all enterprise and Web
applications handling credit card and account information must undergo
an extensive and costly audit of custom application code. The
alternative to satisfy PCI DSS compliance is simply installing a Web
application firewall.
The combination of these factors along with banking industry PCI DSS
compliance concerns, creates demand for a more technologically and
cost-effective risk protection solution for online Web applications.
Backed by the worldwide leader in email and Web security appliances,
the Barracuda Web Application Firewall will continue to dominate the market by
breaking technology barriers.
|