Transcript Barracuda Web Site Firewall Introduction

Barracuda Web Application Firewall
Web Application Protection Against
Hackers and Security Vulnerabilities
Introduction
• Application-layer security for Web
traffic
• Fully application aware
• Application Delivery and Acceleration
• Web User Access Control
• Full-featured, scalable WAF
• Familiar Barracuda Networks interface
/ ease of use
• Economical – no per user fees
Data Center Assets Increasingly Vulnerable
Identity theft
Data theft
Worms
Denial of Service
SQL Injection
Parameter tampering
Business Implications
Lost revenue
Brand erosion
Regulatory compliance:
SOX, GLBA, HIPAA
74 percent of all Web application vulnerabilities
disclosed in 2008 had no available patch to fix them
by the end of 2008.
Source: IBM X-Force
Challenges with Legacy Security Solutions
•
Network Firewalls
–
•
Blindly allow HTTP/S Web traffic
IPS/IDS
–
–
–
–
–
Signature matching only, not
application aware
Cannot protect from zero-day
attacks
No protection for encrypted traffic
Non deterministic protection
Cannot “normalize” traffic to detect
obfuscated attacks
Application Threat
IPS / Network Firewalls
Cookie poisoning
Well known signatures only
Hidden field
manipulation
Well known signatures only
Cross Site scripting
Well known signatures only
Injection Attacks
None
None
Stealth Commanding
Parameter Tampering
None
Buffer overflow
None
None
Google Hacks
Forceful Browsing
What is Missing?
More insight and control into application
structure:
URLs, cookies, headers, FORMs, Session,
SOAP actions, XML elements …
Identity Theft
Application DoS
Data Theft
None
None
None
None
Application
Firewall
The solution: Layer 7 security
Firewall blocks
only network
attacks
Web Applications
Port 80/443 traffic
goes through
Barracuda Web
Application Firewall
The solution: Barracuda Web Application Firewall
 Understands web traffic
 Accelerates application delivery
 Layer 4 and Layer 7 load balancing for
Web servers
 Protects against common web attacks
 Mitigates broken access control
Comprehensive Application Layer Protection
• Full inspection of application data input
• Complete knowledge of expected values
• Real-time policy creation and enforcement
INSPECTS FOR:
Malicious Commands
Illegal Keywords
Hidden Field Tampering
Parameter Tampering
Altered HTTP Methods
Max Length Exceptions
Illegitimate URLs
WSI Profile Validation
XML Schema Validation
Virus/Malware Injection
Distribute DoS
Users
ENFORCES:
Intended application logic
Web site cloaking
Legitimate crawling
Valid parameter values
Non-disclosure of sensitive data
Appropriate session state
SSL and Session security
Valid URLs
Rate Control
Web Applications/Services
Barracuda Web Application Firewall Benefits
SECURE
WEB
APPLICATIONS
GAIN VISIBIILITY
VIA LOGS
AND REPORTS
SCALE UP
AND
SPEED UP
ACHIEVE
COMPLIANCE
Barracuda Web Application Firewall Benefits
SECURE
WEB APPLICATIONS
SECURE
SCALE UP
WEB
AND
APPLICATIONS• Cloak server information
SPEED UP
• Protect against Layer 7 attacks
• Data theft protection
GAIN VISIBIILITY
ACHIEVE
VIA LOGS • Integrated XML protection
COMPLIANCE
AND REPORTS
Barracuda Web Application Firewall Benefits
SCALE AND SPEED UP APPLICATION DELIVERY
SECURE
WEB
APPLICATIONS • Load balancing
SCALE UP
AND
SPEED UP
• Caching
• Compression
GAIN VISIBIILITY
ACHIEVE
•
Integrated
access
control
VIA LOGS
COMPLIANCE
LDAP
/
RADIUS
AND REPORTS
- Client certificates
Barracuda Web Application Firewall Benefits
GAIN VISIBILITY VIA LOGS AND REPORTS
SECURE
WEB
APPLICATIONS• Web firewall logs
SCALE UP
AND
SPEED UP
• Audit logs
• Access logs
GAIN VISIBIILITY
ACHIEVE
•
Traffic
/
attack
reports
VIA LOGS
COMPLIANCE
AND REPORTS
Barracuda Web Application Firewall Benefits
ACHIEVE COMPLIANCE
SECURE
WEB
APPLICATIONS• Role based access
SCALE UP
AND
SPEED UP
• LDAP authentication
• PCI reports
GAIN VISIBIILITY
VIA LOGS • Audit reports
AND REPORTS
ACHIEVE
COMPLIANCE
Typical Deployment
Inline between the network firewall and the servers in Proxy or Bridge
mode Both these deployments can be put in High Availability set up with two units in a pair
Out of line as a one armed proxy
Summary
• Comprehensive Web
application protection
• Application delivery
and acceleration
• Authentication and
Authorization
• Logging, monitoring
and reporting
• Achieve compliance:
PCI, HIPAA, GLBA