Product
Barracuda Web Application Firewall

Barracuda Web Application Firewall

Protect your websites and applications from advanced cyber-threats.

You depend on applications everyday. They are how your customers and partners connect with you, and they are how your employees get their jobs done. Unfortunately, your applications remain one of the most commonly exploited threat vectors. Barracuda WAF protects your web, mobile and API applications from being compromised, and prevents data breaches— ensuring you maintain your reputation and your customer's confidence.

  • Ensure Protection from Web Attacks and DDoS.The Barracuda Web Application Firewall protects applications, APIs, and mobile app backends against a variety of attacks including the OWASP Top 10, zero-day threats, data leakage, and application-layer denial of service (DoS) attacks. By combining both positive signature-based policies with robust anomaly detection capabilities, Barracuda WAF can defeat today’s most sophisticated attacks targeting your web applications. Barracuda Active DDoS Prevention—an add-on service for the Barracuda Web Application Firewall—filters out volumetric DDoS attacks before they ever reach your network and harm your apps. It also protects against sophisticated application DDoS attacks without the administrative and resource overhead of traditional solutions, to eliminate service outages while keeping costs manageable for organizations of all sizes.
  • Protect APIs and Mobile AppsMobile application and APIs are now everywhere and are used by every modern organization every day. API’s are the critical backbone for every connected service and ensuring and maintaining the security and availability of API’s are increasingly critical for businesses. The Barracuda Web Application Firewall provides comprehensive security and availability for API’s. It can secure both XML and JSON API’s against all types of attacks, including API farming and scraping. The Barracuda WAF also secures the XML and JSON parsers, all while providing complete, granular access control. The built-in rate control and application delivery features enable consistent and reliable API delivery within SLA’s to ensure seamless scalability, all while virtual patching provides an automated feedback loop for security.
  • Block Malicious Bots and Automated Attacks More than half of internet traffic is generated by automated bots. A significant part of this automated traffic is malicious – either bots that scrape and steal your data for profit, or automated attacks to compromise your web applications. Protect your websites from content scraping, data theft, and non-human traffic that slows the overall availability of your web applications. The Barracuda WAFs built-in bot detection technologies can distinguish between bad bots from good bots through a verity of countermeasures. Advanced Bot Protection uses cloud based machine learning to provide bot spam detection, credential stuffing prevention, request risk scoring and client finger printing. This ensures your applications are ready to perform optimally for your customers, clients, employees, and partners.
  • Secure App Delivery and Increase Availability All applications today need to be delivered securely over HTTPS. However slow-loading and unsecure applications are not only frustrating for everyone but can expose sensitive information. The Barracuda Web Application Firewall helps you enable HTTPS quickly and easily, even for legacy applications, with Instant SSL capabilities. With a hardened SSL/TLS stack and performance acceleration capabilities, Barracuda WAF ensures fast, secure and reliable access to all your web-facing applications. Built-in layer 7 load balancing, caching and compression technologies cut latency and deliver consistent, reliable access for every user.
  • Control Access and AuthenticationWAF Control Center provides a central point of control for all your Barracuda WAF deployments. it simplifies management, helps ensure up-to-date policies, and provides the tools necessary to deliver ongoing security for your applications wherever they reside. Furthermore, role-based access controls enables DevOps, SecOps, and NetOps teams to manage security at every stage of the application lifecycle with single pane-of-glass simplicity.
  • Automate and Orchestrate Security As organizations embrace DevOps to improve agility and time-to-market, they are finding that current application security processes are disparate, prone to human error, and unable to keep pace with development lifecycles. To address the need for security tools that integrate with continuous deployment (CI/CD) processes, the Barracuda WAF provides a fully featured REST API and integrates with automation tools such as Puppet, Terraform, AWS CloudFormation, Azure ARM Templates and more to enable DevOps to seamlessly build security directly into the application development lifecycle. Orchestrating the security is just one part of the process. The more critical second part is to ensure that rules and policies are kept updated and new vulnerabilities are quickly identified and virtually patched. Barracuda Vulnerability Remediation Service enables SecOps teams to automate the vulnerability identification and remediation process to ensure a continuously robust security strategy as applications evolve. Furthermore, Barracuda WAF integrates with over 25 other vulnerability management tools for complete flexibility.