Attacks/Breaches
5/17/2013
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Barracuda Tackles Botnets With Updated Web Application Firewall

Web Application Firewall, version 7.8, aimed at reducing impact of automated attack attempts from botnets

Campbell, Calif. (May 15, 2013) – Barracuda Networks, Inc., a leading provider of security and storage solutions, today announced the latest Barracuda Web Application Firewall, version 7.8, specifically aimed at reducing the impact of automated attack attempts from botnets.

Automated botnet attacks recently have gained notoriety for targeting major banks and web platforms like WordPress. While the overall number of attacks has stayed consistent, the dramatic increase in the ferocity and duration of these attacks demonstrates the need to deploy advanced protection.

Barracuda Web Application Firewall provides advanced DDoS protection that spans the network and application layer. It has the ability to control traffic based on geographic regions, IP addresses, and client types, allowing administrators to throttle or block malicious requests. With the new version, Barracuda has added several significant new capabilities designed to secure applications against advanced DDoS attacks:

· Enhanced Botnet Identification through Barracuda IP Reputation – With hundreds of thousands of security devices spanning all major security vectors including network, web, and email traffic, Barracuda IP Reputation provides an extensive categorization of infected computers, zombies, and/or botnets. The integration of Barracuda IP Reputation with Barracuda Web Application Firewall enables administrators to identify and thwart botnets attempting DDoS attacks.

· Client Fingerprinting – Using techniques such as injecting JavaScript challenges in website responses, Barracuda Web Application Firewall can distinguish botnets from human users and block malicious requests from botnets.

· Automated CAPTCHA Challenges – Barracuda Web Application Firewall can automatically insert CAPTCHA challenges to suspicious clients without requiring any changes to the application.

· New Client Browser Control – The latest generation of Web browsers have implemented stricter security controls to prevent malicious javascripts, drive-by-downloads or other Web attacks targeted at users. With the new firmware, Barracuda Web Application Firewall now has the ability to set client browser behavior to reduce the risk of client attacks.

"Securing applications against automated attacks can be tedious when done manually," said Steve Pao, GM Security at Barracuda Networks. "With the Barracuda Web Application Firewall, protections can be implemented operationally without coding changes, avoiding the costs and risks often associated with those types of changes."

In addition to these advanced security capabilities, a number of management and performance enhancements have been added to the firmware release, including:

· Increased throughput up to 4Gbps on Barracuda Web Application Firewall models 960 and higher on the current hardware platform

· Integration with the Kerberos security protocol for single sign-on across disparate backend Web services

· Support for Certificate Revocation Lists (CRLs) for enhanced SSL certificate management.

Availability and Pricing:

Barracuda Web Application Firewall version 7.8 is available immediately at no additional charge to existing customers on the current hardware platform with an active Energize Update subscription or with an active virtual appliance license. Barracuda Web Application Firewall pricing in North America ranges from US$4,999 to US$61,599 depending on model, with no per user fees. International pricing and availability varies based on region. For more information, please visit www.barracuda.com/waf.

Resources:

Blog Post – http://bit.ly/barracudawaf78

About the Barracuda Web Application Firewall

The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target applications hosted on web servers and in the cloud. The Barracuda Web Application Firewall scans all inbound web traffic to block attacks and scans all outbound traffic to provide highly effective Data Loss Prevention (DLP). It's available as a physical or virtual appliance and is deployed in front of the web application servers. To learn more about the Barracuda Web Application Firewall, please visit www.barracuda.com/waf.

About Barracuda Networks, Inc.

Protecting users, applications, and data for more than 150,000 organizations worldwide, Barracuda Networks has developed a global reputation as the go-to leader for powerful, easy-to-use, affordable IT solutions. The company's proven customer-centric business model focuses on delivering high-value, subscription-based IT solutions for security and storage. For additional information, please visit www.barracuda.com or follow us on Twitter: @barracuda.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2037
Published: 2014-11-26
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.

CVE-2014-6609
Published: 2014-11-26
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

CVE-2014-6610
Published: 2014-11-26
Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dia...

CVE-2014-7141
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

CVE-2014-7142
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?