Attacks/Breaches
5/17/2013
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Barracuda Tackles Botnets With Updated Web Application Firewall

Web Application Firewall, version 7.8, aimed at reducing impact of automated attack attempts from botnets

Campbell, Calif. (May 15, 2013) – Barracuda Networks, Inc., a leading provider of security and storage solutions, today announced the latest Barracuda Web Application Firewall, version 7.8, specifically aimed at reducing the impact of automated attack attempts from botnets.

Automated botnet attacks recently have gained notoriety for targeting major banks and web platforms like WordPress. While the overall number of attacks has stayed consistent, the dramatic increase in the ferocity and duration of these attacks demonstrates the need to deploy advanced protection.

Barracuda Web Application Firewall provides advanced DDoS protection that spans the network and application layer. It has the ability to control traffic based on geographic regions, IP addresses, and client types, allowing administrators to throttle or block malicious requests. With the new version, Barracuda has added several significant new capabilities designed to secure applications against advanced DDoS attacks:

· Enhanced Botnet Identification through Barracuda IP Reputation – With hundreds of thousands of security devices spanning all major security vectors including network, web, and email traffic, Barracuda IP Reputation provides an extensive categorization of infected computers, zombies, and/or botnets. The integration of Barracuda IP Reputation with Barracuda Web Application Firewall enables administrators to identify and thwart botnets attempting DDoS attacks.

· Client Fingerprinting – Using techniques such as injecting JavaScript challenges in website responses, Barracuda Web Application Firewall can distinguish botnets from human users and block malicious requests from botnets.

· Automated CAPTCHA Challenges – Barracuda Web Application Firewall can automatically insert CAPTCHA challenges to suspicious clients without requiring any changes to the application.

· New Client Browser Control – The latest generation of Web browsers have implemented stricter security controls to prevent malicious javascripts, drive-by-downloads or other Web attacks targeted at users. With the new firmware, Barracuda Web Application Firewall now has the ability to set client browser behavior to reduce the risk of client attacks.

"Securing applications against automated attacks can be tedious when done manually," said Steve Pao, GM Security at Barracuda Networks. "With the Barracuda Web Application Firewall, protections can be implemented operationally without coding changes, avoiding the costs and risks often associated with those types of changes."

In addition to these advanced security capabilities, a number of management and performance enhancements have been added to the firmware release, including:

· Increased throughput up to 4Gbps on Barracuda Web Application Firewall models 960 and higher on the current hardware platform

· Integration with the Kerberos security protocol for single sign-on across disparate backend Web services

· Support for Certificate Revocation Lists (CRLs) for enhanced SSL certificate management.

Availability and Pricing:

Barracuda Web Application Firewall version 7.8 is available immediately at no additional charge to existing customers on the current hardware platform with an active Energize Update subscription or with an active virtual appliance license. Barracuda Web Application Firewall pricing in North America ranges from US$4,999 to US$61,599 depending on model, with no per user fees. International pricing and availability varies based on region. For more information, please visit www.barracuda.com/waf.

Resources:

Blog Post – http://bit.ly/barracudawaf78

About the Barracuda Web Application Firewall

The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target applications hosted on web servers and in the cloud. The Barracuda Web Application Firewall scans all inbound web traffic to block attacks and scans all outbound traffic to provide highly effective Data Loss Prevention (DLP). It's available as a physical or virtual appliance and is deployed in front of the web application servers. To learn more about the Barracuda Web Application Firewall, please visit www.barracuda.com/waf.

About Barracuda Networks, Inc.

Protecting users, applications, and data for more than 150,000 organizations worldwide, Barracuda Networks has developed a global reputation as the go-to leader for powerful, easy-to-use, affordable IT solutions. The company's proven customer-centric business model focuses on delivering high-value, subscription-based IT solutions for security and storage. For additional information, please visit www.barracuda.com or follow us on Twitter: @barracuda.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.