Cloud
11/15/2017
12:05 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Barracuda Announces New Cloud Generation Firewall Capabilities

Campbell, Calif. (Nov 15, 2017) – Barracuda Networks, Inc. (NYSE: CUDA), a leading provider of cloud-enabled security and data protection solutions, today announced expanded public cloud functionality for the Barracuda Web Application Firewall and Barracuda NextGen Firewall. The updated Cloud Generation Firewalls allow for utility-based consumption and automated security controls for DevSecOps workflows, giving customers an easy migration path to public cloud. Barracuda will demonstrate its award-winning Cloud Generation Firewalls in booth number 1533 during AWS re:Invent, Nov. 27- Dec. 1, in Las Vegas.
 
Earlier this year, Barracuda sponsored a survey revealing that more than 40 percent of respondents’ organizations are currently running a portion of their infrastructure in the public cloud. According to the survey, respondents cited easy integration with legacy technology (61%), strong protection of applications (54%), and strong protection of access to applications in the public cloud (48%) as important drivers for their cloud adoption. These organizations face an increasingly sophisticated threat landscape, as 50 percent reported being hit with some sort of cyberattack. Barracuda Cloud Generation Firewalls give customers flexibility to cost-effectively deploy security at critical points—in the cloud, in hybrid or multi-cloud environments, and throughout the development lifecycle. New capabilities include:
 

  • Usage-based billing using the AWS Marketplace Metering Service Billing – Barracuda NextGen Firewall is now available as a metered billing service in the AWS Marketplace, joining the Barracuda Web Application Firewall, which became available with the same service last year. AWS Marketplace Metering Service Billing ensures that all evaluation, pricing, and provisioning is done entirely within the AWS Marketplace, removing any licensing friction and offering a pricing structure based on actual traffic secured. Customers are able to build CI/CD pipelines that include their ISV partner solutions, and charges are based on the total bandwidth consumed across deployed firewalls and standard Amazon Elastic Compute Cloud (EC2) charges per instance.
  • DevSecOps with Puppet – The REST API framework can be used to automate the configuration of the Barracuda Web Application Firewall, which now includes Puppet integration within AWS, making it easier for customers to integrate security controls into their cloud native applications on AWS. This integration enables cloud security and operations teams to codify their firewall policies as code so they can be tested and secured as part of the overall application delivery process. Puppet maintains the desired state of the Barracuda Web Application Firewall, automatically remediates unauthorized changes, and enables security teams to quickly identify and remediate known vulnerabilities. This benefits the business because it helps increase application velocity, security, and reliability.

 
“Perimeter-based firewalls create tightly-coupled environments that scale vertically, which makes perfect sense on-premises but is entirely the wrong model for the public cloud. This is really about using the right tool for the job,” said Tim Jefferson, vice president, public cloud, Barracuda. “Customers should look to automate the orchestration, deployment, and configuration of security architectures that are loosely coupled and scale elastically. In today’s hybrid environments, customers need consistent security across on-premises and cloud-based environments—Barracuda Cloud Generation Firewalls help address this requirement.”
 
Barracuda Cloud Generation Firewalls are engineered to provide network and application security for cloud-only and hybrid-cloud environments. These solutions provide cloud-specific features including metered billing, API support for DevSecOps teams, fully meshed connectivity, and scalability to help organizations align security with their cloud deployments. Organizations looking for scalability and automation benefits of the public cloud should demand Cloud Generation Firewall functionality, including:
 

  • Well-architected for the public cloud – Integrate directly with public cloud fabric, provide API integrations for DevOps tools and automation workflows, and centrally manage across hybrid environments. This gives customers all the benefits of the cloud without compromising their security posture.
  • Support for cloud-specific use cases – Support unique requirements of the cloud including horizontal scalability, distributed policy sets, fully meshed connectivity, and north-south traffic management. Meeting these requirements allows customers to leverage the benefits of cloud automation around deployment, autoscaling, high-availability, networking, and monitoring.
  • Match Customer’s Cloud Consumption Models – Licensing that allows customers to deploy security in alignment with their current public cloud consumption model.

“Real-time, proactive security throughout the development process is critical for tighter application security in today’s threat environment,” Samm DiStasio, vice president, business development, Puppet. “Barracuda is our first security partner in public cloud to help us bridge the security gap in DevOps. Our integration with Barracuda Web Application Firewall helps speed up application delivery by automating management of critical security policies.”
 
“We are using Barracuda firewalls provisioned through the AWS Marketplace to effectively guard our applications against web-based attacks and application-layer attacks,” said Max Longin, Founding Partner, Club Automation. “The Barracuda solution plugs into our AWS environment, and is doing its job of minimizing the attack surface area and helping our customers keep club member cardholder data protected.”

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Gee, these virtual reality goggles work great!!! 
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.