Cloud

11/15/2017
12:05 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Barracuda Announces New Cloud Generation Firewall Capabilities

Campbell, Calif. (Nov 15, 2017) – Barracuda Networks, Inc. (NYSE: CUDA), a leading provider of cloud-enabled security and data protection solutions, today announced expanded public cloud functionality for the Barracuda Web Application Firewall and Barracuda NextGen Firewall. The updated Cloud Generation Firewalls allow for utility-based consumption and automated security controls for DevSecOps workflows, giving customers an easy migration path to public cloud. Barracuda will demonstrate its award-winning Cloud Generation Firewalls in booth number 1533 during AWS re:Invent, Nov. 27- Dec. 1, in Las Vegas.
 
Earlier this year, Barracuda sponsored a survey revealing that more than 40 percent of respondents’ organizations are currently running a portion of their infrastructure in the public cloud. According to the survey, respondents cited easy integration with legacy technology (61%), strong protection of applications (54%), and strong protection of access to applications in the public cloud (48%) as important drivers for their cloud adoption. These organizations face an increasingly sophisticated threat landscape, as 50 percent reported being hit with some sort of cyberattack. Barracuda Cloud Generation Firewalls give customers flexibility to cost-effectively deploy security at critical points—in the cloud, in hybrid or multi-cloud environments, and throughout the development lifecycle. New capabilities include:
 

  • Usage-based billing using the AWS Marketplace Metering Service Billing – Barracuda NextGen Firewall is now available as a metered billing service in the AWS Marketplace, joining the Barracuda Web Application Firewall, which became available with the same service last year. AWS Marketplace Metering Service Billing ensures that all evaluation, pricing, and provisioning is done entirely within the AWS Marketplace, removing any licensing friction and offering a pricing structure based on actual traffic secured. Customers are able to build CI/CD pipelines that include their ISV partner solutions, and charges are based on the total bandwidth consumed across deployed firewalls and standard Amazon Elastic Compute Cloud (EC2) charges per instance.
  • DevSecOps with Puppet – The REST API framework can be used to automate the configuration of the Barracuda Web Application Firewall, which now includes Puppet integration within AWS, making it easier for customers to integrate security controls into their cloud native applications on AWS. This integration enables cloud security and operations teams to codify their firewall policies as code so they can be tested and secured as part of the overall application delivery process. Puppet maintains the desired state of the Barracuda Web Application Firewall, automatically remediates unauthorized changes, and enables security teams to quickly identify and remediate known vulnerabilities. This benefits the business because it helps increase application velocity, security, and reliability.

 
“Perimeter-based firewalls create tightly-coupled environments that scale vertically, which makes perfect sense on-premises but is entirely the wrong model for the public cloud. This is really about using the right tool for the job,” said Tim Jefferson, vice president, public cloud, Barracuda. “Customers should look to automate the orchestration, deployment, and configuration of security architectures that are loosely coupled and scale elastically. In today’s hybrid environments, customers need consistent security across on-premises and cloud-based environments—Barracuda Cloud Generation Firewalls help address this requirement.”
 
Barracuda Cloud Generation Firewalls are engineered to provide network and application security for cloud-only and hybrid-cloud environments. These solutions provide cloud-specific features including metered billing, API support for DevSecOps teams, fully meshed connectivity, and scalability to help organizations align security with their cloud deployments. Organizations looking for scalability and automation benefits of the public cloud should demand Cloud Generation Firewall functionality, including:
 

  • Well-architected for the public cloud – Integrate directly with public cloud fabric, provide API integrations for DevOps tools and automation workflows, and centrally manage across hybrid environments. This gives customers all the benefits of the cloud without compromising their security posture.
  • Support for cloud-specific use cases – Support unique requirements of the cloud including horizontal scalability, distributed policy sets, fully meshed connectivity, and north-south traffic management. Meeting these requirements allows customers to leverage the benefits of cloud automation around deployment, autoscaling, high-availability, networking, and monitoring.
  • Match Customer’s Cloud Consumption Models – Licensing that allows customers to deploy security in alignment with their current public cloud consumption model.

“Real-time, proactive security throughout the development process is critical for tighter application security in today’s threat environment,” Samm DiStasio, vice president, business development, Puppet. “Barracuda is our first security partner in public cloud to help us bridge the security gap in DevOps. Our integration with Barracuda Web Application Firewall helps speed up application delivery by automating management of critical security policies.”
 
“We are using Barracuda firewalls provisioned through the AWS Marketplace to effectively guard our applications against web-based attacks and application-layer attacks,” said Max Longin, Founding Partner, Club Automation. “The Barracuda solution plugs into our AWS environment, and is doing its job of minimizing the attack surface area and helping our customers keep club member cardholder data protected.”

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-3937
PUBLISHED: 2018-08-14
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2018-3938
PUBLISHED: 2018-08-14
An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST r...
CVE-2018-12537
PUBLISHED: 2018-08-14
In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response.
CVE-2018-12539
PUBLISHED: 2018-08-14
In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on Windows,...
CVE-2018-3615
PUBLISHED: 2018-08-14
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.