Spam Firewalls:
Compare Models Spam Firewall 100 Spam Firewall 200 Spam Firewall 300 Spam Firewall 400 Spam Firewall 600 Spam Firewall 800 Spam Firewall 900 Spam Firewall Overview Outbound Overview Deployment and Administration Spam Firewall FAQ International Pricing
Web Filters:
Compare Models Web Filter 210 Web Filter 310 Web Filter 410 Web Filter 610 Web Filter 810 Web Filter 910 Web Filter Overview Deployment and Administration CIPA Compliance Web Filter FAQ International Pricing
IM Firewalls:
Compare Models IM Firewall 220 IM Firewall 320 IM Firewall 420 IM Firewall 620 IM Firewall 820 IM Firewall Overview Deployment and Administration International Pricing
Load Balancers:
Compare Models Load Balancer 240 Load Balancer 340 Load Balancer 440 Load Balancer 640 Load Balancer Overview Load Balancer FAQ
Message Archivers:
Compare Models Message Archiver 350 Message Archiver 450 Message Archiver 650 Message Archiver 850 Message Archiver Overview Message Archiver Deployment Message Archiver FAQ
Web Site Firewalls:
Web Site Firewall 360 Web Site Firewall 460 Web Site Firewall 660 Overview Features PCI DSS Compliance Deployment FAQs
Web Application Controllers:
Compare Models Web App Controller NC500-AG Web App Controller NC1100-AG Web App Controller NC2000-AG
Promotions:
Trade-Up Program
Services:
Barracuda Central Energize Updates Instant Replacement
Spam Firewall Technology:
Technology Overview Spam Defense Layers Barracuda Reputation Predictive Sender Profiling Real-Time Protection Triple-Layer Antivirus Protection Image Spam Protection PDF Spam Protection Mail Transport and Policy Clustering
Web Filter Technology:
Technology Overview Spyware Protection Application Blocking Content Filtering Content Categories
3rd Party Solutions:
MeetingSense WebEx XRackPro Server Racks
Technical Services:
Leasing Evaluation Request Live Demo Training Consulting Documentation Regulatory Compliance
Newsletter:

Subscribe to our free
monthly newsletter:
E-mail:
 
Join Our Blog:

Click Here to Join Our Blog!

Barracuda Networks - The trusted source for spam, spyware, virus, and content blocking.Barracuda Web Site Firewall FAQ
What does the Barracuda Web Site Firewall do?

The Barracuda Web Site Firewall protects your Web site from attackers leveraging protocol or application vulnerabilities to instigate unauthorized access, data theft, denial of service (DoS), or defacement of your Web site.

The Barracuda Web Site Firewall provides complete protection of Web applications and is designed to enforce policies for both internal and external data security standards, such as the Payment Card Industry Data Security Standard (PCI DSS). At the same time, the Barracuda Web Site Firewall features a number of traffic management capabilities designed to improve the performance, scalability and manageability of today’s most demanding data center infrastructures.

Why do I need a Web site firewall?

Businesses of all sizes that operate their own Web applications should deploy a powerful Web site firewall to protect their Web sites from application vulnerabilities.

Traditionally, security has been considered a network issue, where system administrators lock down host computers through a network firewall. While a typical network firewall can help restrict traffic to HTTP and HTTPS, this traffic can contain command exploits leveraging vulnerabilities in the Web application itself. Without the Barracuda Web Site Firewall acting as an application firewall, a hacker’s attack can result in unauthorized access, data leakage, site defacement and/or other attacks that compromise both the privacy and integrity of vital data.

What are the major capabilities and benefits of the Barracuda Web Site Firewall?

The major capabilities and benefits of the Barracuda Web Site Firewall include:

Comprehensive Web Site Protection: The Barracuda Web Site Firewall proxies all Web traffic, providing complete protection in front of your Web sites. Web site protection capabilities include: HTTP protocol compliance, protection against common/high-visibility attacks, protection against attacks based on session state, online form field validation, outbound data theft protection, Web site cloaking, anti-Web crawling and application denial of service (DoS) protection, as well as fine-grain controls.

Application Access Control: The Barracuda Web Site Firewall provides PKI support to provide certificate verification and prevents cookie tampering to ensure hidden or read-only form fields are not changed by the user.

Application Delivery and Acceleration: In addition to the security and access control benefits of Barracuda Web Site Firewall, there are also additional operational capabilities. Capabilities include SSL offloading, SSL acceleration, load balancing and high availability.

Logging, Monitoring and Reporting: The Barracuda Web Site Firewall features advanced capabilities to provide immediate feedback to operations teams that deploy, manage and secure mission critical applications. Besides a system log, Web firewall log, traditional Web log and audit log, the Barracuda Web Site Firewall also provides specific reports relevant to PCI compliance.

How does the Barracuda Web Site Firewall detect and mitigate threats?

The Barracuda Web Site Firewall provide award-winning protection from all common attacks on Web applications, including SQL injections, cross-site scripting attacks, session tampering and buffer overflows. As a full proxy, the Barracuda Web Site Firewall provides comprehensive inbound and outbound protection. By inspecting request traffic, the Barracuda Web Site Firewall can block inbound attacks and cloak Web sites from hackers, while response traffic inspection prevents sensitive data leakage, such as credit card or Social Security numbers.

In addition, the Barracuda Web Site Firewall secures applications from unauthorized user access a full PKI integration for use with client certificates.

Can the Barracuda Web Site Firewall help my company comply with the Payment Card Industry Data Security Standard (PCI DSS)?

Yes, the Barracuda Web Site Firewall assists organizations that store, process and/or transmit credit card numbers to comply with the Payment Card Industry - Data Security Standard (PCI DSS) requirements.

As major credit card companies are increasing pressure on merchants to comply with the PCI DSS, many e-commerce businesses are seeking solutions to meet requirement 6.6 of PCI DSS calling for either detailed custom application code reviews or installation of a Web Application Firewall by June 30, 2008. Failure to comply with these security standards may result in fines, restrictions or permanent expulsion from card acceptance programs. Through multiple advanced features, the Barracuda Web Site Firewall can help organizations easily become PCI DSS compliant. Click here for additional information.

What logging, monitoring and reporting features are available with the Barracuda Web Site Firewall?

Logging monitoring and reporting capabilities of Barracuda Web Site Firewall include:

Comprehensive logging. The Barracuda Web Site Firewall maintains a rich set of logs on the appliance, including system activity, Web Firewall activity, Web services activity, network firewall activity and traditional Web logs.

PCI reports. The Barracuda Web Site Firewall provides a quick snapshot of application attacks defined in the PCI DSS Section 6.5, including unvalidated input, broken access control, cross-site scripting and so on.

Syslog support. The Barracuda Web Site Firewall forwards logs to a syslog server for centralized and persistent storage or analysis by a third party tool.

Will the Barracuda Web Site Firewall fit into my existing network environment?

Yes, the Barracuda Web Site Firewall is designed to easily fit into any existing data center environment and to rapidly secure and accelerate new and existing Web applications. Barracuda Networks offers the most flexible array of Barracuda Web Site Firewall deployment options, including both Bridge-path and Route-path.

How do I know which Barracuda Web Site Firewall model is best suited to my needs?

A regional Barracuda Networks sales representative can evaluate your network environment and Web usage needs to help determine which model(s) is the best fit for your company.

What if I have more questions about the Barracuda Web Site Firewall?

For additional assistance or for a product demonstration of the Barracuda Web Application Controller, please contact BarraGuard.com

 
Barracuda Networks - The trusted source for spam, spyware, virus, and content blocking. BarraGuard.com is a division of Virtual Graffiti Inc, an authorized Barracuda Networks reseller.
Copyright © 2008 Barracuda Networks. All Rights Reserved.
Sales/Privacy Policy