Barracuda updates web application firewall

Barracuda Networks announced Barracuda Web Application Firewall 7.8, specifically aimed at reducing the impact of automated attack attempts from botnets.

Automated botnet attacks recently have gained notoriety for targeting major banks and web platforms like WordPress. While the overall number of attacks has stayed consistent, the dramatic increase in the ferocity and duration of these attacks demonstrates the need to deploy advanced protection.

Barracuda Web Application Firewall provides advanced DDoS protection that spans the network and application layer. It has the ability to control traffic based on geographic regions, IP addresses, and client types, allowing administrators to throttle or block malicious requests. With the new version, Barracuda has added several significant new capabilities designed to secure applications against advanced DDoS attacks:

Enhanced botnet identification through Barracuda IP reputation – With hundreds of thousands of security devices spanning all major security vectors including network, web, and email traffic, Barracuda IP Reputation provides an extensive categorization of infected computers, zombies, and/or botnets. The integration of Barracuda IP Reputation with Barracuda Web Application Firewall enables administrators to identify and thwart botnets attempting DDoS attacks.

Client fingerprinting – Using techniques such as injecting JavaScript challenges in website responses, Barracuda Web Application Firewall can distinguish botnets from human users and block malicious requests from botnets.

Automated CAPTCHA challenges – Barracuda Web Application Firewall can automatically insert CAPTCHA challenges to suspicious clients without requiring any changes to the application.

New client browser control – The latest generation of Web browsers have implemented stricter security controls to prevent malicious javascripts, drive-by-downloads or other Web attacks targeted at users. With the new firmware, Barracuda Web Application Firewall now has the ability to set client browser behavior to reduce the risk of client attacks.

“Securing applications against automated attacks can be tedious when done manually,” said Steve Pao, GM Security at Barracuda Networks. “With the Barracuda Web Application Firewall, protections can be implemented operationally without coding changes, avoiding the costs and risks often associated with those types of changes.”

Don't miss