Barracuda Web Application Firewall 660b - Security appliance - 1GbE - 1U - rack-mountable BWF660B

Barracuda Web Application Firewall 660b - Security appliance - 1GbE - 1U - rack-mountable

• HTTP, HTTPS and FTP protocol compliance
  At a basic level, the Barracuda Web Application Firewall verifies all inbound requests that comply with the HTTP, HTTPS and FTP specification. For example, inbound requests with more than one content-length header are typically the basis of HTTP request smuggling attacks; therefore they are illegal according to the HTTP specification and are blocked automatically.
• Protection against common, high-visibility attacks
  Hackers can take advantage of vulnerabilities in your online web forms to attack your applications. The Barracuda Web Application Firewall protects your web applications against SQL injections, OS command injections and cross-site scripting attacks.
• Protection against attacks based on session state
  The Barracuda Web Application Firewall protects your web applications against any attacks based on session state, such as forms tampering or cookie tampering.
• Outbound data theft protection
  In addition to inspecting the request traffic, the Barracuda Web Application Firewall also inspects all outbound packets for any data pattern expressible as a UNIX-style regular expression. Built-in policies protect all major credit cards and U. S. Social Security number patterns and new data patterns can be added at any time. Inspection for outbound leakage of these patterns can be applied to security policy on-the-fly.
• Web site cloaking
  To prevent hackers from doing reconnaissance on your web infrastructure, the Barracuda Web Application Firewall automatically strips identifying banners of web server software and version numbers out of all transactions.
• Anti-crawling
  While some web crawlers, such as search engines are often desirable, you may wish to prevent all other users from downloading your entire site. The Barracuda Web Application Firewall can easily identify and allow legitimate crawlers while blocking more malicious ones.
• Fine-grained control
  The Barracuda Web Application Firewall features automatic fine-grain rules creation based on both HTTP requests and responses down to the level of individual HTML elements.
• Application denial of service (DoS) protection
  The Barracuda Web Application Firewall controls the rate of allowed operations that use an intense amount of resources, thus protecting against application-layer denial of service attacks.
• Cookie tampering
  The Barracuda Web Application Firewall fully terminates and proxies every connection to insulate each unique user session from exposure and can stamp or encrypt the session cookies. Also included to prevent cookie tampering is the ability to ensure that all hidden or read-only form fields are not changed by the user.
• XML firewall
  The Barracuda Web Application Firewall has an integrated XML firewall improves the security of the XML based web applications and web services. The XML firewall detects and prevents XML specific attacks such as extremely large messages, highly nested elements, recursive passing, schema and WSDL poisoning.
• Integrated anti virus
  All file uploads to the web application can be scanned for embedded viruses and malware using the integrated anti virus engine of the Barracuda Web Application Firewall.
• Rate control
  Peak traffic or Denial of Service (Dos) attacks can impose significant load on the application servers, causing servers to overload and create very high response times. With the rate control feature, the Barracuda Web Application Firewall controls the rate of requests that are delivered to an application. This is crucial to prevent application servers from being overloaded.
• Adaptive profiling
  Inspect web application requests and responses to understand the application structure which is utilized in the positive security model to provide zero-day protection.
• LDAP and RADIUS integration
  For authentication and authorization, the Barracuda Web Application Firewall integrates with common authentication services, including Active Directory and other LDAP-compatible directories as well as RADIUS servers.
• Simple Single Sign-On (SSO) portal
  By combining built-in authentication and authorization capabilities with web address translation and cookie session management features, administrators utilize the Barracuda Web Application Firewall to present a simple front-end portal to back-end applications without requiring changes to source code, IP addressing or the server infrastructure.
• Content Caching
  The Barracuda Web Application Firewall can reduce load on back-end web servers and increase performance by caching web content and avoiding repeated requests to back-end web servers.
• Compression
  To reduce network traffic requirements, the Barracuda Web Application Firewall can automatically apply GZIP compression to renderable HTML content to be decompressed by the browser.
• Connection pooling
  To reduce back-end server overhead for maintaining TCP connections, the Barracuda Web Application Firewall can automatically pool multiple front-end connections into a single back-end connection. Connection pooling keeps the back-end servers focused on processing application logic rather than protocol termination.
• SSL offloading
  The Barracuda Web Application Firewall includes SSL offloading, streamlining the encryption and decryption of SSL traffic to quickly process secure online transactions without additional burden on any servers.
• Load balancing
  The Barracuda Web Application Firewall includes integrated load balancing capabilities to distribute traffic among multiple back-end servers. It supports both Layer 4 and Layer 7 cookie persistence and includes support for Layer 7 content switching based on URL pattern, parameter or HTTP header fields.
• High availability
  When inline in bridge-path, the Ethernet hard bypass ensures reliable application delivery even with a single Barracuda Web Application Firewall. For web applications with stringent security requirements, the Barracuda Web Application Firewall may be installed in a redundant pair configuration, providing real-time application state replication so that security and user sessions will not be compromised during a failover event.
• Comprehensive logging
  The Barracuda Web Application Firewall maintains a rich set of logs on the appliance, including system activity, web firewall activity, web services activity, network firewall activity and traditional web logs.
• PCI reports
  The Barracuda Web Application Firewall provides an easy-to-read snapshot of common application attacks, critical for securing credit card information and providing compliance to PCI DSS requirements.

The Barracuda Web Application Firewall is a complete and powerful security solution for web applications and web sites. The Barracuda Web Application Firewall provides award-winning protection against hackers leveraging protocol or application vulnerabilities to instigate data theft, denial of service or defacement of your web site. The Barracuda Web Application Firewall protects web applications and web services from malicious attacks and can also increase the performance and scalability of these applications. The Barracuda Web Application Firewall offers every capability needed to deliver, secure and manage enterprise web applications from a single appliance through an intuitive, real-time user interface. The Barracuda Web Application Firewall provides award-winning protection from all common attacks on web applications such as OWASP Top 10 including SQL injections, cross-site scripting attacks, session tampering and buffer overflows.
**IMPORTANT NOTE**
All Barracuda Web Application Firewall Appliance purchases require a Energize Updates subscription purchase for support and maintenance. Other subscriptions such as Instant Replacement, Advanced Threat Protection, Active DDoS Prevention and Premium Support are optional additional purchases.

• Delivers best practices security right out of the box
• Single point of protection for inbound and outbound traffic for all web applications
• Comprehensive web site and web application protection
• Application access control
• Application delivery and acceleration
• Logging, monitoring and reporting