WEB APPLICATION FIREWALL
Barracuda's WAF solution provides advanced security for your web applications, whether you choose the on-premise or as-a-Service deployment model. As a Preferred Partner of Barracuda and a provider of managed security services, MHE can offer the added benefit of managed security services to monitor and manage your WAF. Protect your business with the best in cybersecurity technology.
Protect your web-facing assets from advanced cyber-threats.
APPLICATION SECURITY MADE SIMPLE
Deploy and Configure quickly and easily - no steep learning curve or complicated certifications to obtain
AGILE FRIENDLY
DEVOPS READY
Unmetered DDoS protection included. Develop and deploy new or updated apps, thanks to its full Rest API
CLOUD NATIVE FOR MODERN WORKLOADS
Seamlessly integrates with cloud-native services to provide security, control and peace of mind
Safeguard your applications and data with confidence.
Application security is increasingly complex. Barracuda makes it simple. Barracuda Web Application Firewall is a part of Barracuda Cloud Application Protection, an integrated platform that brings a comprehensive set of interoperable solutions and capabilities together to ensure complete application security.
Ensure Protection from Web Attacks and DDoS
Stop bad bots dead in their tracks
Protect APIs and mobile applications.
Enable granual access control and secure application delivery
Automate and Orchestrate security
Gain deep visibility into attack and traffic patterns
43%
breaches involved with web applications*
*2020 Verizon DBIR
Web applications are a major vector for criminals seeking to penetrate your network — and securing them has until now been notoriously difficult and complex. Barracuda Web Application Firewall changes the game, with comprehensive protection against all kinds of app-based threats, highly flexible deployment options, and remarkable ease of use.
Ensure protection from web attacks and DDoS.
Barracuda Web Application Firewall protects applications, APIs, and mobile app backends against a variety of attacks including the OWASP Top 10, zero-day threats, data leakage, and application-layer denial of service (DoS) attacks. By combining signature-based policies and positive security with robust anomaly-detection capabilities, Barracuda Web Application Firewall can defeat today’s most sophisticated attacks targeting your web applications. Barracuda Active DDoS Prevention — an add-on service for the Barracuda Web Application Firewall — filters out volumetric DDoS attacks before they ever reach your network and harm your apps. It also protects against sophisticated application DDoS attacks without the administrative and resource overhead of traditional solutions, to eliminate service outages while keeping costs manageable for organizations of all sizes.
Stop bad bots dead in their tracks.
Sophisticated malicious bots mimic human users to evade standard bot detection. However, blocking legitimate bots can harm your business. So modern bot defense has to both distinguish between legitimate and malicious bots, and between human users and advanced bots. Barracuda Web Application Firewall offers Advanced Bot Protection that uses machine learning to continually improve its ability to spot and block bad bots and human-mimicking bots — while allowing legitimate human and bot traffic to proceed with minimal impact.
Protect your APIs and mobile apps.
Modern applications are increasingly interconnected, exposing more APIs to attacks. Barracuda Web Application Firewall solutions protect your entire attack surface, including REST APIs and API-based applications. XML protection secures REST and WSDL interfaces against schema and WSDL poisoning. JSON protection scans payloads to ensure that only legitimate requests are allowed through. API Discovery features use your API definition files to automatically create the required rulesets for the API, reducing admin overhead.
Enable granular access control and secure app delivery
To ensure that only authorized personnel can access your application backends and data, Barracuda Web Application Firewall solutions integrate with AD, LDAP, and RADIUS, giving you granular control over which users and groups can access what data. They also secure all the services that rely on ADFS. SAML support provides a seamless single-sign-on (SSO) experience across your on-premises and cloud-hosted applications. Two-factor authentication further enhances security through integrations with RSA SecureID, SMS PASSCODE, Duo, and others. Barracuda Web Application Firewall features a hardened SSL/TLS stack that provides a secure HTTPS front end to your applications. With pre-built templates, you can immediately set up secure TLS ciphers and protocols for standards compliance with ease. The built-in application delivery module enables HTTP load balancing, content routing, caching, and compression. The content routing module can be used to direct traffic to various applications based on the characteristics of incoming traffic — for instance, a different server for a PC versus mobile client. Connection pooling, caching, and compression capabilities speed traffic delivery and improve user experience by reducing server load and reducing latency.
Automate and orchestrate security.
Barracuda Web Application Firewall integrates with many popular third-party DevOps tools to ensure CI/CD processes are fully automated. Full-featured REST API seamlessly integrates with Puppet, Chef, Ansible, Terraform, Azure ARM, AWS CloudFormation, and more. In addition, the content routing module further enables CI/CD rollout options such as blue-green deployments, canary rollouts and A/B testing. The Barracuda Web Application Firewall’s REST API is built on OpenAPI specifications, making it easy to create automation scripts, and the official GitHub page has code samples for popular platforms and use cases. Barracuda Web Application Firewall solutions leverage Barracuda Vulnerability Manager and Remediation Service to let you remediate app vulnerabilities with a single click and deploy new and updated apps with full confidence. Barracuda Web Application Firewall also supports many third-party vulnerability scanning tools such as IBM AppScan, Rapid7, Immuniweb, HPE Security WebInspect, and more to give you complete freedom and control over vulnerability mitigation.
Gain deep visibility into attacks and traffic patterns.
Barracuda Web Application Firewall features a detailed dashboard that presents vast amounts of data in the form of actionable insights that help you make informed decisions. System health and utilization, traffic patterns, subscription status, system performance, attack statistics and origin locations, and much more is layered into a streamlined dashboard that makes it all easy to interpret and use. Barracuda Web Application Firewall also supports many external SIEMs and log management tools such as Azure Sentinel, Loggly, Sumologic, HPE ARCsight, IBM QRadar, Splunk, and many more.
