Barracuda Networks has announced the latest Barracuda Web Application Firewall, version 7.8, specifically aimed at reducing the impact of automated attack attempts from botnets.
Automated botnet attacks have recently gained notoriety for targeting major banks and web platforms like WordPress. While the overall number of attacks has stayed consistent, the dramatic increase in the ferocity and duration of these attacks demonstrates the need to deploy advanced protection.
Barracuda Web Application Firewall provides advanced DDoS protection that spans the network and application layer. It has the ability to control traffic based on geographic regions, IP addresses, and client types, allowing administrators to throttle or block malicious requests. With the new version, Barracuda has added several significant new capabilities designed to secure applications against advanced DDoS attacks:
* Enhanced Botnet Identification through Barracuda IP Reputation – With hundreds of thousands of security devices spanning all major security vectors including network, web, and email traffic, Barracuda IP Reputation provides an extensive
* categorisation of infected computers, zombies, and/or botnets. The integration of Barracuda IP Reputation with Barracuda Web Application Firewall enables administrators to identify and thwart botnets attempting DDoS attacks.
“Securing applications against automated attacks can be tedious when done manually,” said Steve Pao, GM Security at Barracuda Networks. “With the Barracuda Web Application Firewall, protections can be implemented operationally without coding changes, avoiding the costs and risks often associated with those types of changes.”
In addition to these advanced security capabilities, a number of management and performance enhancements have been added to the firmware release, including:
* Increased throughput up to 4Gbps on Barracuda Web Application Firewall models 960 and higher on the current hardware platform
* Integration with the Kerberos security protocol for single sign-on across disparate backend Web services
* Support for Certificate Revocation Lists (CRLs) for enhanced SSL certificate management