Professional Documents
Culture Documents
Was01001 - Introducing Waf-As-A-Service - Slide Deck
Was01001 - Introducing Waf-As-A-Service - Slide Deck
Was01001 - Introducing Waf-As-A-Service - Slide Deck
Barracuda WAF-as-a-Service
WAS01 – Barracuda WAF-as-a-Service Foundation
Agenda
• Overview
• Licensing
• Traffic Flow
• Application & Application Modes
1
WAS01001- Introducing WAF-as-a-Service
Overview
Data Theft Protection
Credit Card Numbers
Social Security Numbers
Advanced Bot Protection
Custom Patterns
Google reCaptcha
Blacklists
Credential Stuffing Protection Proactive Defense
Application Cloaking
Geo-IP Control
Comprehensive Application Security
OWASP Top-10 Attacks
Application DDOS Webservice Protection
JSON Security
Server
Internet Barracuda
WAF-as-a-Service
...as-a-Service
WAF On-Prem CloudGen WAF (IaaS) WAF-as-a-Service
You
You
Barracuda
You
Cloud Provider
2
WAS01001- Introducing WAF-as-a-Service
Licensing
2 25 Mbps
25 Mbps
50 Mbps
25 Mbps
Total bandwidth: 35 Mbps
10 Mbps
Application
WaaS Datacenter
Licensing Violations
• Notify administrator
• 14-day grace period
– After 14 days – configuration and reporting locked
– Protection will remain enabled
• After 28 days
– Protection disabled
– Applications continue to pass traffic
• After 42 days
– Applications cease to pass traffic
– Barracuda WAF-as-a-Service account deleted
3
WAS01001- Introducing WAF-as-a-Service
10
11
Traffic Flow
Endpoint: 198.51.100.100
DNS
badstore.cudau.org | CNAME | 203.0.113.23 198.51.100.100 Webserver PIP: 203.0.113.23
12
4
WAS01001- Introducing WAF-as-a-Service
13
Applications
Block
HTTP Backend Server
Endpoint IP
HTTPS HTTP/S IP:Port
Monitor
Application Name
Domain Name
14
Application Modes
• Block Mode – Logs and blocks the attacks
• Monitor Mode – Logs the attacks but allows traffic to pass
Attack blocked
WAFaaS
15
5
WAS01001- Introducing WAF-as-a-Service
Thank You
16