Scribd Logo
Upload

Welcome to Scribd!

  • 50 views

    Was01001 - Introducing Waf-As-A-Service - Slide Deck

    Uploaded by

    fidel
    This document introduces Barracuda's WAF-as-a-Service product. It provides an overview of the service's key features like advanced bot protection, application security, and proactive defense capabilities. It also covers licensing details such as pricing based on number of applications and bandwidth. The traffic flow section illustrates how traffic is routed through the WAFaaS before reaching customer applications. Finally, it explains the different application modes of block and monitor that control whether attacks are logged only or blocked.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Was01001 - Introducing Waf-As-A-Service - Slide Deck

    Uploaded by

    fidel
    50 views6 pages
    This document introduces Barracuda's WAF-as-a-Service product. It provides an overview of the service's key features like advanced bot protection, application security, and proactive defense capabilities. It also covers licensing details such as pricing based on number of applications and bandwidth. The traffic flow section illustrates how traffic is routed through the WAFaaS before reaching customer applications. Finally, it explains the different application modes of block and monitor that control whether attacks are logged only or blocked.

    Original Description:

    Original Title

    was01001-_introducing_waf-as-a-service_-_slide_deck

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document introduces Barracuda's WAF-as-a-Service product. It provides an overview of the service's key features like advanced bot protection, application security, and proactive defense capabilities. It also covers licensing details such as pricing based on number of applications and bandwidth. The traffic flow section illustrates how traffic is routed through the WAFaaS before reaching customer applications. Finally, it explains the different application modes of block and monitor that control whether attacks are logged only or blocked.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    50 views6 pages

    Was01001 - Introducing Waf-As-A-Service - Slide Deck

    Uploaded by

    fidel
    This document introduces Barracuda's WAF-as-a-Service product. It provides an overview of the service's key features like advanced bot protection, application security, and proactive defense capabilities. It also covers licensing details such as pricing based on number of applications and bandwidth. The traffic flow section illustrates how traffic is routed through the WAFaaS before reaching customer applications. Finally, it explains the different application modes of block and monitor that control whether attacks are logged only or blocked.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 6

    WAS01001- Introducing WAF-as-a-Service

    Barracuda WAF-as-a-Service
    WAS01 – Barracuda WAF-as-a-Service Foundation

    WAS01001- Introducing WAF-as-a-Service


    WAFaaS Overview

    Agenda
    • Overview
    • Licensing
    • Traffic Flow
    • Application & Application Modes

    1
    WAS01001- Introducing WAF-as-a-Service

    Overview
    Data Theft Protection
    Credit Card Numbers
    Social Security Numbers
    Advanced Bot Protection
    Custom Patterns
    Google reCaptcha
    Blacklists
    Credential Stuffing Protection Proactive Defense
    Application Cloaking
    Geo-IP Control
    Comprehensive Application Security
    OWASP Top-10 Attacks
    Application DDOS Webservice Protection
    JSON Security

    Server
    Internet Barracuda
    WAF-as-a-Service

    ...as-a-Service
    WAF On-Prem CloudGen WAF (IaaS) WAF-as-a-Service
    You
    You

    Barracuda
    You

    Cloud Provider

    WAS01001 – Introducing WAF-as-a-Service


    Licensing

    2
    WAS01001- Introducing WAF-as-a-Service

    Licensing

    • Advanced Bot Protection


    • Advanced Threat
    Protection
    • Premium Support
    Number of Bandwidth Add-Ons per
    Applications Account

    Applications Bandwidth Add-Ons

    2 25 Mbps

    4 100 Mbps ABP 100 Mbps

    Licensing – Bandwidth Calculation


    • Combined "clean" throughput across all applications

    DDoS Protection Service

    25 Mbps
    50 Mbps

    25 Mbps
    Total bandwidth: 35 Mbps
    10 Mbps
    Application

    WaaS Datacenter

    Licensing Violations
    • Notify administrator
    • 14-day grace period
    – After 14 days – configuration and reporting locked
    – Protection will remain enabled
    • After 28 days
    – Protection disabled
    – Applications continue to pass traffic
    • After 42 days
    – Applications cease to pass traffic
    – Barracuda WAF-as-a-Service account deleted

    3
    WAS01001- Introducing WAF-as-a-Service

    WAS01001 – Introducing WAF-as-a-Service


    Traffic Flow

    10

    Traffic Flow before WAF-as-a-Service


    DNS
    badstore.cudau.org | CNAME | 203.0.113.23

    GET /index.html HTTP/1.1


    Host: badstore.cudau.org

    Users HTTP/1.1 200 OK


    Badstore
    Content-Type: text/html Web Server

    Webserver PIP: 203.0.113.23

    11

    Traffic Flow

    Endpoint: 198.51.100.100

    GET /index.html HTTP/1.1 GET /index.html HTTP/1.1


    Host: badstore.cudau.org Application Host: badstore.cudau.org

    HTTP/1.1 200 OK HTTP/1.1 200 OK


    Users Badstore
    Content-Type: text/html Content-Type: text/html
    Web Server
    WAFaaS

    DNS
    badstore.cudau.org | CNAME | 203.0.113.23 198.51.100.100 Webserver PIP: 203.0.113.23

    12

    4
    WAS01001- Introducing WAF-as-a-Service

    WAS01001- Introducing WAF-as-a-Service


    Applications & Application Modes

    13

    Applications

    Block
    HTTP Backend Server
    Endpoint IP
    HTTPS HTTP/S IP:Port
    Monitor
    Application Name
    Domain Name

    14

    Application Modes
    • Block Mode – Logs and blocks the attacks
    • Monitor Mode – Logs the attacks but allows traffic to pass

    Attack blocked

    Attack 1 App_A (Block)


    Logs

    Attack 2 App_B (Monitor) Attack 2


    Attacker
    Web Server

    WAFaaS

    15

    5
    WAS01001- Introducing WAF-as-a-Service

    Thank You

    16

    You might also like