WAF and Applications Security
COMPANIES of all sizes, from long-in-the-tooth to startups, are all using cloud-based web applications pretty much by default. The software-as-a-service (SaaS) model now covers everything from email & messaging to interfacing with powerful machine-learning services to find trends and crunch petabytes of data.
Companies are developing web applications to service their own needs, or as services for others to buy into. Where and how the applications are located is very important, as is ensuring that each apps’ instance is well-protected from those bodies out there who’d compromise it for personal gain.
However, astute operators are aware of the old saying warning against putting all one’s eggs in one basket.
In computing terms, not putting all one’s eggs in one basket is the utilization of a combination of cloud provisions and/or hard-metal installations. In short, apps and their data are in a variety of places: on-premises, in the public cloud (or clouds) and perhaps in private cloud(s) too.
But protecting multiple points of presence for an application can start to be complex. Web application firewalls (WAFs) are specifically designed to protect organization’s Internet-available applications (plus data, plus intellectual property) from attack, but with more than one instance where the company’s data is exposed, maintaining multiple WAFs becomes complex and time-consuming.
Step forward Barracuda, whose WAF solutions and application security products are perfectly suited to the hybrid cloud.
One product covers all nodes of an organization’s online presence – be that based on Azure, on-premises, AWS or proprietary private cloud.
Now, companies can choose to locate and move their apps wherever and whenever it suits them, according to:
-customer need – the application goes where the customers are based
-regulatory issues – local or transnational
-cost of provision
Any move or alteration in overall topology can be achieved without an associated security policy revision or reconfiguration.
By using Barracuda’s WAF and application security solutions, a business can use one set of policies which will automatically adapt whatever the platform, or locale, without further intervention.
Barracuda’s security methods combine in-line processing & threat examination, with offline processing available when necessary on Barracuda’s own scalable cloud infrastructure. The solution to any threat anywhere in the world, once isolated, is automatically propagated to all users of Barracuda’s security solutions.
Barracuda’s solutions’ malleability is such that, as situations change (for instance, at times of increased threat like during the recent Mirai botnet attacks), layers of protection can be seamlessly added to all installations of the company’s solutions worldwide, with no installation of new hardware or application of security patches by internal IT staff. All is seamlessly controlled and disseminated by, and from, Barracuda’s own security engines.
The company operates a multifaceted approach to security. Their knowledge base consists of a powerful amalgam of the following, among other resources:
-real-time examination of developing threats, by their install base’s hardware and software across the globe
-real-time examination of Barracuda’s honey-pots and internal systems
-public and private blacklists/databases of known threats
-proactively-garnered data from the company’s own white-hat security experts, plus publically available data, updated as threats arise
As an additional layer of defense, Barracuda also offer their Vulnerability Manager plus Remediation Service, which can be employed to help identify weaknesses, and configure WAFs & application security as a whole. These services offer a further level of insurance and help ensure continued function.
While many of Barracuda’s competitors happily charge along the lines of today’s cloud suppliers like AWS & Azure, that is, on a pay-as-you-use basis (time-based charging), Barracuda offers a pricing model, as an option, that reflects the specifics of the hybrid cloud application model more closely.
In addition to more commonly-seen price plans, such as yearly or per-hour billing, Barracuda’s further pricing option charges on the basis of the amount of data protected. This means that if a company truly embraces a hybrid cloud, replicating data across three, four or dozens of services, the company is charged only once. There are no high charges, therefore, for instance, for companies with vital failover clones or other forms of data replication, such as localized apps making use of a single data lake.
To learn more about the technology underpinning Barracuda’s web application firewalls and application security technologies, click here.
To contact the company and speak to a representative about how the company’s cutting-edge WAFs can protect even the most complex application install topology, click here.