1 / 11

Beyond PCI-DSS Barracuda Web Application Firewall

Beyond PCI-DSS Barracuda Web Application Firewall. Gautam Aggarwal Vice President, Product Marketing. Barracuda Networks Corporate Overview. Business Focus. Network Security, Content Security, Application Delivery and Data Protection solutions

selia
Download Presentation

Beyond PCI-DSS Barracuda Web Application Firewall

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Beyond PCI-DSS • Barracuda Web Application Firewall • GautamAggarwal • Vice President, Product Marketing

  2. Barracuda Networks Corporate Overview Business Focus • Network Security, Content Security, Application Delivery and Data Protection solutions • Appliance, Virtual Appliance and Cloud delivery • Volume sales to midmarket; strategic sales to enterprise Market Leadership • More than 150,000 corporate subscribers • Distribution in over 80countries worldwide • Content security appliance volume leader (IDC) • Strategic wins in Web application firewall, next generation firewall and cloud Web security lines Corporate Basics • Over 800 employees worldwide • Headquarters in Silicon Valley – Campbell, CA • Investment by Sequoia Capital and Francisco Partners • Rapid top-line profitable growth and strong cash flow

  3. Banking Financial Services & Insurance (BFSI) • Application Security Heritage • Application security focused since 1999 (as part of Netcontinuum) • Web Application Security Magic Quadrant “Visionary” since 2003 • Currently in Gartner’s ADC Magic Quadrant 2010 • Large Financial Services Footprint • JP Morgan, UBS, Morgan Stanley, HSBC, RBS, Citibank, and many other multinational banks • 300+ Retail Banking & Financial customers in N. America alone • Extensive India Experience • BFSI: Aviva Life Insurance, Dhanlakshmi Bank, Bharat Bank, Andra Bank, Murugappa Group, Axis Bank • Other: NIC, Brahmos, AICTE, Hyundai, Tirupathi Temple and many more • Worldwide WAF center of excellence in Bengaluru

  4. The Perfect Cyber Crime Infect Users Attack Applications Destroy Data

  5. Application Security Trends in APAC • Mobile device adoption accelerating migration to web • Proliferation of smartphones & tablets have forced enterprise to migrate faster to web • However enterprises are focusing on functionality and time-to-market but not security • Increased application layer attacks have forced enterprises to rethink security • 47% of worldwide attack traffic originate from Asia.1 • India, China, Indonesia, Myammar, & Taiwan are all in the Top 10. 1 • SQL Injection & Cross-Site Scripting (XSS) are consistently the top attack methodologies • APAC enterprises are responding by adopting WAFs • APAC saw a growth of 22.6% Growth YoY in 2011.2 • Japan, S. Korea have the highest market share of WAF. 2 • China & ANZ have the fastest WAF growth rate. 2 • India is starting to adopt WAF technology, particularly in BFSI industries Source: 1. Akamai State of the Internet 2011 2. Frost & Sullivan WAF Market Analysis

  6. Barracuda Enables PCI-DSS Compliance • ICSA Labs tested & certified for PCI-DSS compliance • FIPS 140-2 Certified Crypto Hardware

  7. Reverse Proxy a Must for BFSI Non-proxy WAFs expose server operating systems and TCP stacks directly to the Internet YES • Proxy-based WAFs are more secure: • Traffic Rewrite – Non-proxies cannot control and re-write traffic • Cloaking – Non-proxies do not Cloak • SSL – Non-proxies’ SSL is VERY slow • Cookie security – Non-proxies do not protect against ID theft • Botnet Protection – Non-proxies do not protect against DoS • Authentication and Authorization – Non-proxies cannot do AAA • Data Theft Protection – Non-proxies cannot mask outbound data • Response time acceleration – Non-proxies cannot accelerate NO

  8. Solution: Layer 7 Web Application Firewall Inbound inspection for Layer 7 attacks Outbound inspection to protect against data theft Servers • Barracuda Web Application Firewall • Based on reverse proxy technology • Has bi-directional content inspection and security • As a reverse proxy, it can load balance and accelerate application delivery

  9. Attack Protection & Data Loss Prevention • Attack protection • SQL Injection • XSS injection • CSRF • Command injection • Data theft protection • Credit Card, Aadhaar (UID), custom patterns • Web site cloaking • Integrated anti-virus • Session protection • Cookie encryption • Parameter tampering protection • Brute Force Protection • DoS Protection • IP Reputation Blocking • Blocking by Geo IP • Anonymous Proxy Blocking • XML Firewall • XML-based attacks • XML Schema enforcement • Web Services security • SIEM Integration • Armored Browser Integration

  10. Integration with Mobility Solutions • Armored Browser • Extends protection to the client • Enforce server access only by armored browser • Prevents Man-in-the-Browser (MITB) attacks • Barracuda Safe Browser (BSB) • Outbound Content Security for mobile devices • Same level of security on or off network • Prevents infections on mobile phones and laptops that can lead to Man-in-the-Browser (MITB) attacks

  11. Reverse Proxy Web Application Firewalls SSL Accelerators Load Balancing Caching Access Control Security Consolidate Disparate Appliances in the DMZ Perimeter Delivered as Hardware or VM Servers • Reduces Management Complexity • Decreases Risk of Security Misconfiguration

More Related