Scribd
Upload
105 views

Was01001 - Introducing Waf-As-A-Service - Slide Deck

This document introduces Barracuda's WAF-as-a-Service product. It provides an overview of the service's key features like advanced bot protection, application security, and proactive defense capabilities. It also covers licensing details such as pricing based on number of applications and bandwidth. The traffic flow section illustrates how traffic is routed through the WAFaaS before reaching customer applications. Finally, it explains the different application modes of block and monitor that control whether attacks are logged only or blocked.

Uploaded by

fidel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
105 views

Was01001 - Introducing Waf-As-A-Service - Slide Deck

This document introduces Barracuda's WAF-as-a-Service product. It provides an overview of the service's key features like advanced bot protection, application security, and proactive defense capabilities. It also covers licensing details such as pricing based on number of applications and bandwidth. The traffic flow section illustrates how traffic is routed through the WAFaaS before reaching customer applications. Finally, it explains the different application modes of block and monitor that control whether attacks are logged only or blocked.

Uploaded by

fidel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

WAS01001- Introducing WAF-as-a-Service

Barracuda WAF-as-a-Service
WAS01 – Barracuda WAF-as-a-Service Foundation

WAS01001- Introducing WAF-as-a-Service


WAFaaS Overview

Agenda
• Overview
• Licensing
• Traffic Flow
• Application & Application Modes

1
WAS01001- Introducing WAF-as-a-Service

Overview
Data Theft Protection
Credit Card Numbers
Social Security Numbers
Advanced Bot Protection
Custom Patterns
Google reCaptcha
Blacklists
Credential Stuffing Protection Proactive Defense
Application Cloaking
Geo-IP Control
Comprehensive Application Security
OWASP Top-10 Attacks
Application DDOS Webservice Protection
JSON Security

Server
Internet Barracuda
WAF-as-a-Service

...as-a-Service
WAF On-Prem CloudGen WAF (IaaS) WAF-as-a-Service
You
You

Barracuda
You

Cloud Provider

WAS01001 – Introducing WAF-as-a-Service


Licensing

2
WAS01001- Introducing WAF-as-a-Service

Licensing

• Advanced Bot Protection


• Advanced Threat
Protection
• Premium Support
Number of Bandwidth Add-Ons per
Applications Account

Applications Bandwidth Add-Ons

2 25 Mbps

4 100 Mbps ABP 100 Mbps

Licensing – Bandwidth Calculation


• Combined "clean" throughput across all applications

DDoS Protection Service

25 Mbps
50 Mbps

25 Mbps
Total bandwidth: 35 Mbps
10 Mbps
Application

WaaS Datacenter

Licensing Violations
• Notify administrator
• 14-day grace period
– After 14 days – configuration and reporting locked
– Protection will remain enabled
• After 28 days
– Protection disabled
– Applications continue to pass traffic
• After 42 days
– Applications cease to pass traffic
– Barracuda WAF-as-a-Service account deleted

3
WAS01001- Introducing WAF-as-a-Service

WAS01001 – Introducing WAF-as-a-Service


Traffic Flow

10

Traffic Flow before WAF-as-a-Service


DNS
badstore.cudau.org | CNAME | 203.0.113.23

GET /index.html HTTP/1.1


Host: badstore.cudau.org

Users HTTP/1.1 200 OK


Badstore
Content-Type: text/html Web Server

Webserver PIP: 203.0.113.23

11

Traffic Flow

Endpoint: 198.51.100.100

GET /index.html HTTP/1.1 GET /index.html HTTP/1.1


Host: badstore.cudau.org Application Host: badstore.cudau.org

HTTP/1.1 200 OK HTTP/1.1 200 OK


Users Badstore
Content-Type: text/html Content-Type: text/html
Web Server
WAFaaS

DNS
badstore.cudau.org | CNAME | 203.0.113.23 198.51.100.100 Webserver PIP: 203.0.113.23

12

4
WAS01001- Introducing WAF-as-a-Service

WAS01001- Introducing WAF-as-a-Service


Applications & Application Modes

13

Applications

Block
HTTP Backend Server
Endpoint IP
HTTPS HTTP/S IP:Port
Monitor
Application Name
Domain Name

14

Application Modes
• Block Mode – Logs and blocks the attacks
• Monitor Mode – Logs the attacks but allows traffic to pass

Attack blocked

Attack 1 App_A (Block)


Logs

Attack 2 App_B (Monitor) Attack 2


Attacker
Web Server

WAFaaS

15

5
WAS01001- Introducing WAF-as-a-Service

Thank You

16

You might also like