Automated botnet attacks have recently gained notoriety for targeting major banks and web platforms like WordPress. While the overall number of attacks has stayed consistent, the dramatic increase in the ferocity and duration of these attacks demonstrates the need to deploy advanced protection.
Barracuda Web Application Firewall provides advanced DDoS protection that spans the network and application layer. It has the ability to control traffic based on geographic regions, IP addresses, and client types, allowing administrators to throttle or block malicious requests. With the new version, Barracuda has added several significant new capabilities designed to secure applications against advanced DDoS attacks:
· Enhanced Botnet Identification through Barracuda IP Reputation – With hundreds of thousands of security devices spanning all major security vectors including network, web, and email traffic, Barracuda IP Reputation provides an extensive
categorisation of infected computers, zombies, and/or botnets. The integration of Barracuda IP Reputation with Barracuda Web Application Firewall enables administrators to identify and thwart botnets attempting DDoS attacks.
Client Fingerprinting – Using techniques such as injecting JavaScript challenges in website responses, Barracuda Web Application Firewall can distinguish botnets from human users and block malicious requests from botnets.
· Automated CAPTCHA Challenges – Barracuda Web Application Firewall can automatically insert CAPTCHA challenges to suspicious clients without requiring any changes to the application.
· New Client Browser Control – The latest generation of Web browsers have implemented stricter security controls to prevent malicious javascripts, drive-by-downloads or other Web attacks targeted at users. With the new firmware, Barracuda Web Application Firewall now has the ability to set client browser behaviour to reduce the risk of client attacks.
“Securing applications against automated attacks can be tedious when done manually,” said Steve Pao, GM Security at Barracuda Networks. “With the Barracuda Web Application Firewall, protections can be implemented operationally without coding changes, avoiding the costs and risks often associated with those types of changes.”
In addition to these advanced security capabilities, a number of management and performance enhancements have been added to the firmware release, including:
· Increased throughput up to 4Gbps on Barracuda Web Application Firewall models 960 and higher on the current hardware platform
· Integration with the Kerberos security protocol for single sign-on across disparate backend Web services
· Support for Certificate Revocation Lists (CRLs) for enhanced SSL certificate management