Aravindan A, profile picture
Uploaded byAravindan A
PPTX, PDF228 views

Barracuda WAF deployment in AWS

This document summarizes Barracuda's Web Application Firewall solution deployed on Amazon AWS. It provides constant protection from evolving threats when deployed as a reverse proxy in front of applications. It can be deployed in AWS at different sizes depending on throughput needs. The solution offers load balancing, SSL offloading, reporting, and centralized management. It demonstrates how to set up the infrastructure in AWS across availability zones with an Elastic Load Balancer directing traffic to multiple WAF units.

Embed presentation

Downloaded 13 times
Barracuda Solutions on Amazon AWS
Barracuda Web Application Firewall Comprehensive Solution for Application Security • Providesconstantprotectionfromevolvingthreats • Scalableapplicationsecurity • Granularidentityandaccessmanagement Key Use Cases • Applicationsecurityforwebapplications • Securing& scalingelasticapplications
WAF in Public Cloud Cloud Infrastructure Public Cloud Private Cloud SaaS PaaS IaaS Barracuda WAF Servers to be secured can be in PaaS or IaaS WAF is deployed in the IaaS set up
What does it mean? The capacity is elastic
What does it mean – for the WAF? Barracuda Web Application Firewalls Barracuda Web Application Firewalls
Complete Application Protection
All-in-One-Platform Application Security Platform Deployed inreverse proxyandaugments cloudprovider application delivery&security capabilities Load Balancing & Server Health Monitoring SSL & Performance Acceleration Session Persistence Security & DDoS Protection Logging & Reporting Authentication & Access Control
Plug & Play Deployment & Management Level of Customization Custom & Positive SecurityHigh Template-Based SecurityMedium Default SecurityLow
Acceleration & Load Balancing Data Center Barracuda Web Application Firewall L4/L7LoadBalancing Applicationmonitors SSLOffloading TCPPooling HTTPCaching ContentRouting HTTPCompression RequestRateControl
Automatic Security Updates 150,000+ customers in 80+ countries sending network, web content, web application, and email security information for fast responses to emerging threats
Centralized Management Barracuda Cloud Control • ManagemultipleBarracudaproductsfromoneportal • Centralglobalpolicymanagement • Consolidatedreports • MobileApplicationforremote control • Free !
Granular Reporting Detailed logs and reports Integrated with SIEM tools • ArcSight • Splunk • RSAenVision
Barracuda WAF Advantage Constant Protection from Evolving Threats Block SQL injections, cross-site attacks, session spoofing and more Gain new capabilities to block emerging threats Prevent Data Loss Inspects outbound traffic Powerful authentication and authorization Accelerate Application Performance
Deploying on Amazon AWS
Sizing the Web Application Firewall Amazon AWS – Compute Instance Name Barracuda Web App Firewall SMALL (A1) MEDIUM (A2) LARGE (A3) EXTRA LARGE (A4) Virtual Cores 1 2 4 8 Throughput 100 Mbps 200 Mbps 400 Mbps 750 Mbps HTTP Connections/s 5,000 7,000 10,000 14,000 HTTPS Connections/s 5,000 7,000 10,000 14,000 Premium Support* Optional Optional Optional Optional * Premium Support ensures that an organization‘s network is running at its peak performance by providing the highest level of 24x7 technical support for mission-critical environments. For more information, please visit https://www.barracuda.com/support/premium.
AWS Infrastructure Demo Setup Availability Zone A Availability Zone B VPC subnet 10 Net/16 security group Traffic Flow : 1. Client sends request from Internet 2. Request reaches AWS ELB 3. ELB load balances traffic between two or more WAF Units 4. WAF will reverse proxy traffic to the backend application 5. This flow is governed by a Security group
AWS Availability Zone and ELB settings Multiple VLANs created under one VPC ELB Configuration
Web Application page after traffic is processed by WAF Use auto-generated FQDN or custom FQDN created through external DNS service such as Route53.

More Related Content

PDF
Using Istio to Secure & Monitor Your Services
byAlcide
 
PPTX
Azure network and infrastructure
byPhi Huynh
 
PPTX
Server update management optimization
byAllen Brokken
 
PPTX
Barracuda WAF Deployment in Microsoft Azure
byAravindan A
 
PDF
Demystify aws networking create your virtual network on aws
byJayDobariya6
 
PPTX
Infrastructure Provisioning & Automation For Large Enterprises
byTensult
 
PPTX
WAF CC Introduction
byAravindan A
 
PPTX
BizTalk Server 2013 in Windows Azure IaaS
byBizTalk360
 
Using Istio to Secure & Monitor Your Services
byAlcide
 
Azure network and infrastructure
byPhi Huynh
 
Server update management optimization
byAllen Brokken
 
Barracuda WAF Deployment in Microsoft Azure
byAravindan A
 
Demystify aws networking create your virtual network on aws
byJayDobariya6
 
Infrastructure Provisioning & Automation For Large Enterprises
byTensult
 
WAF CC Introduction
byAravindan A
 
BizTalk Server 2013 in Windows Azure IaaS
byBizTalk360
 

What's hot

PDF
Protección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
byPlain Concepts
 
PPTX
Azure Security Overview
byAllen Brokken
 
PPTX
Azure Security and Management
byAllen Brokken
 
PPTX
Cloudflare
byFadi Abdulwahab
 
PPTX
Server Monitoring from the Cloud
bySite24x7
 
PDF
Best Practices in Cloud Security
byAlert Logic
 
PPTX
Log Analytics by VMware Log Insight
byKiss Tibor
 
PDF
Enhanced Multisite Site Selection for Windows 10 and DirectAccess with KEMP L...
byKemp
 
PPTX
System Center 2012 for VMware Infrastructure
byBryan Dady
 
PPTX
Re-Think Veeam Availability Platform
byTanawit Chansuchai
 
PDF
Continuous Delivery, DevOps, Cloud - New Requirements for New Architectures
byEberhard Wolff
 
DOCX
Veritas certification in chennai
byTHINK IT Training
 
PDF
Codemash 2007 - Scm with subversion
byChristopher Grant
 
PDF
Protecting Against Web App Attacks
byAlert Logic
 
PPTX
Enterprise Node - Securing Your Environment
byKurtis Kemple
 
PPTX
Simplify hybrid cloud protection with veeam availability platform
byTanawit Chansuchai
 
PDF
CSF18 - Securing the Cloud - Karim El-Melhaoui
byNCCOMMS
 
PDF
Austin CSS Slalom Presentation
byAlert Logic
 
PPTX
Virtual Private Networks
byprimeteacher32
 
PDF
Hardening a SQL Server 2008 Implementation
byMark Ginnebaugh
 
Protección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
byPlain Concepts
 
Azure Security Overview
byAllen Brokken
 
Azure Security and Management
byAllen Brokken
 
Cloudflare
byFadi Abdulwahab
 
Server Monitoring from the Cloud
bySite24x7
 
Best Practices in Cloud Security
byAlert Logic
 
Log Analytics by VMware Log Insight
byKiss Tibor
 
Enhanced Multisite Site Selection for Windows 10 and DirectAccess with KEMP L...
byKemp
 
System Center 2012 for VMware Infrastructure
byBryan Dady
 
Re-Think Veeam Availability Platform
byTanawit Chansuchai
 
Continuous Delivery, DevOps, Cloud - New Requirements for New Architectures
byEberhard Wolff
 
Veritas certification in chennai
byTHINK IT Training
 
Codemash 2007 - Scm with subversion
byChristopher Grant
 
Protecting Against Web App Attacks
byAlert Logic
 
Enterprise Node - Securing Your Environment
byKurtis Kemple
 
Simplify hybrid cloud protection with veeam availability platform
byTanawit Chansuchai
 
CSF18 - Securing the Cloud - Karim El-Melhaoui
byNCCOMMS
 
Austin CSS Slalom Presentation
byAlert Logic
 
Virtual Private Networks
byprimeteacher32
 
Hardening a SQL Server 2008 Implementation
byMark Ginnebaugh
 

Similar to Barracuda WAF deployment in AWS

PDF
Markets_Cloud Web Application and API Protection.pdf
byctare2011
 
PDF
Web Application Firewall Presentation .pdf
byFerriantoSuryanto
 
PDF
Barracuda web application_firewall_wp_advantage
byINSPIRIT BRASIL
 
PPT
Barracuda Networks Overview
byAEC Networks
 
PDF
CloudGen Firewall, SD-WAN, WAF security - Protection and Performance in the C...
byDATA SECURITY SOLUTIONS
 
PDF
Why Do You Need a Web Application Firewall?
byBORNSEC CONSULTING
 
PPTX
Barracuda ng firewall
byKappa Data
 
PDF
Remote Workforces Secure by Barracuda
byPrime Infoserv
 
PDF
AWS WAF OWASP
byChris Buenaventura
 
PDF
WAF 101
byNull Bhubaneswar
 
PDF
Barracuda in Microsoft Azure
byresponsiveX
 
PPTX
The Top 11 Powerful Web Application Firewalls.pptx
byBluechipComputerSyst
 
PDF
Secure your journey to the public cloud
byBarracuda Networks Inc
 
PDF
Barracuda_NG_Firewall_Profile
byIqra Hameed
 
PDF
Barracuda_NG_Firewall_Profile
byAliza Ayub
 
PPTX
Aws meetup aws_waf
byAdam Book
 
PPTX
Automate Cloud and Application Security Deployments with Barracuda and Puppet...
byClaire Priester Papas
 
PDF
Descripcion Tecnica del Barracuda NG Firewall
byrivefapy
 
PPTX
The Power of Web Application Firewalls (WAFs) in Protecting Your Web App.pptx
byBluechipComputerSyst
 
PPTX
Api sec demo_updated_v2
byAravindan A
 
Markets_Cloud Web Application and API Protection.pdf
byctare2011
 
Web Application Firewall Presentation .pdf
byFerriantoSuryanto
 
Barracuda web application_firewall_wp_advantage
byINSPIRIT BRASIL
 
Barracuda Networks Overview
byAEC Networks
 
CloudGen Firewall, SD-WAN, WAF security - Protection and Performance in the C...
byDATA SECURITY SOLUTIONS
 
Why Do You Need a Web Application Firewall?
byBORNSEC CONSULTING
 
Barracuda ng firewall
byKappa Data
 
Remote Workforces Secure by Barracuda
byPrime Infoserv
 
AWS WAF OWASP
byChris Buenaventura
 
WAF 101
byNull Bhubaneswar
 
Barracuda in Microsoft Azure
byresponsiveX
 
The Top 11 Powerful Web Application Firewalls.pptx
byBluechipComputerSyst
 
Secure your journey to the public cloud
byBarracuda Networks Inc
 
Barracuda_NG_Firewall_Profile
byIqra Hameed
 
Barracuda_NG_Firewall_Profile
byAliza Ayub
 
Aws meetup aws_waf
byAdam Book
 
Automate Cloud and Application Security Deployments with Barracuda and Puppet...
byClaire Priester Papas
 
Descripcion Tecnica del Barracuda NG Firewall
byrivefapy
 
The Power of Web Application Firewalls (WAFs) in Protecting Your Web App.pptx
byBluechipComputerSyst
 
Api sec demo_updated_v2
byAravindan A
 

More from Aravindan A

PPTX
Advanced security in Barracuda WAF
byAravindan A
 
PPTX
WAF deployment
byAravindan A
 
PPTX
Devops
byAravindan A
 
PPTX
Advanced networking
byAravindan A
 
PPTX
Logging intro
byAravindan A
 
PPTX
Application delivery
byAravindan A
 
PPTX
Access control
byAravindan A
 
PPTX
Basic security and Barracuda VRS
byAravindan A
 
PPTX
Reporting
byAravindan A
 
PPTX
System administration
byAravindan A
 
PPTX
application security basics
byAravindan A
 
PPTX
Application delivery
byAravindan A
 
PPTX
general protocol basics
byAravindan A
 
Advanced security in Barracuda WAF
byAravindan A
 
WAF deployment
byAravindan A
 
Devops
byAravindan A
 
Advanced networking
byAravindan A
 
Logging intro
byAravindan A
 
Application delivery
byAravindan A
 
Access control
byAravindan A
 
Basic security and Barracuda VRS
byAravindan A
 
Reporting
byAravindan A
 
System administration
byAravindan A
 
application security basics
byAravindan A
 
Application delivery
byAravindan A
 
general protocol basics
byAravindan A
 

Recently uploaded

PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PDF
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
PDF
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
DOCX
Cloud Security, Serverless Security. Cybersecurity
byEdcelPacayraDuena
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
The year in review - MarvelClient in 2025
bypanagenda
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
Cloud Security, Serverless Security. Cybersecurity
byEdcelPacayraDuena
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 

Barracuda WAF deployment in AWS

  • 1.
  • 3.
    Barracuda Web ApplicationFirewall Comprehensive Solution for Application Security • Providesconstantprotectionfromevolvingthreats • Scalableapplicationsecurity • Granularidentityandaccessmanagement Key Use Cases • Applicationsecurityforwebapplications • Securing& scalingelasticapplications
  • 4.
    WAF in PublicCloud Cloud Infrastructure Public Cloud Private Cloud SaaS PaaS IaaS Barracuda WAF Servers to be secured can be in PaaS or IaaS WAF is deployed in the IaaS set up
  • 5.
    What does itmean? The capacity is elastic
  • 6.
    What does itmean – for the WAF? Barracuda Web Application Firewalls Barracuda Web Application Firewalls
  • 7.
  • 8.
    All-in-One-Platform Application SecurityPlatform Deployed inreverse proxyandaugments cloudprovider application delivery&security capabilities Load Balancing & Server Health Monitoring SSL & Performance Acceleration Session Persistence Security & DDoS Protection Logging & Reporting Authentication & Access Control
  • 9.
    Plug & PlayDeployment & Management Level of Customization Custom & Positive SecurityHigh Template-Based SecurityMedium Default SecurityLow
  • 10.
    Acceleration & LoadBalancing Data Center Barracuda Web Application Firewall L4/L7LoadBalancing Applicationmonitors SSLOffloading TCPPooling HTTPCaching ContentRouting HTTPCompression RequestRateControl
  • 11.
    Automatic Security Updates 150,000+customers in 80+ countries sending network, web content, web application, and email security information for fast responses to emerging threats
  • 12.
    Centralized Management Barracuda CloudControl • ManagemultipleBarracudaproductsfromoneportal • Centralglobalpolicymanagement • Consolidatedreports • MobileApplicationforremote control • Free !
  • 13.
    Granular Reporting Detailed logsand reports Integrated with SIEM tools • ArcSight • Splunk • RSAenVision
  • 14.
    Barracuda WAF Advantage ConstantProtection from Evolving Threats Block SQL injections, cross-site attacks, session spoofing and more Gain new capabilities to block emerging threats Prevent Data Loss Inspects outbound traffic Powerful authentication and authorization Accelerate Application Performance
  • 15.
  • 16.
    Sizing the WebApplication Firewall Amazon AWS – Compute Instance Name Barracuda Web App Firewall SMALL (A1) MEDIUM (A2) LARGE (A3) EXTRA LARGE (A4) Virtual Cores 1 2 4 8 Throughput 100 Mbps 200 Mbps 400 Mbps 750 Mbps HTTP Connections/s 5,000 7,000 10,000 14,000 HTTPS Connections/s 5,000 7,000 10,000 14,000 Premium Support* Optional Optional Optional Optional * Premium Support ensures that an organization‘s network is running at its peak performance by providing the highest level of 24x7 technical support for mission-critical environments. For more information, please visit https://www.barracuda.com/support/premium.
  • 17.
    AWS Infrastructure DemoSetup Availability Zone A Availability Zone B VPC subnet 10 Net/16 security group Traffic Flow : 1. Client sends request from Internet 2. Request reaches AWS ELB 3. ELB load balances traffic between two or more WAF Units 4. WAF will reverse proxy traffic to the backend application 5. This flow is governed by a Security group
  • 18.
    AWS Availability Zoneand ELB settings Multiple VLANs created under one VPC ELB Configuration
  • 19.
    Web Application pageafter traffic is processed by WAF Use auto-generated FQDN or custom FQDN created through external DNS service such as Route53.

Editor's Notes

  • #6 Note for presenter : Click once to show – scale up – Click again to show – scale down Description : As the traffic to the web site grows, administrators can bring up additional instances of their application servers and when the traffic goes down they can shut down the additional instances. This is one of the most powerful capability of the cloud deployments – that is – scale the size based on traffic requirements.
  • #7 Note for presenter – Default -- Case 1 : WAF has to work in the Azure / AWS cloud – there are integration points that need to be handled like – system-ip is allocated by DHCP and not from consconf Click 1 -- Case 2 : Servers added to existing WAF in the cloud – requires API of the WAF Click 2 -- Case 3 : WAF may also be added to the cloud load balancer to handle more traffic – requires auto provisioning / spin up of WAF VM