The Barracuda Web Application Firewall protects Web applications and Web services from malicious attacks. The Barracuda Application Gateway also increases the performance and scalability of these applications. Barracuda Web Application Controllers offer every capability needed to deliver, secure, accelerate and manage enterprise Web applications from a single appliance through an intuitive, real-time user interface.

• Single point of protection for inbound and outbound traffic for all Web applications
• Protects Web sites and Web applications against application layer attacks
• Delivers best practices security right out of the box
• Monitors traffic and provides reports about attackers and attack attempts

Comprehensive Web Site Protection
Barracuda Web Application Controllers, including both the Barracuda Web Application Firewall and Barracuda Application Gateway, provide award-winning protection from all common attacks on Web applications, including SQL injections, cross-site scripting attacks, session tampering and buffer overflows.

Almost all applications are vulnerable to such attacks because application developers do not consistently employ strict secure coding practices. Barracuda Web Application Controllers are designed to combat all attack types that have been categorized as significant threats, including:

• Cross Site Scripting (XSS)
• SQL injection flaws
• OS command injections
• Site reconnaissance
• Session hijacking
• Application denial of service
• Malicious probes/crawlers
• Cookie/session tampering
• Path traversal
• Header tampering
• Information leakage

A Single Solution to a Multifaceted Problem
Online Web-based applications are increasingly at risk from professional hackers who target such applications in order to commit data theft or fraud. Being compromised can damage an enterprise’s reputation, result in loss of customers and impact the organization’s bottom line.

In addition, companies that transact online are faced with a host of growing industry regulations such as the Payment Card Industry Data Security Standard (PCI DSS), which mandates that all enterprise and Web applications handling credit card and account information must undergo an extensive and costly audit of custom application code. The alternative to satisfy PCI DSS compliance is simply installing a Web application firewall.

The combination of these factors along with banking industry PCI DSS compliance concerns, creates demand for a more technologically and cost-effective risk protection solution for online Web applications.

Backed by the worldwide leader in email and Web security appliances, Barracuda Web Application Controllers will continue to dominate the market by breaking technology barriers.