Through an "application profile," Barracuda Web Application Controllers implement a positive security model based on HTTP industry standards and best coding practices for HTML. By profiling the good application behavior, Barracuda Web Application Controllers can block any session behavior deviating from this positive security model.
The positive security model approach minimizes administrative overhead, avoiding the need to update policies when applications or Web site contents are changed. In addition, this approach does not require attack signatures or pattern-matching techniques to detect and block attacks. The positive security model is the only proven approach for delivering zero-day protection against unpublished exploits.
Defining Good Application Behavior
Administrators can enforce fine-grain security policies on particular pages or HTML elements by defining URL ACLs (Access Control Lists). While most commonly used to "whitelist" the known URLs and form parameters utilized by an application, URL ACLs can also define required authentication, for example, to restrict access by IP range or by client certificate.
Dynamic Application Profiling
By analyzing real or test traffic, Barracuda Web Application Controllers can automatically profile good application behavior and build a whitelist of URLs and form parameters. Dynamic Application Profiling enforces a positive security model with minimal administrative overhead.
Blocking Malicious Traffic
While the positive security model and application profiling deliver the highest strength security, there are also advantages to augmenting a positive security model with blocking policies on known attack patterns. Barracuda Web Application Controllers also enable administrators to define ACLs and REGEX matching rules to “blacklist” certain traffic patterns at the URL, parameter, header, and HTML elements.