Web application security, simplified:
Barracuda WAF-as-a-Service for AWS
Barracuda’s most popular solution for AWS is also available in an easily-consumed Software-as-a-Service format. Barracuda WAF-as-a-Service runs in the public cloud and takes advantage of local cloud regions to maintain data residency, resiliency, and performance. Better still, WAF-as-a-Service is pre-configured with a standard rule-set that applies to most situations, so you can deploy WAF-as-a-Service with just a few clicks.
Barracuda WAF-as-a-Service offers purpose-built, comprehensive protection for web apps and APIs with multi-cloud protection and simple licensing.
Because WAF-as-a-Service is based on Barracuda’s popular WAF code base, it includes the same capability to modify, augment, and apply different rule-sets for specific customer and application requirements. It retains the Barracuda WAF reverse-proxy architecture so traffic is inspected in both directions, meaning data loss can be detected and prevented in outgoing traffic.
The service also includes comprehensive application DDoS protection along with strong authentication and access control capabilities for restricting access to sensitive applications and data. Optional Advanced Bot Protection also protects your network against today’s most sophisticated and evasive “low-and-slow” bots, with minimal impact on legitimate human traffic.
The Barracuda Advantage
Features | Barracuda WAF-as-a-Service | AWS WAF |
---|---|---|
Web application security
|
[Limited]
|
|
OWASP Top 10 web app risk protection
|
[Limited]
|
|
Smart signatures
|
||
Granular policy enforcement down to the parameter level
|
||
Customizable rulesets
|
[Limited]
|
|
Zero-day attack protection
|
[Limited]
|
|
API protection
|
[Limited]
|
|
OWASP Top 10 API risk protection
|
[Limited]
|
|
JSON security
|
[Limited]
|
|
XML security
|
||
API discovery
|
||
Bot protection
|
[Limited]
|
|
Web scraping protection including known bot database
|
[Limited]
|
|
Advanced Bot Protection with cloud-based machine learning
|
||
Credential stuffing and spraying protection
|
||
CAPTCHA support
|
||
Client-side protection
|
||
Virtual patching with Barracuda Vulnerability Manager and other application scanners
|
||
File upload protection
|
||
Auto-configuration engine
|