Securing Applications and Workloads in Microsoft Azure with the Barracuda CloudGen WAF

Download PDF

Today, cloud computing has become a “must-have” to a majority of the enterprise IT community, for reasons ranging from economic gains to technology benefits. But one of the major concerns carrying over from traditional IT—data and application security—has not changed, and requires the same diligence in the cloud as with on-premises solutions.

Typically, whatever threats you face in your physical data center will be present in a virtualized one. Thus, as you extend your applications to the cloud, you are also extending your notions of identity, network and access control, information protection, and endpoint security.

While Microsoft Azure is built on top of the same secure infrastructure as Bing, Microsoft.com, and Office 365, Microsoft Azure cannot block a poorly-designed web application from running on a VM, regardless of the security risks it might pose. With hundreds of lines of code to check—and vulnerabilities often subtle and hard to find—a serious data breach is often the first sign that a web application has problems.

Fortunately, the Barracuda CloudGen WAF for Microsoft Azure fills the functional gaps between cloud infrastructure security and a defense-in-depth strategy required to securely migrate applications to Microsoft Azure. It is the first integrated, fully scalable CloudGen WAF on Microsoft Azure.

Having secured thousands of production applications against more than 11 billion attacks since 2008, Barracuda web application firewall technology is the ideal solution for organizations looking to protect web applications or workloads deployed in Microsoft Azure. With predefined security templates and load balancing built in, companies of all sizes can enjoy total application security with no need to learn, configure, and manage complex technology.

Complete Application Security for Web Applications Deployed in Microsoft Azure

Advantage

  • OWASP Top 10 Protection
  • Advanced DDoS Protection
  • Application Cloaking
  • Geo-IP Control
  • Botnet Detection
  • Data Loss Prevention
  • Integration with Azure AD using SAML 2.0

Multi-Tier Architecture Security Enforcement

Advantage

  • Centralized Management and Administration
  • Automatic Configuration Sync across WAF clusters
  • Dynamically Registers Servers as you Scale

Publishing SharePoint in Microsoft Azure

Advantage

  • Granular Identity Management
  • Client Access Control
  • Pre-built Security Templates for SharePoint
  • Application Security

About TINA (Transport Independent Network Architecture)

Due to the limitations that come with standard IPsec connections, Barracuda Networks created several powerful extensions to standard IPsec tunnel management. This core of the CloudGen VPN engine is called TINA (Transport Independent Network Architecture).

The TINA protocol allows use of TCP, UDP, and ESP for high speed VPN connections which improves the VPN connectivity substantially by adding:

  • Endpoint-to-Endpoint (not network-to-network) connectivity
  • NAT friendliness
  • Multiple physical transport paths for a logical tunnel
  • Multiple tunnels between two locations
  • HTTPS and SOCKS4/5 proxy compatibility
  • Dynamic Address Support
  • Tunnel heartbeat monitoring