With the latest version of Barracuda Web Application Firewall, version 8.0, Barracuda released support for the latest enhancements to Barracuda Control Server, its on-premises platform for central management, to further streamline the management of product updates, shared policies, and services across multiple clusters and data center locations.
Building on its support for Microsoft Azure AD, Barracuda Web Application Firewall now offers enhanced support for Security Assertion Markup Language (SAML) to enable it to work with a broader range of systems utilizing SAML, including Microsoft ADFS, Swiss ID, and more.
“As virtualization continues to foster dispersion of applications and data, we have seen our customers distribute security enforcement points across different parts of the network and across data centers,” noted Stephen Pao, GM Security, Barracuda. “While security enforcement points disperse, IT operations managers continue to express their desire to manage those dispersed enforcement points from a single pane of glass. The enhancements made to Barracuda Web Application Firewall and Barracuda Control Server came from direct customer feedback around many of these use cases.”
Streamlined Centralized Management Across Clusters and Data Centers
The latest version of Barracuda Web Application is designed to work with the latest enhancements to the Barracuda Control Server, available for on-premises deployments as a virtual appliance. The Barracuda Control Server provides a scalable, centralized console for unified management, control, and visibility across multiple Barracuda appliances and virtual appliances.
Highlights of the latest Barracuda Control Server release include:
• Service-Level Configuration Templates - Service-Level configuration templates are typically used when promoting individual services across various phases of a deployment lifecycle. For example, as an individual web application is moved through alpha, beta, stage, and production environments, configuration templates can be used to migrate settings associated with that individual application. Previously, the Barracuda Control Server supported migration of configurations at an appliance-level, not at an individual service level.
• Shared Policy Templates - Shared policy templates are used to ensure consistent security policy across multiple services within a single physical or virtual appliance configuration, as well as across appliances.
• Centralized Firmware Revision Management - Barracuda Control Server now includes an interface that can be used to centrally manage similar and disparate product revisions across a deployment. Previously, Barracuda Control Server only supported product update management at an appliance or configuration group level.
Enhanced Support for SAMLv2 Access Control
In addition to application security, the Barracuda Web Application Firewall provides a front end for access control to web applications, including single-sign on and multi-factor authentication. Last October, Barracuda announced the ability for the Barracuda Web Application to federate identity with Microsoft Azure AD, a SAML-based identity provider.
To further increase compatibility with additional SAML use cases, the latest version of Barracuda Web Application Firewall adds additional capabilities. Highlights include:
• SAML-based Conditional Access Rules - Several applications require conditional access based on certain attributes associated with the user. These attributes could be organizational - like role, group membership, or personal - like device type, age, postal code, etc. Administrators can now create such conditional access rules based on the attributes in SAML assertions from the Identity Provider (IdP). Conditional access rules can be granularly created across different security domains within the web application.
• Support for Multiple IdP - Users can now log into protected web applications through multiple trusted SAML providers. The Barracuda Web Application Firewall provides the users with IdP selection dialogs to specify their preferred IdP for authentication and assertion requests.
These new capabilities allow the Barracuda Web Application Firewall to extend beyond the simpler SAML use cases for Azure AD to support other SAML identity providers including Microsoft ADFS and Swiss ID.
Enhanced JSON Payload Inspection
Changes in web programming techniques used in cloud, SaaS, and mobile applications continue to challenge traditional service-oriented architecture (SOA) gateways and intrusion detection systems (IDS). In particular, increased use of JSON and REST based technology has changed both the usage and interaction over customarily used Hyper Text Transfer Protocol (HTTP) transactions. The latest version of Barracuda Web Application Firewall enhances its ability to secure JSON payloads, to provide comprehensive security for REST APIs and dynamic web applications.
Pricing and Availability
Barracuda Web Application Firewall version 8.0 (cuda.co/waf) is available immediately at no additional charge to existing customers on the current hardware platform with an active Energize Updates subscription. The Barracuda Web Application Firewall list price starts at $4999 USD for the appliance and list price of $1099 USD for Energize Updates. An optional Instant Replacement service featuring priority replacement of failed hardware and complimentary refresh of four-year old hardware units is available starting at list price of $1349 USD per year. International pricing and availability vary by region.
The latest version of Barracuda Control Server (cuda.co/bcs) is available immediately for on-premises virtual environments, including VMware, Microsoft Hyper-V, and Citrix XenServer, starting at US list price $7999 USD per year. Customers interested in Barracuda Control Server as a physical appliance or public cloud instance should contact Barracuda Networks for pricing and availability.
Barracuda Total Threat Protection
Barracuda Web Application Firewall and Barracuda Control Server are part of the Barracuda Total Threat Protection initiative (cuda.co/ttp), which is aimed at providing powerful, integrated security protection across multiple threat vectors at an affordable cost. Barracuda Total Threat Protection is designed to protect multiple threat vectors - including email, web applications, remote access, web browsing by network users, mobile Internet access, and network perimeters - that span private and public cloud deployments. It includes the combination of award-winning security solutions, a common management interface, a single point of support, and affordability.
About Barracuda Networks, Inc.
Barracuda (barracuda.com) provides cloud-connected security and storage solutions that simplify IT. These powerful, easy-to-use and affordable solutions are trusted by more than 150,000 organizations worldwide and are delivered in appliance, virtual appliance, cloud and hybrid deployments. Barracuda’s customer-centric business model focuses on delivering high-value, subscription-based IT solutions that provide end-to-end network and data security.
Safe Harbor Statement
This press release contains forward-looking statements, including statements regarding the benefits of the technology integration and the potential benefits and functionally of the Barracuda Web Application Firewall and the Barracuda Cloud Server. These forward-looking statements are based on current expectations and are subject to inherent uncertainties, risks and changes in circumstances that are difficult or impossible to predict.
You should not place undue reliance on these forward-looking statements because they involve known and unknown risks, uncertainties and other factors that are, in some cases, beyond the Company’s control and that could cause the Company’s results to differ materially from those expressed or implied by such forward-looking statements. Factors that could materially affect the Company’s business and financial results include, but are not limited to customer response to the Company’s products, as well as those factors set forth in the Company’s filings with the Securities and Exchange Commission. The Company expressly disclaims any intent or obligation to update the forward-looking information to reflect events that occur or circumstances that exist after the date of this press release.